-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
MDEV-11004: Unable to start (Segfault or os error 2) when encryption …
…key missing Two problems: (1) When pushing warning to sql-layer we need to check that thd != NULL to avoid NULL-pointer reference. (2) At tablespace key rotation if used key_id is not found from encryption plugin tablespace should not be rotated.
- Loading branch information
Jan Lindström
committed
Oct 29, 2016
1 parent
bc32372
commit 885577f
Showing
10 changed files
with
211 additions
and
44 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
call mtr.add_suppression("InnoDB: Block in space_id .* in file test/.* encrypted"); | ||
call mtr.add_suppression("InnoDB: However key management plugin or used key_id .* is not found or used encryption algorithm or method does not match."); | ||
call mtr.add_suppression("InnoDB: Marking tablespace as missing. You may drop this table or install correct key management plugin and key file."); | ||
|
||
# Start server with keys2.txt | ||
CREATE TABLE t1(a int not null primary key auto_increment, b varchar(128)) engine=innodb ENCRYPTED=YES ENCRYPTION_KEY_ID=19; | ||
CREATE TABLE t2(a int not null primary key auto_increment, b varchar(128)) engine=innodb ENCRYPTED=YES ENCRYPTION_KEY_ID=1; | ||
CREATE TABLE t3(a int not null primary key auto_increment, b varchar(128)) engine=innodb ENCRYPTED=NO; | ||
INSERT INTO t1(b) VALUES ('thisissecredmessage'); | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t2 SELECT * FROM t1; | ||
INSERT INTO t3 SELECT * FROM t1; | ||
|
||
# Restart server with keys3.txt | ||
set global innodb_encryption_rotate_key_age = 1; | ||
use test; | ||
CREATE TABLE t4(a int not null primary key auto_increment, b varchar(128)) engine=innodb ENCRYPTED=YES ENCRYPTION_KEY_ID=1; | ||
SELECT SLEEP(5); | ||
SLEEP(5) | ||
0 | ||
SELECT COUNT(1) FROM t3; | ||
COUNT(1) | ||
2048 | ||
SELECT COUNT(1) FROM t2; | ||
COUNT(1) | ||
2048 | ||
SELECT COUNT(1) FROM t2,t1 where t2.a = t1.a; | ||
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB | ||
SELECT COUNT(1) FROM t1 where b = 'ab'; | ||
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB | ||
SELECT COUNT(1) FROM t1; | ||
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB | ||
|
||
# Start server with keys2.txt | ||
SELECT COUNT(1) FROM t1; | ||
COUNT(1) | ||
2048 | ||
SELECT COUNT(1) FROM t2; | ||
COUNT(1) | ||
2048 | ||
SELECT COUNT(1) FROM t3; | ||
COUNT(1) | ||
2048 | ||
DROP TABLE t1, t2, t3; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
--innodb-encrypt-tables | ||
--innodb-encryption-rotate-key-age=15 | ||
--innodb-encryption-threads=4 | ||
--innodb-tablespaces-encryption | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
--source include/have_innodb.inc | ||
-- source include/have_file_key_management_plugin.inc | ||
# embedded does not support restart | ||
-- source include/not_embedded.inc | ||
-- source include/not_valgrind.inc | ||
# Avoid CrashReporter popup on Mac | ||
-- source include/not_crashrep.inc | ||
|
||
# | ||
# MDEV-11004: Unable to start (Segfault or os error 2) when encryption key missing | ||
# | ||
call mtr.add_suppression("InnoDB: Block in space_id .* in file test/.* encrypted"); | ||
call mtr.add_suppression("InnoDB: However key management plugin or used key_id .* is not found or used encryption algorithm or method does not match."); | ||
call mtr.add_suppression("InnoDB: Marking tablespace as missing. You may drop this table or install correct key management plugin and key file."); | ||
|
||
--echo | ||
--echo # Start server with keys2.txt | ||
-- let $restart_parameters=--file-key-management-filename=$MYSQL_TEST_DIR/std_data/keys2.txt | ||
-- source include/restart_mysqld.inc | ||
|
||
CREATE TABLE t1(a int not null primary key auto_increment, b varchar(128)) engine=innodb ENCRYPTED=YES ENCRYPTION_KEY_ID=19; | ||
CREATE TABLE t2(a int not null primary key auto_increment, b varchar(128)) engine=innodb ENCRYPTED=YES ENCRYPTION_KEY_ID=1; | ||
CREATE TABLE t3(a int not null primary key auto_increment, b varchar(128)) engine=innodb ENCRYPTED=NO; | ||
INSERT INTO t1(b) VALUES ('thisissecredmessage'); | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t1(b) SELECT b FROM t1; | ||
INSERT INTO t2 SELECT * FROM t1; | ||
INSERT INTO t3 SELECT * FROM t1; | ||
|
||
--echo | ||
--echo # Restart server with keys3.txt | ||
-- let $restart_parameters=--file-key-management-filename=$MYSQL_TEST_DIR/std_data/keys3.txt | ||
-- source include/restart_mysqld.inc | ||
|
||
set global innodb_encryption_rotate_key_age = 1; | ||
use test; | ||
CREATE TABLE t4(a int not null primary key auto_increment, b varchar(128)) engine=innodb ENCRYPTED=YES ENCRYPTION_KEY_ID=1; | ||
SELECT SLEEP(5); | ||
SELECT COUNT(1) FROM t3; | ||
SELECT COUNT(1) FROM t2; | ||
--error 1296 | ||
SELECT COUNT(1) FROM t2,t1 where t2.a = t1.a; | ||
--error 1296 | ||
SELECT COUNT(1) FROM t1 where b = 'ab'; | ||
--error 1296 | ||
SELECT COUNT(1) FROM t1; | ||
|
||
--echo | ||
--echo # Start server with keys2.txt | ||
-- let $restart_parameters=--file-key-management-filename=$MYSQL_TEST_DIR/std_data/keys2.txt | ||
-- source include/restart_mysqld.inc | ||
|
||
SELECT COUNT(1) FROM t1; | ||
SELECT COUNT(1) FROM t2; | ||
SELECT COUNT(1) FROM t3; | ||
|
||
DROP TABLE t1, t2, t3; | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.