Merge branch 'mysql-8.0' into mysql-trunk

weigon · weigon · commit 07da2e198bfa · 2023-07-28T18:31:27.000+02:00
Change-Id: I372535645d5a08d6d653b160756454c26c499e4d
diff --git a/router/src/harness/src/keyring/keyring_manager.cc b/router/src/harness/src/keyring/keyring_manager.cc
@@ -32,6 +32,7 @@
 #include "dim.h"
 #include "keyring/keyring_file.h"
 #include "keyring/master_key_file.h"
+#include "mysql/harness/filesystem.h"
 #include "random_generator.h"
 
 /*
@@ -96,40 +97,53 @@ static std::pair<std::string, std::string> get_master_key(
     if (e.code() != std::errc::no_such_file_or_directory || !create_if_needed) {
       throw;
     }
-  }
 
-  std::string master_key;
-  // get the key for the keyring from the master key file, decrypting it with
-  // the scramble
-  if (!master_scramble.empty()) {
-    try {
-      // look up for the master_key for this given keyring file
-      master_key = mkf.get(keyring_file_path, master_scramble);
-    } catch (const std::out_of_range &) {
-      // missing key will be handled further down
-    }
+    return {};
   }
 
+  // look up for the master_key for this given keyring file
+  std::string master_key =
+      mkf.get(mysql_harness::Path(keyring_file_path).real_path().str(),
+              master_scramble);
+
+  // if there is no master key for the "read-path' based keyring path, try to
+  // lookup via the path itself.
   if (master_key.empty()) {
-    if (!create_if_needed)
-      throw std::runtime_error("Master key for keyring at '" +
-                               keyring_file_path + "' could not be read");
-    // if the master key doesn't exist anywhere yet, generate one and store it
-    mysql_harness::RandomGeneratorInterface &rg =
-        mysql_harness::DIM::instance().get_RandomGenerator();
-    master_key = rg.generate_strong_password(kKeyLength);
-    // scramble to encrypt the master key with, which should be stored in the
-    // keyring
+    master_key = mkf.get(keyring_file_path, master_scramble);
+  }
+
+  return {master_key, master_scramble};
+}
+
+static std::pair<std::string, std::string> create_initial_keyring_pair(
+    MasterKeyFile &mkf, const std::string &keyring_file_path,
+    std::string master_scramble) {
+  // if the master key doesn't exist anywhere yet, generate one and store it
+  mysql_harness::RandomGeneratorInterface &rg =
+      mysql_harness::DIM::instance().get_RandomGenerator();
+  std::string master_key = rg.generate_strong_password(kKeyLength);
+
+  // scramble to encrypt the master key with, which should be stored in the
+  // keyring
+  if (master_scramble.empty()) {
     master_scramble = rg.generate_strong_password(kKeyLength);
-    mkf.add(keyring_file_path, master_key, master_scramble);
+
+    KeyringFile kf;
+    kf.set_header(master_scramble);
+    kf.save(keyring_file_path, master_key);
   }
-  return std::make_pair(master_key, master_scramble);
+
+  // use the real-path to store/lookup the keyring
+  mkf.add(mysql_harness::Path(keyring_file_path).real_path().str(), master_key,
+          master_scramble);
+
+  mkf.save();
+
+  return {master_key, master_scramble};
 }
 
 bool init_keyring(const std::string &keyring_file_path,
                   const std::string &master_key_path, bool create_if_needed) {
-  std::string master_key;
-  std::string master_scramble;
   MasterKeyFile mkf(master_key_path);
 
   try {
@@ -142,30 +156,40 @@ bool init_keyring(const std::string &keyring_file_path,
   }
 
   // throws std::runtime_error (anything else?)
-  std::tie(master_key, master_scramble) =
+  auto [master_key, master_scramble] =
       get_master_key(mkf, keyring_file_path, create_if_needed);
 
-  bool existed =
-      init_keyring_with_key(keyring_file_path, master_key, create_if_needed);
-  if (create_if_needed && !existed) {
-    g_keyring->set_header(master_scramble);
-    flush_keyring();
+  // if there is a master-scramble, the
+  const bool keyring_existed{!master_scramble.empty()};
+
+  if (master_key.empty()) {
+    if (!create_if_needed) {
+      throw std::runtime_error("Master key for keyring at '" +
+                               keyring_file_path + "' could not be read");
+    }
+
     try {
-      mkf.save();
+      std::tie(master_key, master_scramble) =
+          create_initial_keyring_pair(mkf, keyring_file_path, master_scramble);
     } catch (const std::system_error &e) {
       throw std::system_error(
           e.code(), "Unable to save master key to " + master_key_path);
     }
   }
-  return existed;
+
+  // load the keyring.
+  init_keyring_with_key(keyring_file_path, master_key, false);
+
+  return keyring_existed;
 }
 
 bool init_keyring_with_key(const std::string &keyring_file_path,
                            const std::string &master_key,
                            bool create_if_needed) {
   if (g_keyring) throw std::logic_error("Keyring already initialized");
   bool existed = false;
-  std::unique_ptr<KeyringFile> key_store(new KeyringFile());
+
+  auto key_store = std::make_unique<KeyringFile>();
   try {
     key_store->load(keyring_file_path, master_key);
     existed = true;
diff --git a/router/src/harness/tests/test_keyring_manager.cc b/router/src/harness/tests/test_keyring_manager.cc
@@ -392,6 +392,38 @@ TEST(KeyringManager, regression) {
   mysql_harness::reset_keyring();
 }
 
+#ifndef _WIN32
+TEST(KeyringManager, symlink_dir) {
+  SCOPED_TRACE("// prepare symlinked directory");
+  TempDirectory tmpdir;
+
+  auto subdir = mysql_harness::Path(tmpdir.name()).join("subdir").str();
+  auto symlinkdir = mysql_harness::Path(tmpdir.name()).join("symlink").str();
+  ASSERT_EQ(mysql_harness::mkdir(subdir, 0700), 0);
+  ASSERT_EQ(symlink(subdir.c_str(), symlinkdir.c_str()), 0);
+
+  auto keyring = symlinkdir + "/keyring";
+  auto masterring = symlinkdir + "/keyfile";
+
+  SCOPED_TRACE("// create the encrypted keyring.");
+  EXPECT_FALSE(mysql_harness::init_keyring(keyring, masterring, true));
+  mysql_harness::reset_keyring();
+
+  SCOPED_TRACE("// try to open it again, via the symlink dir.");
+  EXPECT_TRUE(mysql_harness::init_keyring(keyring, masterring, false));
+  mysql_harness::reset_keyring();
+
+  SCOPED_TRACE("// try to open it again, via the real dir.");
+  EXPECT_TRUE(
+      mysql_harness::init_keyring(subdir + "/keyring", masterring, false));
+  mysql_harness::reset_keyring();
+
+  SCOPED_TRACE("// try to open it again, via the real dir.");
+  EXPECT_TRUE(mysql_harness::init_keyring(subdir + "/keyring",
+                                          subdir + "/keyfile", false));
+}
+#endif
+
 int main(int argc, char **argv) {
   ::testing::InitGoogleTest(&argc, argv);
   return RUN_ALL_TESTS();
diff --git a/router/tests/component/test_bootstrap.cc b/router/tests/component/test_bootstrap.cc
@@ -29,6 +29,7 @@
 
 #include <fstream>
 #include <string>
+#include <system_error>
 
 #include <gmock/gmock-matchers.h>
 #include <gtest/gtest.h>
@@ -61,6 +62,7 @@
 #include "script_generator.h"
 #include "socket_operations.h"
 #include "tcp_port_pool.h"
+#include "test/temp_directory.h"
 
 /**
  * @file
@@ -74,6 +76,59 @@ using mysqlrouter::ClusterType;
 // for the test with no param
 class RouterBootstrapTest : public RouterComponentBootstrapTest {};
 
+#ifndef _WIN32
+// needs symlink()
+TEST_F(RouterBootstrapTest, bootstrap_and_run_from_symlinked_dir) {
+  RecordProperty("Description",
+                 "Bootstrap into a symlinked directory and check that the "
+                 "router can run from that directory.");
+  const auto server_port = port_pool_.get_next_available();
+  const auto server_x_port = port_pool_.get_next_available();
+  const auto http_port = port_pool_.get_next_available();
+
+  std::vector<Config> config{
+      {"127.0.0.1", server_port, http_port,
+       get_data_dir().join("bootstrap_gr.js").str()},
+  };
+
+  SCOPED_TRACE("// prepare symlinked directory");
+  TempDirectory tmpdir;
+
+  auto subdir = mysql_harness::Path(tmpdir.name()).join("subdir").str();
+  auto symlinkdir = mysql_harness::Path(tmpdir.name()).join("symlink").str();
+  ASSERT_EQ(mysql_harness::mkdir(subdir, 0700), 0);
+  ASSERT_EQ(symlink(subdir.c_str(), symlinkdir.c_str()), 0);
+
+  // point the bootstrap at the symlink dir.
+  bootstrap_dir.reset(symlinkdir);
+
+  SCOPED_TRACE("// bootstrap into the symlink dir");
+  ASSERT_NO_FATAL_FAILURE(bootstrap_failover(
+      config, ClusterType::GR_V2, {}, EXIT_SUCCESS, {}, 30s, {2, 0, 3},
+      {
+          "--conf-set-option=DEFAULT.plugin_folder=" +
+              mysql_harness::get_plugin_dir(get_origin().str()),
+          "--conf-set-option=DEFAULT.logging_folder=" + get_logging_dir().str(),
+          "--conf-set-option=DEFAULT.keyring_path=" + symlinkdir +
+              "/data/keyring",
+      }));
+
+  SCOPED_TRACE("// launch mock-server for router");
+  const std::string runtime_json_stmts =
+      get_data_dir().join("metadata_dynamic_nodes_v2_gr.js").str();
+
+  // launch mock server that is our metadata server
+  launch_mysql_server_mock(runtime_json_stmts, server_port, EXIT_SUCCESS, false,
+                           http_port);
+  set_mock_metadata(http_port, "cluster-specific-id",
+                    {GRNode{server_port, "uuid-1"}}, 0,
+                    {ClusterNode{server_port, "uuid-1", server_x_port}});
+
+  SCOPED_TRACE("// launch router with bootstrapped config");
+  launch_router({"-c", bootstrap_dir.name() + "/mysqlrouter.conf"});
+}
+#endif
+
 struct BootstrapTestParam {
   ClusterType cluster_type;
   std::string description;
