rename "encryption key management plugin" to "encryption plugin"
because it's going to do more than just key management
This commit is contained in:
parent
6d3dace7d9
commit
9ccafffc29
@ -44,7 +44,7 @@ IF(CMAKE_COMPILER_IS_GNUCC AND RUN_ABI_CHECK)
|
|||||||
${CMAKE_SOURCE_DIR}/include/mysql/client_plugin.h
|
${CMAKE_SOURCE_DIR}/include/mysql/client_plugin.h
|
||||||
${CMAKE_SOURCE_DIR}/include/mysql/plugin_auth.h
|
${CMAKE_SOURCE_DIR}/include/mysql/plugin_auth.h
|
||||||
${CMAKE_SOURCE_DIR}/include/mysql/plugin_password_validation.h
|
${CMAKE_SOURCE_DIR}/include/mysql/plugin_password_validation.h
|
||||||
${CMAKE_SOURCE_DIR}/include/mysql/plugin_encryption_key_management.h
|
${CMAKE_SOURCE_DIR}/include/mysql/plugin_encryption.h
|
||||||
)
|
)
|
||||||
|
|
||||||
ADD_CUSTOM_TARGET(abi_check ALL
|
ADD_CUSTOM_TARGET(abi_check ALL
|
||||||
|
@ -92,7 +92,7 @@ typedef struct st_mysql_xid MYSQL_XID;
|
|||||||
|
|
||||||
/* MariaDB plugin types */
|
/* MariaDB plugin types */
|
||||||
#define MariaDB_PASSWORD_VALIDATION_PLUGIN 8
|
#define MariaDB_PASSWORD_VALIDATION_PLUGIN 8
|
||||||
#define MariaDB_ENCRYPTION_KEY_MANAGEMENT_PLUGIN 9
|
#define MariaDB_ENCRYPTION_PLUGIN 9
|
||||||
|
|
||||||
/* We use the following strings to define licenses for plugins */
|
/* We use the following strings to define licenses for plugins */
|
||||||
#define PLUGIN_LICENSE_PROPRIETARY 0
|
#define PLUGIN_LICENSE_PROPRIETARY 0
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
#ifndef MYSQL_PLUGIN_ENCRYPTION_KEY_MANAGEMENT_INCLUDED
|
#ifndef MYSQL_PLUGIN_ENCRYPTION_INCLUDED
|
||||||
/* Copyright (C) 2014 Sergei Golubchik and MariaDB
|
/* Copyright (C) 2014 Sergei Golubchik and MariaDB
|
||||||
|
|
||||||
This program is free software; you can redistribute it and/or modify
|
This program is free software; you can redistribute it and/or modify
|
||||||
@ -17,25 +17,25 @@
|
|||||||
/**
|
/**
|
||||||
@file
|
@file
|
||||||
|
|
||||||
Encryption key Management Plugin API.
|
Encryption Plugin API.
|
||||||
|
|
||||||
This file defines the API for server plugins that manage encryption
|
This file defines the API for server plugins that manage encryption
|
||||||
keys for MariaDB on-disk data encryption.
|
keys for MariaDB on-disk data encryption.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#define MYSQL_PLUGIN_ENCRYPTION_KEY_MANAGEMENT_INCLUDED
|
#define MYSQL_PLUGIN_ENCRYPTION_INCLUDED
|
||||||
|
|
||||||
#include <mysql/plugin.h>
|
#include <mysql/plugin.h>
|
||||||
|
|
||||||
#define MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION 0x0200
|
#define MariaDB_ENCRYPTION_INTERFACE_VERSION 0x0200
|
||||||
|
|
||||||
#define BAD_ENCRYPTION_KEY_VERSION (~(unsigned int)0)
|
#define BAD_ENCRYPTION_KEY_VERSION (~(unsigned int)0)
|
||||||
#define KEY_BUFFER_TOO_SMALL (100)
|
#define KEY_BUFFER_TOO_SMALL (100)
|
||||||
|
|
||||||
/**
|
/**
|
||||||
Encryption key management plugin descriptor
|
Encryption plugin descriptor
|
||||||
*/
|
*/
|
||||||
struct st_mariadb_encryption_key_management
|
struct st_mariadb_encryption
|
||||||
{
|
{
|
||||||
int interface_version; /**< version plugin uses */
|
int interface_version; /**< version plugin uses */
|
||||||
|
|
@ -362,7 +362,7 @@ void *thd_get_ha_data(const void* thd, const struct handlerton *hton);
|
|||||||
void thd_set_ha_data(void* thd, const struct handlerton *hton,
|
void thd_set_ha_data(void* thd, const struct handlerton *hton,
|
||||||
const void *ha_data);
|
const void *ha_data);
|
||||||
void thd_wakeup_subsequent_commits(void* thd, int wakeup_error);
|
void thd_wakeup_subsequent_commits(void* thd, int wakeup_error);
|
||||||
struct st_mariadb_encryption_key_management
|
struct st_mariadb_encryption
|
||||||
{
|
{
|
||||||
int interface_version;
|
int interface_version;
|
||||||
unsigned int (*get_latest_key_version)();
|
unsigned int (*get_latest_key_version)();
|
@ -18,7 +18,7 @@
|
|||||||
@file
|
@file
|
||||||
encryption keys service
|
encryption keys service
|
||||||
|
|
||||||
Functions to get encryption keys and IV from the encryption key management plugin
|
Functions to get encryption keys from the encryption plugin
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
|
@ -21,7 +21,7 @@ Name Status Type Library License
|
|||||||
EXAMPLE NOT INSTALLED STORAGE ENGINE ha_example.so GPL
|
EXAMPLE NOT INSTALLED STORAGE ENGINE ha_example.so GPL
|
||||||
UNUSABLE NOT INSTALLED DAEMON ha_example.so GPL
|
UNUSABLE NOT INSTALLED DAEMON ha_example.so GPL
|
||||||
daemon_example NOT INSTALLED DAEMON libdaemon_example.so GPL
|
daemon_example NOT INSTALLED DAEMON libdaemon_example.so GPL
|
||||||
example_key_management NOT INSTALLED ENCRYPTION KEY MANAGEMENT example_key_management.so GPL
|
example_key_management NOT INSTALLED ENCRYPTION example_key_management.so GPL
|
||||||
three_attempts NOT INSTALLED AUTHENTICATION dialog_examples.so GPL
|
three_attempts NOT INSTALLED AUTHENTICATION dialog_examples.so GPL
|
||||||
two_questions NOT INSTALLED AUTHENTICATION dialog_examples.so GPL
|
two_questions NOT INSTALLED AUTHENTICATION dialog_examples.so GPL
|
||||||
show status like '%libraries%';
|
show status like '%libraries%';
|
||||||
|
@ -24,7 +24,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#include <my_global.h>
|
#include <my_global.h>
|
||||||
#include <mysql/plugin_encryption_key_management.h>
|
#include <mysql/plugin_encryption.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <myisampack.h>
|
#include <myisampack.h>
|
||||||
|
|
||||||
@ -61,8 +61,8 @@ static unsigned int get_key(unsigned int version, unsigned char* dstbuf, unsigne
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
struct st_mariadb_encryption_key_management debug_key_management_plugin= {
|
struct st_mariadb_encryption debug_key_management_plugin= {
|
||||||
MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION,
|
MariaDB_ENCRYPTION_INTERFACE_VERSION,
|
||||||
get_latest_key_version,
|
get_latest_key_version,
|
||||||
get_key
|
get_key
|
||||||
};
|
};
|
||||||
@ -72,7 +72,7 @@ struct st_mariadb_encryption_key_management debug_key_management_plugin= {
|
|||||||
*/
|
*/
|
||||||
maria_declare_plugin(debug_key_management)
|
maria_declare_plugin(debug_key_management)
|
||||||
{
|
{
|
||||||
MariaDB_ENCRYPTION_KEY_MANAGEMENT_PLUGIN,
|
MariaDB_ENCRYPTION_PLUGIN,
|
||||||
&debug_key_management_plugin,
|
&debug_key_management_plugin,
|
||||||
"debug_key_management",
|
"debug_key_management",
|
||||||
"Sergei Golubchik",
|
"Sergei Golubchik",
|
||||||
|
@ -28,7 +28,7 @@
|
|||||||
#include <my_global.h>
|
#include <my_global.h>
|
||||||
#include <my_pthread.h>
|
#include <my_pthread.h>
|
||||||
#include <my_aes.h>
|
#include <my_aes.h>
|
||||||
#include <mysql/plugin_encryption_key_management.h>
|
#include <mysql/plugin_encryption.h>
|
||||||
#include <my_md5.h>
|
#include <my_md5.h>
|
||||||
#include <my_rnd.h>
|
#include <my_rnd.h>
|
||||||
#include "sql_class.h"
|
#include "sql_class.h"
|
||||||
@ -101,8 +101,8 @@ static int example_key_management_plugin_deinit(void *p)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
struct st_mariadb_encryption_key_management example_key_management_plugin= {
|
struct st_mariadb_encryption example_key_management_plugin= {
|
||||||
MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION,
|
MariaDB_ENCRYPTION_INTERFACE_VERSION,
|
||||||
get_latest_key_version,
|
get_latest_key_version,
|
||||||
get_key
|
get_key
|
||||||
};
|
};
|
||||||
@ -112,7 +112,7 @@ struct st_mariadb_encryption_key_management example_key_management_plugin= {
|
|||||||
*/
|
*/
|
||||||
maria_declare_plugin(example_key_management)
|
maria_declare_plugin(example_key_management)
|
||||||
{
|
{
|
||||||
MariaDB_ENCRYPTION_KEY_MANAGEMENT_PLUGIN,
|
MariaDB_ENCRYPTION_PLUGIN,
|
||||||
&example_key_management_plugin,
|
&example_key_management_plugin,
|
||||||
"example_key_management",
|
"example_key_management",
|
||||||
"Jonas Oreland",
|
"Jonas Oreland",
|
||||||
|
@ -16,7 +16,7 @@
|
|||||||
|
|
||||||
#include "parser.h"
|
#include "parser.h"
|
||||||
#include <mysql_version.h>
|
#include <mysql_version.h>
|
||||||
#include <mysql/plugin_encryption_key_management.h>
|
#include <mysql/plugin_encryption.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
static char* filename;
|
static char* filename;
|
||||||
@ -94,8 +94,8 @@ static int file_key_management_plugin_init(void *p)
|
|||||||
return parser.parse(&keys);
|
return parser.parse(&keys);
|
||||||
}
|
}
|
||||||
|
|
||||||
struct st_mariadb_encryption_key_management file_key_management_plugin= {
|
struct st_mariadb_encryption file_key_management_plugin= {
|
||||||
MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION,
|
MariaDB_ENCRYPTION_INTERFACE_VERSION,
|
||||||
get_highest_key_used_in_key_file,
|
get_highest_key_used_in_key_file,
|
||||||
get_key_from_key_file
|
get_key_from_key_file
|
||||||
};
|
};
|
||||||
@ -105,7 +105,7 @@ struct st_mariadb_encryption_key_management file_key_management_plugin= {
|
|||||||
*/
|
*/
|
||||||
maria_declare_plugin(file_key_management)
|
maria_declare_plugin(file_key_management)
|
||||||
{
|
{
|
||||||
MariaDB_ENCRYPTION_KEY_MANAGEMENT_PLUGIN,
|
MariaDB_ENCRYPTION_PLUGIN,
|
||||||
&file_key_management_plugin,
|
&file_key_management_plugin,
|
||||||
"file_key_management",
|
"file_key_management",
|
||||||
"Denis Endro eperi GmbH",
|
"Denis Endro eperi GmbH",
|
||||||
|
@ -1,11 +1,11 @@
|
|||||||
#include <my_global.h>
|
#include <my_global.h>
|
||||||
#include <mysql/plugin_encryption_key_management.h>
|
#include <mysql/plugin_encryption.h>
|
||||||
#include "log.h"
|
#include "log.h"
|
||||||
#include "sql_plugin.h"
|
#include "sql_plugin.h"
|
||||||
|
|
||||||
/* there can be only one encryption key management plugin enabled */
|
/* there can be only one encryption plugin enabled */
|
||||||
static plugin_ref encryption_key_manager= 0;
|
static plugin_ref encryption_key_manager= 0;
|
||||||
static struct st_mariadb_encryption_key_management *handle;
|
static struct st_mariadb_encryption *handle;
|
||||||
|
|
||||||
unsigned int get_latest_encryption_key_version()
|
unsigned int get_latest_encryption_key_version()
|
||||||
{
|
{
|
||||||
@ -34,7 +34,7 @@ uint get_encryption_key(uint version, uchar* key, uint *size)
|
|||||||
return BAD_ENCRYPTION_KEY_VERSION;
|
return BAD_ENCRYPTION_KEY_VERSION;
|
||||||
}
|
}
|
||||||
|
|
||||||
int initialize_encryption_key_management_plugin(st_plugin_int *plugin)
|
int initialize_encryption_plugin(st_plugin_int *plugin)
|
||||||
{
|
{
|
||||||
if (encryption_key_manager)
|
if (encryption_key_manager)
|
||||||
return 1;
|
return 1;
|
||||||
@ -47,12 +47,12 @@ int initialize_encryption_key_management_plugin(st_plugin_int *plugin)
|
|||||||
}
|
}
|
||||||
|
|
||||||
encryption_key_manager= plugin_lock(NULL, plugin_int_to_ref(plugin));
|
encryption_key_manager= plugin_lock(NULL, plugin_int_to_ref(plugin));
|
||||||
handle= (struct st_mariadb_encryption_key_management*)
|
handle= (struct st_mariadb_encryption*)
|
||||||
plugin->plugin->info;
|
plugin->plugin->info;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int finalize_encryption_key_management_plugin(st_plugin_int *plugin)
|
int finalize_encryption_plugin(st_plugin_int *plugin)
|
||||||
{
|
{
|
||||||
if (plugin->plugin->deinit && plugin->plugin->deinit(NULL))
|
if (plugin->plugin->deinit && plugin->plugin->deinit(NULL))
|
||||||
{
|
{
|
||||||
|
@ -37,7 +37,7 @@
|
|||||||
#include "lock.h" // MYSQL_LOCK_IGNORE_TIMEOUT
|
#include "lock.h" // MYSQL_LOCK_IGNORE_TIMEOUT
|
||||||
#include <mysql/plugin_auth.h>
|
#include <mysql/plugin_auth.h>
|
||||||
#include <mysql/plugin_password_validation.h>
|
#include <mysql/plugin_password_validation.h>
|
||||||
#include <mysql/plugin_encryption_key_management.h>
|
#include <mysql/plugin_encryption.h>
|
||||||
#include "sql_plugin_compat.h"
|
#include "sql_plugin_compat.h"
|
||||||
|
|
||||||
#define REPORT_TO_LOG 1
|
#define REPORT_TO_LOG 1
|
||||||
@ -91,7 +91,7 @@ const LEX_STRING plugin_type_names[MYSQL_MAX_PLUGIN_TYPE_NUM]=
|
|||||||
{ C_STRING_WITH_LEN("REPLICATION") },
|
{ C_STRING_WITH_LEN("REPLICATION") },
|
||||||
{ C_STRING_WITH_LEN("AUTHENTICATION") },
|
{ C_STRING_WITH_LEN("AUTHENTICATION") },
|
||||||
{ C_STRING_WITH_LEN("PASSWORD VALIDATION") },
|
{ C_STRING_WITH_LEN("PASSWORD VALIDATION") },
|
||||||
{ C_STRING_WITH_LEN("ENCRYPTION KEY MANAGEMENT") }
|
{ C_STRING_WITH_LEN("ENCRYPTION") }
|
||||||
};
|
};
|
||||||
|
|
||||||
extern int initialize_schema_table(st_plugin_int *plugin);
|
extern int initialize_schema_table(st_plugin_int *plugin);
|
||||||
@ -100,8 +100,8 @@ extern int finalize_schema_table(st_plugin_int *plugin);
|
|||||||
extern int initialize_audit_plugin(st_plugin_int *plugin);
|
extern int initialize_audit_plugin(st_plugin_int *plugin);
|
||||||
extern int finalize_audit_plugin(st_plugin_int *plugin);
|
extern int finalize_audit_plugin(st_plugin_int *plugin);
|
||||||
|
|
||||||
extern int initialize_encryption_key_management_plugin(st_plugin_int *plugin);
|
extern int initialize_encryption_plugin(st_plugin_int *plugin);
|
||||||
extern int finalize_encryption_key_management_plugin(st_plugin_int *plugin);
|
extern int finalize_encryption_plugin(st_plugin_int *plugin);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
The number of elements in both plugin_type_initialize and
|
The number of elements in both plugin_type_initialize and
|
||||||
@ -111,13 +111,13 @@ extern int finalize_encryption_key_management_plugin(st_plugin_int *plugin);
|
|||||||
plugin_type_init plugin_type_initialize[MYSQL_MAX_PLUGIN_TYPE_NUM]=
|
plugin_type_init plugin_type_initialize[MYSQL_MAX_PLUGIN_TYPE_NUM]=
|
||||||
{
|
{
|
||||||
0, ha_initialize_handlerton, 0, 0,initialize_schema_table,
|
0, ha_initialize_handlerton, 0, 0,initialize_schema_table,
|
||||||
initialize_audit_plugin, 0, 0, 0, initialize_encryption_key_management_plugin
|
initialize_audit_plugin, 0, 0, 0, initialize_encryption_plugin
|
||||||
};
|
};
|
||||||
|
|
||||||
plugin_type_init plugin_type_deinitialize[MYSQL_MAX_PLUGIN_TYPE_NUM]=
|
plugin_type_init plugin_type_deinitialize[MYSQL_MAX_PLUGIN_TYPE_NUM]=
|
||||||
{
|
{
|
||||||
0, ha_finalize_handlerton, 0, 0, finalize_schema_table,
|
0, ha_finalize_handlerton, 0, 0, finalize_schema_table,
|
||||||
finalize_audit_plugin, 0, 0, 0, finalize_encryption_key_management_plugin
|
finalize_audit_plugin, 0, 0, 0, finalize_encryption_plugin
|
||||||
};
|
};
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -128,7 +128,7 @@ plugin_type_init plugin_type_deinitialize[MYSQL_MAX_PLUGIN_TYPE_NUM]=
|
|||||||
static int plugin_type_initialization_order[MYSQL_MAX_PLUGIN_TYPE_NUM]=
|
static int plugin_type_initialization_order[MYSQL_MAX_PLUGIN_TYPE_NUM]=
|
||||||
{
|
{
|
||||||
MYSQL_DAEMON_PLUGIN,
|
MYSQL_DAEMON_PLUGIN,
|
||||||
MariaDB_ENCRYPTION_KEY_MANAGEMENT_PLUGIN,
|
MariaDB_ENCRYPTION_PLUGIN,
|
||||||
MYSQL_STORAGE_ENGINE_PLUGIN,
|
MYSQL_STORAGE_ENGINE_PLUGIN,
|
||||||
MYSQL_INFORMATION_SCHEMA_PLUGIN,
|
MYSQL_INFORMATION_SCHEMA_PLUGIN,
|
||||||
MYSQL_FTPARSER_PLUGIN,
|
MYSQL_FTPARSER_PLUGIN,
|
||||||
@ -170,7 +170,7 @@ static int min_plugin_info_interface_version[MYSQL_MAX_PLUGIN_TYPE_NUM]=
|
|||||||
MYSQL_REPLICATION_INTERFACE_VERSION,
|
MYSQL_REPLICATION_INTERFACE_VERSION,
|
||||||
MIN_AUTHENTICATION_INTERFACE_VERSION,
|
MIN_AUTHENTICATION_INTERFACE_VERSION,
|
||||||
MariaDB_PASSWORD_VALIDATION_INTERFACE_VERSION,
|
MariaDB_PASSWORD_VALIDATION_INTERFACE_VERSION,
|
||||||
MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION
|
MariaDB_ENCRYPTION_INTERFACE_VERSION
|
||||||
};
|
};
|
||||||
static int cur_plugin_info_interface_version[MYSQL_MAX_PLUGIN_TYPE_NUM]=
|
static int cur_plugin_info_interface_version[MYSQL_MAX_PLUGIN_TYPE_NUM]=
|
||||||
{
|
{
|
||||||
@ -183,7 +183,7 @@ static int cur_plugin_info_interface_version[MYSQL_MAX_PLUGIN_TYPE_NUM]=
|
|||||||
MYSQL_REPLICATION_INTERFACE_VERSION,
|
MYSQL_REPLICATION_INTERFACE_VERSION,
|
||||||
MYSQL_AUTHENTICATION_INTERFACE_VERSION,
|
MYSQL_AUTHENTICATION_INTERFACE_VERSION,
|
||||||
MariaDB_PASSWORD_VALIDATION_INTERFACE_VERSION,
|
MariaDB_PASSWORD_VALIDATION_INTERFACE_VERSION,
|
||||||
MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION
|
MariaDB_ENCRYPTION_INTERFACE_VERSION
|
||||||
};
|
};
|
||||||
|
|
||||||
static struct
|
static struct
|
||||||
|
@ -32,7 +32,7 @@ Modified Jan Lindström jan.lindstrom@mariadb.com
|
|||||||
#include "srv0start.h" // for srv_start_lsn
|
#include "srv0start.h" // for srv_start_lsn
|
||||||
#include "log0recv.h" // for recv_sys
|
#include "log0recv.h" // for recv_sys
|
||||||
|
|
||||||
#include "mysql/plugin_encryption_key_management.h" // for BAD_ENCRYPTION_KEY_VERSION
|
#include "mysql/plugin_encryption.h" // for BAD_ENCRYPTION_KEY_VERSION
|
||||||
#include "ha_prototypes.h" // IB_LOG_
|
#include "ha_prototypes.h" // IB_LOG_
|
||||||
|
|
||||||
/* If true, enable redo log encryption. */
|
/* If true, enable redo log encryption. */
|
||||||
|
@ -32,7 +32,7 @@ Modified Jan Lindström jan.lindstrom@mariadb.com
|
|||||||
#include "srv0start.h" // for srv_start_lsn
|
#include "srv0start.h" // for srv_start_lsn
|
||||||
#include "log0recv.h" // for recv_sys
|
#include "log0recv.h" // for recv_sys
|
||||||
|
|
||||||
#include "mysql/plugin_encryption_key_management.h" // for BAD_ENCRYPTION_KEY_VERSION
|
#include "mysql/plugin_encryption.h" // for BAD_ENCRYPTION_KEY_VERSION
|
||||||
#include "ha_prototypes.h" // IB_LOG_
|
#include "ha_prototypes.h" // IB_LOG_
|
||||||
|
|
||||||
/* If true, enable redo log encryption. */
|
/* If true, enable redo log encryption. */
|
||||||
|
Loading…
x
Reference in New Issue
Block a user