- 21 Dec, 2018 1 commit
-
-
Marko Mäkelä authored
When using a wrong key, all encrypted pages will look corrupted, and occasionally the test may access other pages than the clustered index root page.
-
- 20 Dec, 2018 3 commits
-
-
Vladislav Vaintroub authored
- Refactor code to isolate page validation in page_is_corrupted() function. - Introduce --extended-validation parameter(default OFF) for mariabackup --backup to enable decryption of encrypted uncompressed pages during backup. - mariabackup would still always check checksum on encrypted data, it is needed to detect partially written pages.
-
Marko Mäkelä authored
In MDEV-13103, I made a mistake in the error handling of page_compressed=1 decryption when the default innodb_compression_algorithm=zlib is used. Due to this mistake, with certain versions of zlib, MariaDB would fail to detect a corrupted page. The problem was uncovered by the following tests: mariabackup.unencrypted_page_compressed mariabackup.encrypted_page_compressed
-
Sergei Golubchik authored
MDEV-17975 Assertion `! is_set()' or `!is_set() || (m_status == DA_OK_BULK && is_bulk_op())' failed upon REVOKE under LOCK TABLE open_grant_tables() returns -1/0/1, where -1 is an error, while 1 is not. Don't store it's return value in bool
-
- 19 Dec, 2018 1 commit
-
-
Marko Mäkelä authored
Write a test case that computes valid crc32 checksums for an encrypted page, but zeroes out the payload area, so that the checksum after decryption fails. xb_fil_cur_read(): Validate the page number before trying any checksum calculation or decrypting or decompression. Also, skip zero-filled pages. For page_compressed pages, ensure that the FIL_PAGE_TYPE was changed. Also, reject FIL_PAGE_PAGE_COMPRESSED_ENCRYPTED if no decryption was attempted.
-
- 18 Dec, 2018 3 commits
-
-
Marko Mäkelä authored
The fix was accidentally only applied to InnoDB, and encryption tests were not adjusted.
-
Thirunarayanan Balathandayuthapani authored
Problem: ======= Mariabackup seems to fail to verify the pages of compressed tables. The reason is that both fil_space_verify_crypt_checksum() and buf_page_is_corrupted() will skip the validation for compressed pages. Fix: ==== Mariabackup should call fil_page_decompress() for compressed and encrypted compressed page. After that, call buf_page_is_corrupted() to check the page corruption.
-
Marko Mäkelä authored
Starting with commit 6b698715 the encrypted page checksum is only computed with crc32. Encrypted data pages that were written earlier can contain other checksums, but new ones will only contain crc32. Because of this, it does not make sense to implement strict checks of innodb_checksum_algorithm for other than strict_crc32. fil_space_verify_crypt_checksum(): Treat strict_innodb as innodb and strict_none as none. That is, allow a match from any of the algorithms none, innodb, crc32. (This is how it worked before the second MDEV-12112 fix.) Thanks to Thirunarayanan Balathandayuthapani for pointing this out.
-
- 17 Dec, 2018 5 commits
-
-
Marko Mäkelä authored
fil_space_verify_crypt_checksum(): Add a dummy return statement in case memory is corrupted and innodb_checksum_algorithm has an invalid value.
-
Marko Mäkelä authored
The initial fix only covered a part of Mariabackup. This fix hardens InnoDB and XtraDB in a similar way, in order to reduce the probability of mistaking a corrupted encrypted page for a valid unencrypted one. This is based on work by Thirunarayanan Balathandayuthapani. fil_space_verify_crypt_checksum(): Assert that key_version!=0. Let the callers guarantee that. Now that we have this assertion, we also know that buf_page_is_zeroes() cannot hold. Also, remove all diagnostic output and related parameters, and let the relevant callers emit such messages. Last but not least, validate the post-encryption checksum according to the innodb_checksum_algorithm (only accepting one checksum for the strict variants), and no longer try to validate the page as if it was unencrypted. buf_page_is_zeroes(): Move to the compilation unit of the only callers, and declare static. xb_fil_cur_read(), buf_page_check_corrupt(): Add a condition before calling fil_space_verify_crypt_checksum(). This is a non-functional change. buf_dblwr_process(): Validate the page only as encrypted or unencrypted, but not both.
-
Jan Lindström authored
Remove provider defaults check from 'galera_defaults' MTR test
-
Jan Lindström authored
Problem is that if you use bundled yassl AES_CTR is not supported. There is a way to detect that but as we really want to keep this test enabled did not add skip for missing support. Changed method to AES_CBC as there is no need to use AES_CTR.
-
Jan Lindström authored
Add check that file key management plugin is found.
-
- 14 Dec, 2018 2 commits
-
-
Alexey Yurchenko authored
From time to time Galera adds new parameters or changes defaults to existing ones. Every time this happens galera_defaults test needs a fix (and a commit) because it insists on checking these defaults. This is making life hard because any Galera update may require a fix to MariaDB code even though it is totally unrelated and defeats the whole idea of a provider living its own life. This commit removes checking for provider defaults to avoid false positive failures on MariaDB side.
-
Marko Mäkelä authored
After validating the post-encryption checksum on an encrypted page, Mariabackup should decrypt the page and validate the pre-encryption checksum as well. This should reduce the probability of accepting invalid pages as valid ones. This is a backport and refactoring of a patch that was originally written by Thirunarayanan Balathandayuthapani for the 10.2 branch.
-
- 13 Dec, 2018 5 commits
-
-
Marko Mäkelä authored
Also, apply the MDEV-17957 changes to encrypted page checksums, and remove error message output from the checksum function, because these messages would be useless noise when mariabackup is retrying reads of corrupted-looking pages, and not that useful during normal server operation either. The error messages in fil_space_verify_crypt_checksum() should be refactored separately.
-
Marko Mäkelä authored
This is a backport of a part of commit 18455ec3 from 10.1.
-
Marko Mäkelä authored
-
Thirunarayanan Balathandayuthapani authored
Problem: Innodb_checksum_algorithm checks for all checksum algorithm to validate the page checksum even though the algorithm is specified as strict_crc32, strict_innodb, strict_none. Fix: Remove the checks for all checksum algorithm to validate the page checksum if the algo is specified as strict_* values.
-
Varun Gupta authored
-
- 12 Dec, 2018 4 commits
-
-
Sergei Golubchik authored
1. don't run full mysql_upgrade on every server restart, use --version-check to do it only once 2. fix syslog tag name in the postinst script, don't pretend mysqld_safe generated all these messages. Auto-detect the version to simplify maintenance
-
Sergei Golubchik authored
-
Jiaye Wu authored
Current implementation is conflicting. If UNICODE is defined, FormatMessage() will be FormatMessageW(), and variable win_errormsg with type char can not be passed to it, which should be changed to TCHAR instead. Since we don't use UNICODE here, we can use FormatMessageA() directly to avoid conversion error. ``` my_global.h(1092): error C2664: 'DWORD FormatMessageW(D WORD,LPCVOID,DWORD,DWORD,LPWSTR,DWORD,va_list *)' : cannot convert argument 5 from 'char [2048]' to 'LPWSTR' ```
-
Marko Mäkelä authored
-
- 11 Dec, 2018 1 commit
-
-
Eugene Kosov authored
ha_innobase::prepare_inplace_alter_table(): check max column length for every index in a table, not just added in this particular ALTER TABLE with ADD INDEX ones.
-
- 07 Dec, 2018 3 commits
-
-
Varun Gupta authored
The problem here is EITS statistics does not calculate statistics for the partitions of the table. So a temporary solution would be to not read EITS statistics for partitioned tables. Also disabling reading of EITS for columns that participate in the partition list of a table.
-
Marko Mäkelä authored
-
Marko Mäkelä authored
create_table_def(), ha_innobase::create(): Defer fts_optimize_add_table() until after the table has been successfully created.
-
- 06 Dec, 2018 5 commits
-
-
Vladislav Vaintroub authored
-
Sergei Golubchik authored
-
Sergei Golubchik authored
merge_role_db_privileges() was remembering pointers into Dynamic_array acl_dbs, and later was using them, while pushing more elements into the array. But pushing can cause realloc, and it can invalidate all pointers. Fix: remember and use indexes of elements, not pointers.
-
Sergei Golubchik authored
-
Sergei Golubchik authored
-
- 05 Dec, 2018 1 commit
-
-
Varun Gupta authored
-
- 28 Nov, 2018 1 commit
-
-
Sergei Golubchik authored
-
- 26 Nov, 2018 3 commits
-
-
Jan Lindström authored
-
Jan Lindström authored
MDEV-17804: Galera tests cause mysql_socket.h:738: inline_mysql_socket_send: Assertion `mysql_socket.fd != -1' failed. Do not do end of statement logic if thd is already killed as socket is already closed.
-
Jan Lindström authored
Problem was that controlling connection i.e. connection that executed the query SET GLOBAL wsrep_reject_queries = ALL_KILL; was also killed but server would try to send result from that query to controlling connection resulting a assertion mysqld: /home/jan/mysql/10.2-sst/include/mysql/psi/mysql_socket.h:738: inline_mysql_socket_send: Assertion `mysql_socket.fd != -1' failed. as socket was closed when controlling connection was closed. wsrep_close_client_connections() Do not close controlling connection and instead of wsrep_close_thread() we do now soft kill by THD::awake wsrep_reject_queries_update() Call wsrep_close_client_connections using current thd.
-
- 21 Nov, 2018 1 commit
-
-
Jan Lindström authored
Add test case for encrypted and page compressed tables.
-
- 20 Nov, 2018 1 commit
-
-
Varun Gupta authored
In this case we were trying to access memory for key_parts which we did not assign for a fields because it did not any EITS statistics. The check if EITS statistics for a column is avaialable or not was missing.
-