Temporary SMIME bug enhancements for #21

cytopia · Aug 18, 2016 · e22e500 · e22e500
1 parent 8c277e7
commit e22e500
Show file tree

Hide file tree

Showing 6 changed files with 52 additions and 13 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,12 @@ Version 0.17 (unreleased)
 ------------
 
 
+Version 0.16.2
+--------------
+
+- [Fix]     Warn about SMIME bug if db size > 1200MB (https://github.com/cytopia/mysqldump-secure/issues/21)
+
+
 Version 0.16.1
 --------------
 

diff --git a/README.md b/README.md
@@ -3,13 +3,7 @@
 ----
 **ATTENTION**
 
-`WHEN USING ENCRYPTION WITH DATABASES LARGER THEN A FEW GIGABYTES, BACKUPS SEEM TO BE BROKEN.`
-
-https://github.com/cytopia/mysqldump-secure/issues/21
-
-PLEASE TURN OFF ENCRYPTION FOR LARGE DATABASES.
-
-----
+Please upgrade to the latest version in order to be notified about the [OpenSSL SMIME Bug](https://github.com/cytopia/mysqldump-secure/issues/21) in case you are affected.
 
 
 ----
@@ -90,7 +84,7 @@ See [https://travis-ci.org/cytopia/mysqldump-secure](https://travis-ci.org/cytop
 ### 2.1 Linux, BSD and OSX
 
 ```shell
-wget https://github.com/cytopia/mysqldump-secure/archive/0.16.1.tar.gz -O - | tar -xz
+wget https://github.com/cytopia/mysqldump-secure/archive/0.16.2.tar.gz -O - | tar -xz
 cd mysqldump-secure
 ./configure
 make

diff --git a/bin/mysqldump-secure b/bin/mysqldump-secure
@@ -76,8 +76,8 @@ INFO_GPGKEY="0x28BF179F"
 INFO_LICENSE="MIT"
 INFO_URL="http://mysqldump-secure.org"
 INFO_REPO="https://github.com/cytopia/mysqldump-secure"
-INFO_DATE="2016-03-21"
-INFO_VERSION="0.16.1"
+INFO_DATE="2016-08-18"
+INFO_VERSION="0.16.2"
 
 
 
@@ -4078,6 +4078,21 @@ elif [ "${ENCRYPT}" = "1" ]; then
 		exit $EXIT_ABORT
 	fi
 
+	# ENABLE_SMIME_BUG_WARNING
+	if ! set | grep '^ENABLE_SMIME_BUG_WARNING=' >/dev/null; then
+		debug "warn" "(CFG): \$ENABLE_SMIME_BUG_WARNING variable is not defined" "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
+		debug "warn" "(CFG): Setting \$ENABLE_SMIME_BUG_WARNING=1" "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
+		ENABLE_SMIME_BUG_WARNING=1
+	elif [ -z "${ENABLE_SMIME_BUG_WARNING}" ]; then
+		debug "warn" "(CFG): \$ENABLE_SMIME_BUG_WARNING variable should not be empty" "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
+		debug "warn" "(CFG): Setting \$ENABLE_SMIME_BUG_WARNING=1" "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
+		ENABLE_SMIME_BUG_WARNING=1
+	elif [ "${ENABLE_SMIME_BUG_WARNING}" != "0" ] && [ "${ENABLE_SMIME_BUG_WARNING}" != "1" ]; then
+		debug "warn" "(CFG): \$ENABLE_SMIME_BUG_WARNING variable has a wrong value: '${ENABLE_SMIME_BUG_WARNING}'" "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
+		debug "warn" "(CFG): Setting \$ENABLE_SMIME_BUG_WARNING=1" "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
+		ENABLE_SMIME_BUG_WARNING=1
+	fi
+
 	debug "info"  "(OPT): Encryption enabled" "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
 	debug "debug" "(OPT): Encryption algorithm: ${OPENSSL_ALGO_ARG}" "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
 	debug "debug" "(OPT): Encryption pub key: ${OPENSSL_PUBKEY_PEM}" "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
@@ -4725,6 +4740,19 @@ for db in ${DB_LIST_ALL}; do
 
 
 
+		##########################################################
+		# SMIME WARNING
+		# https://github.com/cytopia/mysqldump-secure/issues/21
+
+		# Warn about SMIME bug for files > 1200MB
+		SMIME_CRITICAL_SIZE_MB="12"
+		if [ "${ENCRYPT}" = "1" ] && [ "${ENABLE_SMIME_BUG_WARNING}" = "1" ] && [ "$( printf "%.0f\n" "${DB_SIZE_MB}" )" -gt "${SMIME_CRITICAL_SIZE_MB}" ]; then
+			debug "warn" "(SQL): ${_cnt} Warning:  Encryption is enabled and database size is > ${SMIME_CRITICAL_SIZE_MB} MB" "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
+			debug "warn" "(SQL): ${_cnt} Warning:  Verify that your backup can be decrypted." "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
+			debug "warn" "(SQL): ${_cnt} Warning:  This warning can be disabled via 'ENABLE_SMIME_BUG_WARNING=0'" "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
+			debug "warn" "(SQL): ${_cnt} Warning:  Read here: https://github.com/cytopia/mysqldump-secure/issues/21" "${OUT_VERBOSITY}" "${LOG_VERBOSITY}" "${LOG_FILE}"
+		fi
+
 
 		##########################################################
 		# MAKE THE BACKUPS

diff --git a/doc/INSTALL.md b/doc/INSTALL.md
@@ -42,7 +42,7 @@ brew install --HEAD cytopia/tap/mysqldump-secure
 
 **Tarball (stable)**
 ```shell
-wget https://github.com/cytopia/mysqldump-secure/archive/0.16.1.tar.gz -O - | tar -xz
+wget https://github.com/cytopia/mysqldump-secure/archive/0.16.2.tar.gz -O - | tar -xz
 cd mysqldump-secure
 ```
 **Tarball (devel)**
@@ -55,7 +55,7 @@ cd mysqldump-secure
 ```shell
 git clone https://github.com/cytopia/mysqldump-secure.git
 cd mysqldump-secure
-git checkout 0.16.1
+git checkout 0.16.2
 ```
 **Git (devel)**
 ```shell

diff --git a/etc/mysqldump-secure.conf b/etc/mysqldump-secure.conf
@@ -637,6 +637,17 @@ OPENSSL_ALGO_ARG="-aes256"
 
 
 
+# There is a Bug in OpenSSL's SMIME implementation
+# for files larger than about 1.5 GB. The final output
+# will be truncated at 1.9 GB and the file won't be able to
+# be decrypted.
+# mysqldump-secure will warn, once the database is larger than
+# 1200 MB just to make sure.
+# If you are really sure about what you are doing, you can disabled
+# this warning here.
+ENABLE_SMIME_BUG_WARNING=1
+
+
 ############################################################
 # (OPT) Automatic deletions (tmpwatch/tmpreaper)
 ############################################################

diff --git a/man/mysqldump-secure.1 b/man/mysqldump-secure.1
@@ -1,4 +1,4 @@
-.TH mysqldump-secure 1 "21 March 2016" "version 0.16.1"
+.TH mysqldump-secure 1 "18 August 2016" "version 0.16.2"
 .SH NAME
 mysqldump-secure - secure mysqldump wrapper with encryption
 .SH SYNOPSIS