derekjones
diff --git a/‎include/mysql/plugin_keyring.h‎
Lines changed: 1 addition & 1 deletion b/‎include/mysql/plugin_keyring.h‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎include/mysql/plugin_keyring.h.pp‎
Lines changed: 1 addition & 1 deletion b/‎include/mysql/plugin_keyring.h.pp‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎libmysqld/lib_sql.cc‎
Lines changed: 1 addition & 1 deletion b/‎libmysqld/lib_sql.cc‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎packaging/rpm-oel/mysql.spec.in‎
Lines changed: 5 additions & 0 deletions b/‎packaging/rpm-oel/mysql.spec.in‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎packaging/rpm-sles/mysql.spec.in‎
Lines changed: 5 additions & 0 deletions b/‎packaging/rpm-sles/mysql.spec.in‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎plugin/keyring/buffered_file_io.cc‎
Lines changed: 3 additions & 1 deletion b/‎plugin/keyring/buffered_file_io.cc‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎plugin/keyring/buffered_file_io.h‎
Lines changed: 2 additions & 1 deletion b/‎plugin/keyring/buffered_file_io.h‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎plugin/keyring/i_keyring_io.h‎
Lines changed: 8 additions & 1 deletion b/‎plugin/keyring/i_keyring_io.h‎
Lines changed: 8 additions & 1 deletion
diff --git a/‎plugin/keyring/keyring.cc‎
Lines changed: 98 additions & 29 deletions b/‎plugin/keyring/keyring.cc‎
Lines changed: 98 additions & 29 deletions
diff --git a/‎plugin/keyring/keyring.h‎
Lines changed: 56 additions & 17 deletions b/‎plugin/keyring/keyring.h‎
Lines changed: 56 additions & 17 deletions
@@ -28,7 +28,7 @@
   st_mysql_plugin.
 */
 
-struct st_mysql_keyring_file
+struct st_mysql_keyring
 {
   int interface_version;
   /*!
 
@@ -111,7 +111,7 @@
 void *thd_get_ha_data(const void* thd, const struct handlerton *hton);
 void thd_set_ha_data(void* thd, const struct handlerton *hton,
                      const void *ha_data);
-struct st_mysql_keyring_file
+struct st_mysql_keyring
 {
   int interface_version;
   my_bool (*mysql_key_store)(const char *key_id, const char *key_type,
 
@@ -610,7 +610,7 @@ int init_embedded_server(int argc, char **argv, char **groups)
     Each server should have one UUID. We will create it automatically, if it
     does not exist.
    */
-  if (!opt_bootstrap && init_server_auto_options())
+  if (!opt_bootstrap && init_server_auto_options(false))
   {
     mysql_server_end();
     return 1;
 
@@ -828,12 +828,14 @@ fi
 %if 0%{?commercial}
 %attr(755, root, root) %{_libdir}/mysql/plugin/audit_log.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/authentication_pam.so
+%attr(755, root, root) %{_libdir}/mysql/plugin/keyring_okv.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/thread_pool.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/openssl_udf.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/firewall.so
 %attr(644, root, root) %{_datadir}/mysql/linux_install_firewall.sql
 %attr(755, root, root) %{_libdir}/mysql/plugin/debug/audit_log.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/debug/authentication_pam.so
+%attr(755, root, root) %{_libdir}/mysql/plugin/debug/keyring_okv.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/debug/thread_pool.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/debug/openssl_udf.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/debug/firewall.so
@@ -1060,6 +1062,9 @@ fi
 %endif
 
 %changelog
+* Fri Feb 5 2016 Balasubramanian Kandasamy <[email protected]> - 5.7.12-1
+- Add keyring_okv.so plugin to commercial server subpackage
+
 * Mon Jan 4 2016 Balasubramanian Kandasamy <[email protected]> - 5.7.11-1
 - Include mysql-keyring directory
 - Provide keyring_file.so plugin
 
@@ -652,12 +652,14 @@ fi
 %if 0%{?commercial}
 %attr(755, root, root) %{_libdir}/mysql/plugin/audit_log.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/authentication_pam.so
+%attr(755, root, root) %{_libdir}/mysql/plugin/keyring_okv.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/thread_pool.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/openssl_udf.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/firewall.so
 %attr(644, root, root) %{_datadir}/mysql/linux_install_firewall.sql
 %attr(755, root, root) %{_libdir}/mysql/plugin/debug/audit_log.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/debug/authentication_pam.so
+%attr(755, root, root) %{_libdir}/mysql/plugin/debug/keyring_okv.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/debug/thread_pool.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/debug/openssl_udf.so
 %attr(755, root, root) %{_libdir}/mysql/plugin/debug/firewall.so
@@ -868,6 +870,9 @@ fi
 %attr(755, root, root) %{_libdir}/mysql/libmysqld.so
 
 %changelog
+* Fri Feb 5 2016 Balasubramanian Kandasamy <[email protected]> - 5.7.12-1
+- Add keyring_okv.so plugin to commercial server subpackage
+
 * Mon Jan 4 2016 Balasubramanian Kandasamy <[email protected]> - 5.7.11-1
 - Include mysql-keyring directory
 - Provide keyring_file.so plugin
 
@@ -208,7 +208,9 @@ my_bool Buffered_file_io::remove_backup()
   return remove(get_backup_filename()->c_str()) == 0 ? FALSE : TRUE;
 }
 
-my_bool Buffered_file_io::flush_to_keyring()
+
+my_bool Buffered_file_io::flush_to_keyring(IKey *key /*=NULL*/__attribute__((unused)),
+                                           Flush_operation operation /*= STORE_KEY*/__attribute__((unused)))
 {
   return flush_to_file(&keyring_file_data_key, &keyring_filename);
 }
 
@@ -42,7 +42,8 @@ class Buffered_file_io : public IKeyring_io
   void reserve_buffer(size_t memory_size);
   my_bool close();
   my_bool flush_to_backup();
-  my_bool flush_to_keyring();
+  /* Both attributes are unused */
+  my_bool flush_to_keyring(IKey *key = NULL, Flush_operation operation = STORE_KEY);
   /**
    * Writes key into the buffer
    * @param key the key to be written to the buffer
 
@@ -21,6 +21,13 @@
 
 namespace keyring {
 
+enum Flush_operation
+{
+  STORE_KEY,
+  REMOVE_KEY,
+  FULL
+};
+
 class IKeyring_io : public Keyring_alloc
 {
 public:
@@ -29,7 +36,7 @@ class IKeyring_io : public Keyring_alloc
   virtual void reserve_buffer(size_t memory_size)= 0;
   virtual my_bool close()= 0;
   virtual my_bool flush_to_backup()= 0;
-  virtual my_bool flush_to_keyring()= 0;
+  virtual my_bool flush_to_keyring(IKey *key = NULL, Flush_operation operation= STORE_KEY)= 0;
   virtual my_bool operator<< (const IKey* key)= 0;
   virtual my_bool operator>> (IKey* key)= 0;
 
 
@@ -23,14 +23,69 @@
 #define MYSQL_DEFAULT_KEYRINGFILE MYSQL_KEYRINGDIR"/keyring"
 #endif
 
-static int check_keyring_file_data(MYSQL_THD thd  __attribute__((unused)),
-                    struct st_mysql_sys_var *var  __attribute__((unused)),
-                    void *save, st_mysql_value *value)
+my_bool create_keyring_dir_if_does_not_exist(const char *keyring_file_path)
 {
-  Buffered_file_io keyring_io(logger.get());
+  if (!keyring_file_path || strlen(keyring_file_path) == 0)
+    return TRUE;
+  char keyring_dir[FN_REFLEN];
+  size_t keyring_dir_length;
+  dirname_part(keyring_dir, keyring_file_path, &keyring_dir_length);
+  if (keyring_dir_length > 1 && (keyring_dir[keyring_dir_length-1] == FN_LIBCHAR ||
+                                 keyring_dir[keyring_dir_length-1] == FN_LIBCHAR2) )
+  {
+    keyring_dir[keyring_dir_length-1]= '\0';
+    --keyring_dir_length;
+  }
+  int flags=
+#ifdef _WIN32
+    0
+#else
+    S_IRWXU | S_IRGRP | S_IXGRP
+#endif
+    ;
+  if (strlen(keyring_dir) == 0)
+    return TRUE;
+  my_mkdir(keyring_dir, flags, MYF(0));
+  return FALSE;
+}
 
+int check_keyring_file_data(MYSQL_THD thd  __attribute__((unused)),
+                            struct st_mysql_sys_var *var  __attribute__((unused)),
+                            void *save, st_mysql_value *value)
+{
+  char            buff[FN_REFLEN+1];
+  const char      *keyring_filename;
+  int             len = sizeof(buff);
+  Buffered_file_io keyring_io(logger.get());
   boost::movelib::unique_ptr<IKeys_container> new_keys(new Keys_container(logger.get()));
-  return check_keyring_file_data(&keyring_io, ::boost::move(new_keys), thd, var, save, value);
+
+  (*(const char **) save)= NULL;
+  keyring_filename= value->val_str(value, buff, &len);
+  mysql_rwlock_wrlock(&LOCK_keyring);
+  if (create_keyring_dir_if_does_not_exist(keyring_filename))
+  {
+    mysql_rwlock_unlock(&LOCK_keyring);
+    logger->log(MY_ERROR_LEVEL, "keyring_file_data cannot be set to new value"
+      " as the keyring file cannot be created/accessed in the provided path");
+    return 1;
+  }
+  try
+  {
+    if (new_keys->init(&keyring_io, keyring_filename))
+    {
+      mysql_rwlock_unlock(&LOCK_keyring);
+      return 1;
+    }
+    *reinterpret_cast<IKeys_container **>(save)= new_keys.get();
+    new_keys.release();
+    mysql_rwlock_unlock(&LOCK_keyring);
+  }
+  catch (...)
+  {
+    mysql_rwlock_unlock(&LOCK_keyring);
+    return 1;
+  }
+  return(0);
 }
 
 static char *keyring_file_data_value= NULL;
@@ -44,7 +99,7 @@ static MYSQL_SYSVAR_STR(
   MYSQL_DEFAULT_KEYRINGFILE                                    /* default    */
 );
 
-static struct st_mysql_sys_var *keyring_system_variables[]= {
+static struct st_mysql_sys_var *keyring_file_system_variables[]= {
   MYSQL_SYSVAR(data),
   NULL
 };
@@ -85,55 +140,69 @@ static int keyring_init(MYSQL_PLUGIN plugin_info)
   }
   catch (...)
   {
+    if (logger != NULL)
+      logger->log(MY_ERROR_LEVEL, "keyring_file initialization failure due to internal"
+                                  " exception inside the plugin");
     return TRUE;
   }
 }
 
+int keyring_deinit(void *arg __attribute__((unused)))
+{
+  //not taking a lock here as the calls to keyring_deinit are serialized by
+  //the plugin framework
+  keys.reset();
+  logger.reset();
+  keyring_file_data.reset();
+  mysql_rwlock_destroy(&LOCK_keyring);
+  return 0;
+}
+
+my_bool mysql_key_fetch(const char *key_id, char **key_type, const char *user_id,
+                        void **key, size_t *key_len)
+{
+  return mysql_key_fetch<Buffered_file_io, Key>(key_id, key_type, user_id, key,
+                                                key_len);
+}
+
 my_bool mysql_key_store(const char *key_id, const char *key_type,
                         const char *user_id, const void *key, size_t key_len)
 {
-  try
-  {
-    Buffered_file_io keyring_io(logger.get());
-    return mysql_key_store(&keyring_io, key_id, key_type, user_id, key,
-                           key_len);
-  }
-  catch (...)
-  {
-    return TRUE;
-  }
+  return mysql_key_store<Buffered_file_io, Key>(key_id, key_type, user_id, key,
+                                                key_len);
 }
 
 my_bool mysql_key_remove(const char *key_id, const char *user_id)
 {
-  try
-  {
-    Buffered_file_io keyring_io(logger.get());
-    return mysql_key_remove(&keyring_io, key_id, user_id);
-  }
-  catch (...)
-  {
-    return TRUE;
-  }
+  return mysql_key_remove<Buffered_file_io, Key>(key_id, user_id);
 }
 
+
 my_bool mysql_key_generate(const char *key_id, const char *key_type,
                            const char *user_id, size_t key_len)
 {
   try
   {
     Buffered_file_io keyring_io(logger.get());
-    return mysql_key_generate(&keyring_io, key_id, key_type, user_id, key_len);
+    boost::movelib::unique_ptr<IKey> key_candidate(new Key(key_id, key_type, user_id, NULL, 0));
+
+    boost::movelib::unique_ptr<uchar[]> key(new uchar[key_len]);
+    if (is_keys_container_initialized == FALSE || check_key_for_writting(key_candidate.get(), "generating") ||
+        my_rand_buffer(key.get(), key_len))
+      return TRUE;
+
+    return mysql_key_store(key_id, key_type, user_id, key.get(), key_len) == TRUE;
   }
   catch (...)
   {
+    if (logger != NULL)
+      logger->log(MY_ERROR_LEVEL, "Failed to generate a key due to internal exception inside keyring_file plugin");
     return TRUE;
   }
-
 }
 
 /* Plugin type-specific descriptor */
-static struct st_mysql_keyring_file keyring_descriptor=
+static struct st_mysql_keyring keyring_descriptor=
 {
   MYSQL_KEYRING_INTERFACE_VERSION,
   mysql_key_store,
@@ -154,7 +223,7 @@ mysql_declare_plugin(keyring_file)
   keyring_deinit,                                         /*   deinit function (when unloaded) */
   0x0100,                                                 /*   version                         */
   NULL,                                                   /*   status variables                */
-  keyring_system_variables,                               /*   system variables                */
+  keyring_file_system_variables,                          /*   system variables                */
   NULL,
   0,
 }
 
@@ -44,33 +44,72 @@ void keyring_init_psi_keys(void);
 
 my_bool init_keyring_locks();
 
-my_bool create_keyring_dir_if_does_not_exist(const char *keyring_file_path);
-
-int check_keyring_file_data(IKeyring_io* keyring_io, boost::movelib::unique_ptr<IKeys_container> new_keys,
-                            MYSQL_THD thd  __attribute__((unused)),
-                            struct st_mysql_sys_var *var  __attribute__((unused)),
-                            void *save, st_mysql_value *value);
-
 void update_keyring_file_data(MYSQL_THD thd  __attribute__((unused)),
                               struct st_mysql_sys_var *var  __attribute__((unused)),
                               void *var_ptr __attribute__((unused)),
                               const void *save_ptr);
 
-my_bool mysql_key_store(IKeyring_io *keyring_io, const char *key_id,
-                        const char *key_type, const char *user_id,
-                        const void *key, size_t key_len);
+my_bool mysql_key_fetch(boost::movelib::unique_ptr<IKey> key_to_fetch, char **key_type,
+                        void **key, size_t *key_len);
+
+my_bool mysql_key_store(IKeyring_io *keyring_io,
+                        boost::movelib::unique_ptr<IKey> key_to_store);
 
+my_bool mysql_key_remove(IKeyring_io *keyring_io,
+                         boost::movelib::unique_ptr<IKey> key_to_remove);
 
-my_bool mysql_key_remove(IKeyring_io *keyring_io, const char *key_id,
-                         const char *user_id);
+my_bool check_key_for_writting(IKey* key, std::string error_for);
 
+template <typename T, typename U>
 my_bool mysql_key_fetch(const char *key_id, char **key_type, const char *user_id,
-                        void **key, size_t *key_len);
+                        void **key, size_t *key_len)
+{
+  try
+  {
+    boost::movelib::unique_ptr<IKey> key_to_fetch(new U(key_id, NULL, user_id, NULL, 0));
+    return mysql_key_fetch(::boost::move(key_to_fetch), key_type, key, key_len);
+  }
+  catch (...)
+  {
+    if (logger != NULL)
+      logger->log(MY_ERROR_LEVEL, "Failed to fetch a key due to internal exception inside keyring_okv plugin");
+    return TRUE;
+  }
+}
 
-my_bool mysql_key_generate(IKeyring_io* keyring_io, const char *key_id,
-                           const char *key_type, const char *user_id,
-                           size_t key_len);
+template <typename T, typename U>
+my_bool mysql_key_store(const char *key_id, const char *key_type,
+                        const char *user_id, const void *key, size_t key_len)
+{
+  try
+  {
+    T keyring_io(logger.get());
+    boost::movelib::unique_ptr<IKey> key_to_store(new U(key_id, key_type, user_id, key, key_len));
+    return mysql_key_store(&keyring_io, ::boost::move(key_to_store));
+  }
+  catch (...)
+  {
+    if (logger != NULL)
+      logger->log(MY_ERROR_LEVEL, "Failed to store a key due to internal exception inside keyring_okv plugin");
+    return TRUE;
+  }
+}
 
-int keyring_deinit(void *arg __attribute__((unused)));
+template <typename T, typename U>
+my_bool mysql_key_remove(const char *key_id, const char *user_id)
+{
+  try
+  {
+    T keyring_io(logger.get());
+    boost::movelib::unique_ptr<IKey> key_to_remove(new U(key_id, NULL, user_id, NULL, 0));
+    return mysql_key_remove(&keyring_io, ::boost::move(key_to_remove));
+  }
+  catch (...)
+  {
+    if (logger != NULL)
+      logger->log(MY_ERROR_LEVEL, "Failed to remove a key due to internal exception inside keyring_okv plugin");
+    return TRUE;
+  }
+}
 
 #endif //MYSQL_KEYRING_H
Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,7 @@`
`28`	`28`	`st_mysql_plugin.`
`29`	`29`	`*/`
`30`	`30`
`31`		`-struct st_mysql_keyring_file`
	`31`	`+struct st_mysql_keyring`
`32`	`32`	`{`
`33`	`33`	`int interface_version;`
`34`	`34`	`/*!`
Original file line number	Diff line number	Diff line change
`@@ -111,7 +111,7 @@`
`111`	`111`	`void thd_get_ha_data(const void thd, const struct handlerton *hton);`
`112`	`112`	`void thd_set_ha_data(void* thd, const struct handlerton *hton,`
`113`	`113`	`const void *ha_data);`
`114`		`-struct st_mysql_keyring_file`
	`114`	`+struct st_mysql_keyring`
`115`	`115`	`{`
`116`	`116`	`int interface_version;`
`117`	`117`	`my_bool (mysql_key_store)(const char key_id, const char *key_type,`
Original file line number	Diff line number	Diff line change
`@@ -610,7 +610,7 @@ int init_embedded_server(int argc, char argv, char groups)`
`610`	`610`	`Each server should have one UUID. We will create it automatically, if it`
`611`	`611`	`does not exist.`
`612`	`612`	`*/`
`613`		`- if (!opt_bootstrap && init_server_auto_options())`
	`613`	`+ if (!opt_bootstrap && init_server_auto_options(false))`
`614`	`614`	`{`
`615`	`615`	`mysql_server_end();`
`616`	`616`	`return 1;`
Original file line number	Diff line number	Diff line change
`@@ -208,7 +208,9 @@ my_bool Buffered_file_io::remove_backup()`
`208`	`208`	`return remove(get_backup_filename()->c_str()) == 0 ? FALSE : TRUE;`
`209`	`209`	`}`
`210`	`210`
`211`		`-my_bool Buffered_file_io::flush_to_keyring()`
	`211`	`+`
	`212`	`+my_bool Buffered_file_io::flush_to_keyring(IKey key /=NULL*/__attribute__((unused)),`
	`213`	`+ Flush_operation operation /= STORE_KEY/__attribute__((unused)))`
`212`	`214`	`{`
`213`	`215`	`return flush_to_file(&keyring_file_data_key, &keyring_filename);`
`214`	`216`	`}`