file_key_management plugin: complain if key id 1 is not found

vuvova · vuvova · commit 487e5f45908c · 2015-06-02T19:00:23.000+02:00
and don't recommend aes_ctr if it's unavailable
diff --git a/mysql-test/suite/encryption/r/filekeys_syntax.result b/mysql-test/suite/encryption/r/filekeys_syntax.result
@@ -127,3 +127,23 @@ ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
 select plugin_status from information_schema.plugins
 where plugin_name = 'file_key_management';
 plugin_status
+install soname 'file_key_management';
+ERROR HY000: System key id 1 is missing at MYSQL_TMP_DIR/keys.txt line 1, column 1
+call mtr.add_suppression("Syntax error");
+call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
+call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
+FOUND /Syntax error/ in mysqld.1.err
+create table t1(c1 bigint not null, b char(200))  engine=innodb encrypted=yes encryption_key_id=1;
+ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
+select plugin_status from information_schema.plugins
+where plugin_name = 'file_key_management';
+plugin_status
+call mtr.add_suppression("System key id 1");
+call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
+call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
+FOUND /System key id 1/ in mysqld.1.err
+create table t1(c1 bigint not null, b char(200))  engine=innodb encrypted=yes encryption_key_id=1;
+ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
+select plugin_status from information_schema.plugins
+where plugin_name = 'file_key_management';
+plugin_status
diff --git a/mysql-test/suite/encryption/t/filekeys_syntax.test b/mysql-test/suite/encryption/t/filekeys_syntax.test
@@ -94,3 +94,16 @@ install soname 'file_key_management';
 source filekeys_badtest.inc;
 let SEARCH_PATTERN=Syntax error;
 source filekeys_badtest.inc;
+#
+# no key id 1
+#
+remove_file $MYSQL_TMP_DIR/keys.txt;
+write_file $MYSQL_TMP_DIR/keys.txt;
+3;22222222222222222222222222222222
+EOF
+--replace_result $MYSQL_TMP_DIR MYSQL_TMP_DIR
+--error 2
+install soname 'file_key_management';
+source filekeys_badtest.inc;
+let SEARCH_PATTERN=System key id 1;
+source filekeys_badtest.inc;
diff --git a/plugin/file_key_management/file_key_management_plugin.cc b/plugin/file_key_management/file_key_management_plugin.cc
@@ -48,9 +48,14 @@ static MYSQL_SYSVAR_STR(filekey, filekey,
   "Key to encrypt / decrypt the keyfile.",
   NULL, NULL, "");
 
+#ifdef HAVE_EncryptAes128Ctr
+#define recommendation  ", aes_ctr is the recommended one"
+#else
+#define recommendation  ""
+#endif
 static MYSQL_SYSVAR_ENUM(encryption_algorithm, encryption_algorithm,
   PLUGIN_VAR_RQCMDARG | PLUGIN_VAR_READONLY,
-  "Encryption algorithm to use, aes_ctr is the recommended one.",
+  "Encryption algorithm to use" recommendation ".",
   NULL, NULL, 0, &encryption_algorithm_typelib);
 
 static struct st_mysql_sys_var* settings[] = {
diff --git a/plugin/file_key_management/parser.cc b/plugin/file_key_management/parser.cc
@@ -218,8 +218,14 @@ bool Parser::parse_file(Dynamic_array<keyentry> *keys, const char *secret)
   }
 
   keys->sort(sort_keys);
-
   my_free(buffer);
+
+  if (keys->at(0).id != 1)
+  {
+    report_error("System key id 1 is missing", 0);
+    return 1;
+  }
+
   return 0;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -218,8 +218,14 @@ bool Parser::parse_file(Dynamic_array<keyentry> keys, const char secret)`
`218`	`218`	`}`
`219`	`219`
`220`	`220`	`keys->sort(sort_keys);`
`221`		`-`
`222`	`221`	`my_free(buffer);`
	`222`	`+`
	`223`	`+ if (keys->at(0).id != 1)`
	`224`	`+ {`
	`225`	`+ report_error("System key id 1 is missing", 0);`
	`226`	`+ return 1;`
	`227`	`+ }`
	`228`	`+`
`223`	`229`	`return 0;`
`224`	`230`	`}`
`225`	`231`