Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
MariaDB
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
MariaDB
Commits
cede2b6f
Commit
cede2b6f
authored
May 26, 2017
by
Marko Mäkelä
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Mariabackup: Remove support for .xbcrypt files
parent
7e22050e
Changes
16
Expand all
Show whitespace changes
Inline
Side-by-side
Showing
16 changed files
with
21 additions
and
3015 deletions
+21
-3015
extra/mariabackup/backup_copy.cc
extra/mariabackup/backup_copy.cc
+4
-21
extra/mariabackup/backup_mysql.cc
extra/mariabackup/backup_mysql.cc
+6
-18
extra/mariabackup/ds_decrypt.c
extra/mariabackup/ds_decrypt.c
+0
-665
extra/mariabackup/ds_decrypt.h
extra/mariabackup/ds_decrypt.h
+0
-30
extra/mariabackup/ds_encrypt.c
extra/mariabackup/ds_encrypt.c
+0
-446
extra/mariabackup/ds_encrypt.h
extra/mariabackup/ds_encrypt.h
+0
-33
extra/mariabackup/innobackupex.cc
extra/mariabackup/innobackupex.cc
+7
-98
extra/mariabackup/xbcrypt.c
extra/mariabackup/xbcrypt.c
+0
-696
extra/mariabackup/xbcrypt.h
extra/mariabackup/xbcrypt.h
+0
-79
extra/mariabackup/xbcrypt_common.c
extra/mariabackup/xbcrypt_common.c
+0
-328
extra/mariabackup/xbcrypt_common.h
extra/mariabackup/xbcrypt_common.h
+0
-64
extra/mariabackup/xbcrypt_read.c
extra/mariabackup/xbcrypt_read.c
+0
-252
extra/mariabackup/xbcrypt_write.c
extra/mariabackup/xbcrypt_write.c
+0
-105
extra/mariabackup/xbstream.c
extra/mariabackup/xbstream.c
+2
-55
extra/mariabackup/xtrabackup.cc
extra/mariabackup/xtrabackup.cc
+2
-113
extra/mariabackup/xtrabackup.h
extra/mariabackup/xtrabackup.h
+0
-12
No files found.
extra/mariabackup/backup_copy.cc
View file @
cede2b6f
...
@@ -1774,7 +1774,7 @@ copy_back()
...
@@ -1774,7 +1774,7 @@ copy_back()
const
char
*
ext_list
[]
=
{
"backup-my.cnf"
,
"xtrabackup_logfile"
,
const
char
*
ext_list
[]
=
{
"backup-my.cnf"
,
"xtrabackup_logfile"
,
"xtrabackup_binary"
,
"xtrabackup_binlog_info"
,
"xtrabackup_binary"
,
"xtrabackup_binlog_info"
,
"xtrabackup_checkpoints"
,
".qp"
,
".pmap"
,
".tmp"
,
"xtrabackup_checkpoints"
,
".qp"
,
".pmap"
,
".tmp"
,
".xbcrypt"
,
NULL
};
NULL
};
const
char
*
filename
;
const
char
*
filename
;
char
c_tmp
;
char
c_tmp
;
int
i_tmp
;
int
i_tmp
;
...
@@ -1807,7 +1807,7 @@ copy_back()
...
@@ -1807,7 +1807,7 @@ copy_back()
filename
=
base_name
(
node
.
filepath
);
filename
=
base_name
(
node
.
filepath
);
/* skip .qp
and .xbcrypt
files */
/* skip .qp files */
if
(
filename_matches
(
filename
,
ext_list
))
{
if
(
filename_matches
(
filename
,
ext_list
))
{
continue
;
continue
;
}
}
...
@@ -1899,24 +1899,8 @@ decrypt_decompress_file(const char *filepath, uint thread_n)
...
@@ -1899,24 +1899,8 @@ decrypt_decompress_file(const char *filepath, uint thread_n)
cmd
<<
IF_WIN
(
"type "
,
"cat "
)
<<
filepath
;
cmd
<<
IF_WIN
(
"type "
,
"cat "
)
<<
filepath
;
if
(
ends_with
(
filepath
,
".xbcrypt"
)
&&
opt_decrypt
)
{
cmd
<<
" | xbcrypt --decrypt --encrypt-algo="
<<
xtrabackup_encrypt_algo_names
[
opt_decrypt_algo
];
if
(
xtrabackup_encrypt_key
)
{
cmd
<<
" --encrypt-key="
<<
xtrabackup_encrypt_key
;
}
else
{
cmd
<<
" --encrypt-key-file="
<<
xtrabackup_encrypt_key_file
;
}
dest_filepath
[
strlen
(
dest_filepath
)
-
8
]
=
0
;
message
<<
"decrypting"
;
needs_action
=
true
;
}
if
(
opt_decompress
if
(
opt_decompress
&&
(
ends_with
(
filepath
,
".qp"
)
&&
ends_with
(
filepath
,
".qp"
))
{
||
(
ends_with
(
filepath
,
".qp.xbcrypt"
)
&&
opt_decrypt
)))
{
cmd
<<
" | qpress -dio "
;
cmd
<<
" | qpress -dio "
;
dest_filepath
[
strlen
(
dest_filepath
)
-
3
]
=
0
;
dest_filepath
[
strlen
(
dest_filepath
)
-
3
]
=
0
;
if
(
needs_action
)
{
if
(
needs_action
)
{
...
@@ -1967,8 +1951,7 @@ decrypt_decompress_thread_func(void *arg)
...
@@ -1967,8 +1951,7 @@ decrypt_decompress_thread_func(void *arg)
continue
;
continue
;
}
}
if
(
!
ends_with
(
node
.
filepath
,
".qp"
)
if
(
!
ends_with
(
node
.
filepath
,
".qp"
))
{
&&
!
ends_with
(
node
.
filepath
,
".xbcrypt"
))
{
continue
;
continue
;
}
}
...
...
extra/mariabackup/backup_mysql.cc
View file @
cede2b6f
...
@@ -1435,8 +1435,7 @@ write_xtrabackup_info(MYSQL *connection)
...
@@ -1435,8 +1435,7 @@ write_xtrabackup_info(MYSQL *connection)
"partial = %s
\n
"
"partial = %s
\n
"
"incremental = %s
\n
"
"incremental = %s
\n
"
"format = %s
\n
"
"format = %s
\n
"
"compressed = %s
\n
"
"compressed = %s
\n
"
,
"encrypted = %s
\n
"
,
uuid
,
/* uuid */
uuid
,
/* uuid */
opt_history
?
opt_history
:
""
,
/* name */
opt_history
?
opt_history
:
""
,
/* name */
tool_name
,
/* tool_name */
tool_name
,
/* tool_name */
...
@@ -1454,8 +1453,7 @@ write_xtrabackup_info(MYSQL *connection)
...
@@ -1454,8 +1453,7 @@ write_xtrabackup_info(MYSQL *connection)
is_partial
?
"Y"
:
"N"
,
is_partial
?
"Y"
:
"N"
,
xtrabackup_incremental
?
"Y"
:
"N"
,
/* incremental */
xtrabackup_incremental
?
"Y"
:
"N"
,
/* incremental */
xb_stream_name
[
xtrabackup_stream_fmt
],
/* format */
xb_stream_name
[
xtrabackup_stream_fmt
],
/* format */
xtrabackup_compress
?
"compressed"
:
"N"
,
/* compressed */
xtrabackup_compress
?
"compressed"
:
"N"
);
/* compressed */
xtrabackup_encrypt
?
"Y"
:
"N"
);
/* encrypted */
if
(
!
opt_history
)
{
if
(
!
opt_history
)
{
goto
cleanup
;
goto
cleanup
;
...
@@ -1481,8 +1479,7 @@ write_xtrabackup_info(MYSQL *connection)
...
@@ -1481,8 +1479,7 @@ write_xtrabackup_info(MYSQL *connection)
"partial ENUM('Y', 'N') DEFAULT NULL,"
"partial ENUM('Y', 'N') DEFAULT NULL,"
"incremental ENUM('Y', 'N') DEFAULT NULL,"
"incremental ENUM('Y', 'N') DEFAULT NULL,"
"format ENUM('file', 'tar', 'xbstream') DEFAULT NULL,"
"format ENUM('file', 'tar', 'xbstream') DEFAULT NULL,"
"compressed ENUM('Y', 'N') DEFAULT NULL,"
"compressed ENUM('Y', 'N') DEFAULT NULL"
"encrypted ENUM('Y', 'N') DEFAULT NULL"
") CHARACTER SET utf8 ENGINE=innodb"
,
false
);
") CHARACTER SET utf8 ENGINE=innodb"
,
false
);
...
@@ -1492,8 +1489,8 @@ write_xtrabackup_info(MYSQL *connection)
...
@@ -1492,8 +1489,8 @@ write_xtrabackup_info(MYSQL *connection)
<<
"uuid, name, tool_name, tool_command, tool_version,"
<<
"uuid, name, tool_name, tool_command, tool_version,"
<<
"ibbackup_version, server_version, start_time, end_time,"
<<
"ibbackup_version, server_version, start_time, end_time,"
<<
"lock_time, binlog_pos, innodb_from_lsn, innodb_to_lsn,"
<<
"lock_time, binlog_pos, innodb_from_lsn, innodb_to_lsn,"
<<
"partial, incremental, format, compressed
,
"
<<
"partial, incremental, format, compressed
)
"
<<
"
encrypted)
values("
<<
"values("
<<
escape_and_quote
(
connection
,
uuid
)
<<
","
<<
escape_and_quote
(
connection
,
uuid
)
<<
","
<<
escape_and_quote
(
connection
,
opt_history
)
<<
","
<<
escape_and_quote
(
connection
,
opt_history
)
<<
","
<<
escape_and_quote
(
connection
,
tool_name
)
<<
","
<<
escape_and_quote
(
connection
,
tool_name
)
<<
","
...
@@ -1510,8 +1507,7 @@ write_xtrabackup_info(MYSQL *connection)
...
@@ -1510,8 +1507,7 @@ write_xtrabackup_info(MYSQL *connection)
<<
ESCAPE_BOOL
(
is_partial
)
<<
","
<<
ESCAPE_BOOL
(
is_partial
)
<<
","
<<
ESCAPE_BOOL
(
xtrabackup_incremental
)
<<
","
<<
ESCAPE_BOOL
(
xtrabackup_incremental
)
<<
","
<<
escape_and_quote
(
connection
,
xb_stream_name
[
xtrabackup_stream_fmt
])
<<
","
<<
escape_and_quote
(
connection
,
xb_stream_name
[
xtrabackup_stream_fmt
])
<<
","
<<
ESCAPE_BOOL
(
xtrabackup_compress
)
<<
","
<<
ESCAPE_BOOL
(
xtrabackup_compress
)
<<
")"
;
<<
ESCAPE_BOOL
(
xtrabackup_encrypt
)
<<
")"
;
xb_mysql_query
(
mysql_connection
,
oss
.
str
().
c_str
(),
false
);
xb_mysql_query
(
mysql_connection
,
oss
.
str
().
c_str
(),
false
);
...
@@ -1577,14 +1573,6 @@ char *make_argv(char *buf, size_t len, int argc, char **argv)
...
@@ -1577,14 +1573,6 @@ char *make_argv(char *buf, size_t len, int argc, char **argv)
if
(
strncmp
(
*
argv
,
"--password"
,
strlen
(
"--password"
))
==
0
)
{
if
(
strncmp
(
*
argv
,
"--password"
,
strlen
(
"--password"
))
==
0
)
{
arg
=
"--password=..."
;
arg
=
"--password=..."
;
}
}
if
(
strncmp
(
*
argv
,
"--encrypt-key"
,
strlen
(
"--encrypt-key"
))
==
0
)
{
arg
=
"--encrypt-key=..."
;
}
if
(
strncmp
(
*
argv
,
"--encrypt_key"
,
strlen
(
"--encrypt_key"
))
==
0
)
{
arg
=
"--encrypt_key=..."
;
}
left
-=
ut_snprintf
(
buf
+
len
-
left
,
left
,
left
-=
ut_snprintf
(
buf
+
len
-
left
,
left
,
"%s%c"
,
arg
,
argc
>
1
?
' '
:
0
);
"%s%c"
,
arg
,
argc
>
1
?
' '
:
0
);
++
argv
;
--
argc
;
++
argv
;
--
argc
;
...
...
extra/mariabackup/ds_decrypt.c
deleted
100644 → 0
View file @
7e22050e
This diff is collapsed.
Click to expand it.
extra/mariabackup/ds_decrypt.h
deleted
100644 → 0
View file @
7e22050e
/******************************************************
Copyright (c) 2017 Percona LLC and/or its affiliates.
Encryption interface for XtraBackup.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*******************************************************/
#ifndef DS_DECRYPT_H
#define DS_DECRYPT_H
#include "datasink.h"
extern
datasink_t
datasink_decrypt
;
extern
int
ds_decrypt_encrypt_threads
;
#endif
extra/mariabackup/ds_encrypt.c
deleted
100644 → 0
View file @
7e22050e
This diff is collapsed.
Click to expand it.
extra/mariabackup/ds_encrypt.h
deleted
100644 → 0
View file @
7e22050e
/******************************************************
Copyright (c) 2013 Percona LLC and/or its affiliates.
Encryption interface for XtraBackup.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*******************************************************/
#ifndef DS_ENCRYPT_H
#define DS_ENCRYPT_H
#include "datasink.h"
#ifdef HAVE_GCRYPT
extern
datasink_t
datasink_encrypt
;
#endif
/* Encryption options */
extern
uint
ds_encrypt_encrypt_threads
;
extern
ulonglong
ds_encrypt_encrypt_chunk_size
;
#endif
extra/mariabackup/innobackupex.cc
View file @
cede2b6f
...
@@ -101,8 +101,6 @@ char *opt_ibx_login_path = NULL;
...
@@ -101,8 +101,6 @@ char *opt_ibx_login_path = NULL;
ulong
opt_ibx_lock_wait_query_type
;
ulong
opt_ibx_lock_wait_query_type
;
ulong
opt_ibx_kill_long_query_type
;
ulong
opt_ibx_kill_long_query_type
;
ulong
opt_ibx_decrypt_algo
=
0
;
uint
opt_ibx_kill_long_queries_timeout
=
0
;
uint
opt_ibx_kill_long_queries_timeout
=
0
;
uint
opt_ibx_lock_wait_timeout
=
0
;
uint
opt_ibx_lock_wait_timeout
=
0
;
uint
opt_ibx_lock_wait_threshold
=
0
;
uint
opt_ibx_lock_wait_threshold
=
0
;
...
@@ -110,7 +108,6 @@ uint opt_ibx_debug_sleep_before_unlock = 0;
...
@@ -110,7 +108,6 @@ uint opt_ibx_debug_sleep_before_unlock = 0;
uint
opt_ibx_safe_slave_backup_timeout
=
0
;
uint
opt_ibx_safe_slave_backup_timeout
=
0
;
const
char
*
opt_ibx_history
=
NULL
;
const
char
*
opt_ibx_history
=
NULL
;
bool
opt_ibx_decrypt
=
false
;
char
*
opt_ibx_include
=
NULL
;
char
*
opt_ibx_include
=
NULL
;
char
*
opt_ibx_databases
=
NULL
;
char
*
opt_ibx_databases
=
NULL
;
...
@@ -124,11 +121,6 @@ my_bool ibx_xb_close_files;
...
@@ -124,11 +121,6 @@ my_bool ibx_xb_close_files;
const
char
*
ibx_xtrabackup_compress_alg
;
const
char
*
ibx_xtrabackup_compress_alg
;
uint
ibx_xtrabackup_compress_threads
;
uint
ibx_xtrabackup_compress_threads
;
ulonglong
ibx_xtrabackup_compress_chunk_size
;
ulonglong
ibx_xtrabackup_compress_chunk_size
;
ulong
ibx_xtrabackup_encrypt_algo
;
char
*
ibx_xtrabackup_encrypt_key
;
char
*
ibx_xtrabackup_encrypt_key_file
;
uint
ibx_xtrabackup_encrypt_threads
;
ulonglong
ibx_xtrabackup_encrypt_chunk_size
;
my_bool
ibx_xtrabackup_export
;
my_bool
ibx_xtrabackup_export
;
char
*
ibx_xtrabackup_extra_lsndir
;
char
*
ibx_xtrabackup_extra_lsndir
;
char
*
ibx_xtrabackup_incremental_basedir
;
char
*
ibx_xtrabackup_incremental_basedir
;
...
@@ -198,7 +190,6 @@ enum innobackupex_options
...
@@ -198,7 +190,6 @@ enum innobackupex_options
OPT_NO_VERSION_CHECK
,
OPT_NO_VERSION_CHECK
,
OPT_NO_BACKUP_LOCKS
,
OPT_NO_BACKUP_LOCKS
,
OPT_DATABASES
,
OPT_DATABASES
,
OPT_DECRYPT
,
OPT_DECOMPRESS
,
OPT_DECOMPRESS
,
/* options wich are passed directly to xtrabackup */
/* options wich are passed directly to xtrabackup */
...
@@ -207,11 +198,6 @@ enum innobackupex_options
...
@@ -207,11 +198,6 @@ enum innobackupex_options
OPT_COMPRESS
,
OPT_COMPRESS
,
OPT_COMPRESS_THREADS
,
OPT_COMPRESS_THREADS
,
OPT_COMPRESS_CHUNK_SIZE
,
OPT_COMPRESS_CHUNK_SIZE
,
OPT_ENCRYPT
,
OPT_ENCRYPT_KEY
,
OPT_ENCRYPT_KEY_FILE
,
OPT_ENCRYPT_THREADS
,
OPT_ENCRYPT_CHUNK_SIZE
,
OPT_EXPORT
,
OPT_EXPORT
,
OPT_EXTRA_LSNDIR
,
OPT_EXTRA_LSNDIR
,
OPT_INCREMENTAL_BASEDIR
,
OPT_INCREMENTAL_BASEDIR
,
...
@@ -427,12 +413,6 @@ static struct my_option ibx_long_options[] =
...
@@ -427,12 +413,6 @@ static struct my_option ibx_long_options[] =
(
uchar
*
)
&
opt_ibx_incremental_history_uuid
,
0
,
GET_STR
,
(
uchar
*
)
&
opt_ibx_incremental_history_uuid
,
0
,
GET_STR
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"decrypt"
,
OPT_DECRYPT
,
"Decrypts all files with the .xbcrypt "
"extension in a backup previously made with --encrypt option."
,
&
opt_ibx_decrypt_algo
,
&
opt_ibx_decrypt_algo
,
&
xtrabackup_encrypt_algo_typelib
,
GET_ENUM
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"ftwrl-wait-query-type"
,
OPT_LOCK_WAIT_QUERY_TYPE
,
{
"ftwrl-wait-query-type"
,
OPT_LOCK_WAIT_QUERY_TYPE
,
"This option specifies which types of queries are allowed to complete "
"This option specifies which types of queries are allowed to complete "
"before innobackupex will issue the global lock. Default is all."
,
"before innobackupex will issue the global lock. Default is all."
,
...
@@ -551,46 +531,6 @@ static struct my_option ibx_long_options[] =
...
@@ -551,46 +531,6 @@ static struct my_option ibx_long_options[] =
(
uchar
*
)
&
ibx_xtrabackup_compress_chunk_size
,
(
uchar
*
)
&
ibx_xtrabackup_compress_chunk_size
,
0
,
GET_ULL
,
REQUIRED_ARG
,
(
1
<<
16
),
1024
,
ULONGLONG_MAX
,
0
,
0
,
0
},
0
,
GET_ULL
,
REQUIRED_ARG
,
(
1
<<
16
),
1024
,
ULONGLONG_MAX
,
0
,
0
,
0
},
{
"encrypt"
,
OPT_ENCRYPT
,
"This option instructs xtrabackup to encrypt "
"backup copies of InnoDB data files using the algorithm specified in "
"the ENCRYPTION-ALGORITHM. It is passed directly to the xtrabackup "
"child process. Try 'xtrabackup --help' for more details."
,
&
ibx_xtrabackup_encrypt_algo
,
&
ibx_xtrabackup_encrypt_algo
,
&
xtrabackup_encrypt_algo_typelib
,
GET_ENUM
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"encrypt-key"
,
OPT_ENCRYPT_KEY
,
"This option instructs xtrabackup to "
"use the given ENCRYPTION-KEY when using the --encrypt or --decrypt "
"options. During backup it is passed directly to the xtrabackup child "
"process. Try 'xtrabackup --help' for more details."
,
(
uchar
*
)
&
ibx_xtrabackup_encrypt_key
,
(
uchar
*
)
&
ibx_xtrabackup_encrypt_key
,
0
,
GET_STR_ALLOC
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"encrypt-key-file"
,
OPT_ENCRYPT_KEY_FILE
,
"This option instructs "
"xtrabackup to use the encryption key stored in the given "
"ENCRYPTION-KEY-FILE when using the --encrypt or --decrypt options."
,
(
uchar
*
)
&
ibx_xtrabackup_encrypt_key_file
,
(
uchar
*
)
&
ibx_xtrabackup_encrypt_key_file
,
0
,
GET_STR_ALLOC
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"encrypt-threads"
,
OPT_ENCRYPT_THREADS
,
"This option specifies the number of worker threads that will be used "
"for parallel encryption. It is passed directly to the xtrabackup "
"child process. Try 'xtrabackup --help' for more details."
,
(
uchar
*
)
&
ibx_xtrabackup_encrypt_threads
,
(
uchar
*
)
&
ibx_xtrabackup_encrypt_threads
,
0
,
GET_UINT
,
REQUIRED_ARG
,
1
,
1
,
UINT_MAX
,
0
,
0
,
0
},
{
"encrypt-chunk-size"
,
OPT_ENCRYPT_CHUNK_SIZE
,
"This option specifies the size of the internal working buffer for "
"each encryption thread, measured in bytes. It is passed directly to "
"the xtrabackup child process. Try 'xtrabackup --help' for more "
"details."
,
(
uchar
*
)
&
ibx_xtrabackup_encrypt_chunk_size
,
(
uchar
*
)
&
ibx_xtrabackup_encrypt_chunk_size
,
0
,
GET_ULL
,
REQUIRED_ARG
,
(
1
<<
16
),
1024
,
ULONGLONG_MAX
,
0
,
0
,
0
},
{
"export"
,
OPT_EXPORT
,
"This option is passed directly to xtrabackup's "
{
"export"
,
OPT_EXPORT
,
"This option is passed directly to xtrabackup's "
"--export option. It enables exporting individual tables for import "
"--export option. It enables exporting individual tables for import "
"into another server. See the xtrabackup documentation for details."
,
"into another server. See the xtrabackup documentation for details."
,
...
@@ -726,8 +666,6 @@ You can download full text of the license on http://www.gnu.org/licenses/gpl-2.0
...
@@ -726,8 +666,6 @@ You can download full text of the license on http://www.gnu.org/licenses/gpl-2.0
SYNOPOSIS
\n
\
SYNOPOSIS
\n
\
\n
\
\n
\
innobackupex [--compress] [--compress-threads=NUMBER-OF-THREADS] [--compress-chunk-size=CHUNK-SIZE]
\n
\
innobackupex [--compress] [--compress-threads=NUMBER-OF-THREADS] [--compress-chunk-size=CHUNK-SIZE]
\n
\
[--encrypt=ENCRYPTION-ALGORITHM] [--encrypt-threads=NUMBER-OF-THREADS] [--encrypt-chunk-size=CHUNK-SIZE]
\n
\
[--encrypt-key=LITERAL-ENCRYPTION-KEY] | [--encryption-key-file=MY.KEY]
\n
\
[--include=REGEXP] [--user=NAME]
\n
\
[--include=REGEXP] [--user=NAME]
\n
\
[--password=WORD] [--port=PORT] [--socket=SOCKET]
\n
\
[--password=WORD] [--port=PORT] [--socket=SOCKET]
\n
\
[--no-timestamp] [--ibbackup=IBBACKUP-BINARY]
\n
\
[--no-timestamp] [--ibbackup=IBBACKUP-BINARY]
\n
\
...
@@ -751,8 +689,7 @@ innobackupex --copy-back [--defaults-file=MY.CNF] [--defaults-group=GROUP-NAME]
...
@@ -751,8 +689,7 @@ innobackupex --copy-back [--defaults-file=MY.CNF] [--defaults-group=GROUP-NAME]
\n
\
\n
\
innobackupex --move-back [--defaults-file=MY.CNF] [--defaults-group=GROUP-NAME] BACKUP-DIR
\n
\
innobackupex --move-back [--defaults-file=MY.CNF] [--defaults-group=GROUP-NAME] BACKUP-DIR
\n
\
\n
\
\n
\
innobackupex [--decompress] [--decrypt=ENCRYPTION-ALGORITHM]
\n
\
innobackupex [--decompress]
\n
\
[--encrypt-key=LITERAL-ENCRYPTION-KEY] | [--encryption-key-file=MY.KEY]
\n
\
[--parallel=NUMBER-OF-FORKS] BACKUP-DIR
\n
\
[--parallel=NUMBER-OF-FORKS] BACKUP-DIR
\n
\
\n
\
\n
\
DESCRIPTION
\n
\
DESCRIPTION
\n
\
...
@@ -789,15 +726,12 @@ it moves files to their original locations rather than copies them. As this\n\
...
@@ -789,15 +726,12 @@ it moves files to their original locations rather than copies them. As this\n\
option removes backup files, it must be used with caution. It may be useful in
\n
\
option removes backup files, it must be used with caution. It may be useful in
\n
\
cases when there is not enough free disk space to copy files.
\n
\
cases when there is not enough free disk space to copy files.
\n
\
\n
\
\n
\
The --decompress --decrypt command will decrypt and/or decompress a backup made
\n
\
The --decompress command will decompress a backup made
\n
\
with the --compress and/or --encrypt options. When decrypting, the encryption
\n
\
with the --compress option. The
\n
\
algorithm and key used when the backup was taken MUST be provided via the
\n
\
--parallel option will allow multiple files to be decompressed
\n
\
specified options. --decrypt and --decompress may be used together at the same
\n
\
time to completely normalize a previously compressed and encrypted backup. The
\n
\
--parallel option will allow multiple files to be decrypted and/or decompressed
\n
\
simultaneously. In order to decompress, the qpress utility MUST be installed
\n
\
simultaneously. In order to decompress, the qpress utility MUST be installed
\n
\
and accessable within the path. This process will remove the original
\n
\
and accessable within the path. This process will remove the original
\n
\
compressed
/encrypted
files and leave the results in the same location.
\n
\
compressed files and leave the results in the same location.
\n
\
\n
\
\n
\
On success the exit code innobackupex is 0. A non-zero exit code
\n
\
On success the exit code innobackupex is 0. A non-zero exit code
\n
\
indicates an error.
\n
"
);
indicates an error.
\n
"
);
...
@@ -830,14 +764,6 @@ ibx_get_one_option(int optid,
...
@@ -830,14 +764,6 @@ ibx_get_one_option(int optid,
opt_ibx_history
=
""
;
opt_ibx_history
=
""
;
}
}
break
;
break
;
case
OPT_DECRYPT
:
if
(
argument
==
NULL
)
{
ibx_msg
(
"Missing --decrypt argument, must specify a "
"valid encryption algorithm.
\n
"
);
return
(
1
);
}
opt_ibx_decrypt
=
true
;
break
;
case
OPT_STREAM
:
case
OPT_STREAM
:
if
(
!
strcasecmp
(
argument
,
"xbstream"
))
if
(
!
strcasecmp
(
argument
,
"xbstream"
))
xtrabackup_stream_fmt
=
XB_STREAM_FMT_XBSTREAM
;
xtrabackup_stream_fmt
=
XB_STREAM_FMT_XBSTREAM
;
...
@@ -857,15 +783,6 @@ ibx_get_one_option(int optid,
...
@@ -857,15 +783,6 @@ ibx_get_one_option(int optid,
}
}
xtrabackup_compress
=
TRUE
;
xtrabackup_compress
=
TRUE
;
break
;
break
;
case
OPT_ENCRYPT
:
if
(
argument
==
NULL
)
{
msg
(
"Missing --encrypt argument, must specify a "
"valid encryption algorithm.
\n
"
);
return
1
;
}
xtrabackup_encrypt
=
TRUE
;
break
;
case
'p'
:
case
'p'
:
if
(
argument
)
if
(
argument
)
{
{
...
@@ -919,7 +836,7 @@ ibx_handle_options(int *argc, char ***argv)
...
@@ -919,7 +836,7 @@ ibx_handle_options(int *argc, char ***argv)
ibx_mode
=
IBX_MODE_COPY_BACK
;
ibx_mode
=
IBX_MODE_COPY_BACK
;
}
else
if
(
opt_ibx_move_back
)
{
}
else
if
(
opt_ibx_move_back
)
{
ibx_mode
=
IBX_MODE_MOVE_BACK
;
ibx_mode
=
IBX_MODE_MOVE_BACK
;
}
else
if
(
opt_ibx_dec
rypt
||
opt_ibx_dec
ompress
)
{
}
else
if
(
opt_ibx_decompress
)
{
ibx_mode
=
IBX_MODE_DECRYPT_DECOMPRESS
;
ibx_mode
=
IBX_MODE_DECRYPT_DECOMPRESS
;
}
else
{
}
else
{
ibx_mode
=
IBX_MODE_BACKUP
;
ibx_mode
=
IBX_MODE_BACKUP
;
...
@@ -997,8 +914,6 @@ ibx_init()
...
@@ -997,8 +914,6 @@ ibx_init()
opt_lock_wait_query_type
=
opt_ibx_lock_wait_query_type
;
opt_lock_wait_query_type
=
opt_ibx_lock_wait_query_type
;
opt_kill_long_query_type
=
opt_ibx_kill_long_query_type
;
opt_kill_long_query_type
=
opt_ibx_kill_long_query_type
;
opt_decrypt_algo
=
opt_ibx_decrypt_algo
;
opt_kill_long_queries_timeout
=
opt_ibx_kill_long_queries_timeout
;
opt_kill_long_queries_timeout
=
opt_ibx_kill_long_queries_timeout
;
opt_lock_wait_timeout
=
opt_ibx_lock_wait_timeout
;
opt_lock_wait_timeout
=
opt_ibx_lock_wait_timeout
;
opt_lock_wait_threshold
=
opt_ibx_lock_wait_threshold
;
opt_lock_wait_threshold
=
opt_ibx_lock_wait_threshold
;
...
@@ -1006,18 +921,12 @@ ibx_init()
...
@@ -1006,18 +921,12 @@ ibx_init()
opt_safe_slave_backup_timeout
=
opt_ibx_safe_slave_backup_timeout
;
opt_safe_slave_backup_timeout
=
opt_ibx_safe_slave_backup_timeout
;
opt_history
=
opt_ibx_history
;
opt_history
=
opt_ibx_history
;
opt_decrypt
=
opt_ibx_decrypt
;
/* setup xtrabackup options */
/* setup xtrabackup options */
xb_close_files
=
ibx_xb_close_files
;
xb_close_files
=
ibx_xb_close_files
;
xtrabackup_compress_alg
=
ibx_xtrabackup_compress_alg
;
xtrabackup_compress_alg
=
ibx_xtrabackup_compress_alg
;
xtrabackup_compress_threads
=
ibx_xtrabackup_compress_threads
;
xtrabackup_compress_threads
=
ibx_xtrabackup_compress_threads
;
xtrabackup_compress_chunk_size
=
ibx_xtrabackup_compress_chunk_size
;
xtrabackup_compress_chunk_size
=
ibx_xtrabackup_compress_chunk_size
;
xtrabackup_encrypt_algo
=
ibx_xtrabackup_encrypt_algo
;
xtrabackup_encrypt_key
=
ibx_xtrabackup_encrypt_key
;
xtrabackup_encrypt_key_file
=
ibx_xtrabackup_encrypt_key_file
;
xtrabackup_encrypt_threads
=
ibx_xtrabackup_encrypt_threads
;
xtrabackup_encrypt_chunk_size
=
ibx_xtrabackup_encrypt_chunk_size
;
xtrabackup_export
=
ibx_xtrabackup_export
;
xtrabackup_export
=
ibx_xtrabackup_export
;
xtrabackup_extra_lsndir
=
ibx_xtrabackup_extra_lsndir
;
xtrabackup_extra_lsndir
=
ibx_xtrabackup_extra_lsndir
;
xtrabackup_incremental_basedir
=
ibx_xtrabackup_incremental_basedir
;
xtrabackup_incremental_basedir
=
ibx_xtrabackup_incremental_basedir
;
...
@@ -1098,7 +1007,7 @@ ibx_init()
...
@@ -1098,7 +1007,7 @@ ibx_init()
case
IBX_MODE_DECRYPT_DECOMPRESS
:
case
IBX_MODE_DECRYPT_DECOMPRESS
:
xtrabackup_decrypt_decompress
=
TRUE
;
xtrabackup_decrypt_decompress
=
TRUE
;
xtrabackup_target_dir
=
ibx_position_arg
;
xtrabackup_target_dir
=
ibx_position_arg
;
run
=
"dec
rypt and dec
ompress"
;
run
=
"decompress"
;
break
;
break
;
default:
default:
ut_error
;
ut_error
;
...
...
extra/mariabackup/xbcrypt.c
deleted
100644 → 0
View file @
7e22050e
This diff is collapsed.
Click to expand it.
extra/mariabackup/xbcrypt.h
deleted
100644 → 0
View file @
7e22050e
/******************************************************
Copyright (c) 2011 Percona LLC and/or its affiliates.
Encryption interface for XtraBackup.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*******************************************************/
#ifndef XBCRYPT_H
#define XBCRYPT_H
#include <my_base.h>
#include "common.h"
#define XB_CRYPT_CHUNK_MAGIC1 "XBCRYP01"
#define XB_CRYPT_CHUNK_MAGIC2 "XBCRYP02"
#define XB_CRYPT_CHUNK_MAGIC3 "XBCRYP03"
/* must be same size as ^^ */
#define XB_CRYPT_CHUNK_MAGIC_CURRENT XB_CRYPT_CHUNK_MAGIC3
#define XB_CRYPT_CHUNK_MAGIC_SIZE (sizeof(XB_CRYPT_CHUNK_MAGIC1)-1)
#define XB_CRYPT_HASH GCRY_MD_SHA256
#define XB_CRYPT_HASH_LEN 32
/******************************************************************************
Write interface */
typedef
struct
xb_wcrypt_struct
xb_wcrypt_t
;
/* Callback on write for i/o, must return # of bytes written or -1 on error */
typedef
ssize_t
xb_crypt_write_callback
(
void
*
userdata
,
const
void
*
buf
,
size_t
len
);
xb_wcrypt_t
*
xb_crypt_write_open
(
void
*
userdata
,
xb_crypt_write_callback
*
onwrite
);
/* Takes buffer, original length, encrypted length iv and iv length, formats
output buffer and calls write callback.
Returns 0 on success, 1 on error */
int
xb_crypt_write_chunk
(
xb_wcrypt_t
*
crypt
,
const
void
*
buf
,
size_t
olen
,
size_t
elen
,
const
void
*
iv
,
size_t
ivlen
);
/* Returns 0 on success, 1 on error */
int
xb_crypt_write_close
(
xb_wcrypt_t
*
crypt
);
/******************************************************************************
Read interface */
typedef
struct
xb_rcrypt_struct
xb_rcrypt_t
;
/* Callback on read for i/o, must return # of bytes read or -1 on error */
typedef
size_t
xb_crypt_read_callback
(
void
*
userdata
,
void
*
buf
,
size_t
len
);
xb_rcrypt_t
*
xb_crypt_read_open
(
void
*
userdata
,
xb_crypt_read_callback
*
onread
);
typedef
enum
{
XB_CRYPT_READ_CHUNK
,
XB_CRYPT_READ_INCOMPLETE
,
XB_CRYPT_READ_EOF
,
XB_CRYPT_READ_ERROR
}
xb_rcrypt_result_t
;
xb_rcrypt_result_t
xb_crypt_read_chunk
(
xb_rcrypt_t
*
crypt
,
void
**
buf
,
size_t
*
olen
,
size_t
*
elen
,
void
**
iv
,
size_t
*
ivlen
,
my_bool
*
hash_appended
);
int
xb_crypt_read_close
(
xb_rcrypt_t
*
crypt
);
#endif
extra/mariabackup/xbcrypt_common.c
deleted
100644 → 0
View file @
7e22050e
/******************************************************
Copyright (c) 2013, 2017 Percona LLC and/or its affiliates.
Encryption configuration file interface for XtraBackup.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*******************************************************/
#include <my_base.h>
#include "common.h"
#include "xbcrypt.h"
#include "xbcrypt_common.h"
/* Encryption options */
char
*
ds_encrypt_key
=
NULL
;
char
*
ds_encrypt_key_file
=
NULL
;
ulong
ds_encrypt_algo
;
static
uint
encrypt_key_len
;
static
uint
encrypt_iv_len
;
static
const
uint
encrypt_mode
=
GCRY_CIPHER_MODE_CTR
;
static
uint
encrypt_algos
[]
=
{
GCRY_CIPHER_NONE
,
GCRY_CIPHER_AES128
,
GCRY_CIPHER_AES192
,
GCRY_CIPHER_AES256
};
static
uint
encrypt_algo
;
#if !defined(GCRYPT_VERSION_NUMBER) || (GCRYPT_VERSION_NUMBER < 0x010600)
GCRY_THREAD_OPTION_PTHREAD_IMPL
;
#endif
my_bool
xb_crypt_read_key_file
(
const
char
*
filename
,
void
**
key
,
uint
*
keylength
)
{
FILE
*
fp
;
if
(
!
(
fp
=
my_fopen
(
filename
,
O_RDONLY
,
MYF
(
0
))))
{
msg
(
"%s:%s: unable to open config file
\"
%s
\"
, errno(%d)
\n
"
,
my_progname
,
__FUNCTION__
,
filename
,
my_errno
);
return
FALSE
;
}
fseek
(
fp
,
0
,
SEEK_END
);
*
keylength
=
ftell
(
fp
);
rewind
(
fp
);
*
key
=
my_malloc
(
*
keylength
,
MYF
(
MY_FAE
));
*
keylength
=
fread
(
*
key
,
1
,
*
keylength
,
fp
);
my_fclose
(
fp
,
MYF
(
0
));
return
TRUE
;
}
void
xb_crypt_create_iv
(
void
*
ivbuf
,
size_t
ivlen
)
{
gcry_create_nonce
(
ivbuf
,
ivlen
);
}
gcry_error_t
xb_crypt_init
(
uint
*
iv_len
)
{
gcry_error_t
gcry_error
;
/* Acording to gcrypt docs (and my testing), setting up the threading
callbacks must be done first, so, lets give it a shot */
#if !defined(GCRYPT_VERSION_NUMBER) || (GCRYPT_VERSION_NUMBER < 0x010600)
gcry_error
=
gcry_control
(
GCRYCTL_SET_THREAD_CBS
,
&
gcry_threads_pthread
);
if
(
gcry_error
)
{
msg
(
"encryption: unable to set libgcrypt thread cbs - "
"%s : %s
\n
"
,
gcry_strsource
(
gcry_error
),
gcry_strerror
(
gcry_error
));
return
gcry_error
;
}
#endif
/* Version check should be the very next call because it
makes sure that important subsystems are intialized. */
if
(
!
gcry_control
(
GCRYCTL_ANY_INITIALIZATION_P
))
{
const
char
*
gcrypt_version
;
gcrypt_version
=
gcry_check_version
(
NULL
);
/* No other library has already initialized libgcrypt. */
if
(
!
gcrypt_version
)
{
msg
(
"encryption: failed to initialize libgcrypt
\n
"
);
return
1
;
}
else
{
msg
(
"encryption: using gcrypt %s
\n
"
,
gcrypt_version
);
}
}
/* Disable the gcry secure memory, not dealing with this for now */
gcry_error
=
gcry_control
(
GCRYCTL_DISABLE_SECMEM
,
0
);
if
(
gcry_error
)
{
msg
(
"encryption: unable to disable libgcrypt secmem - "
"%s : %s
\n
"
,
gcry_strsource
(
gcry_error
),
gcry_strerror
(
gcry_error
));
return
gcry_error
;
}
/* Finalize gcry initialization. */
gcry_error
=
gcry_control
(
GCRYCTL_INITIALIZATION_FINISHED
,
0
);
if
(
gcry_error
)
{
msg
(
"encryption: unable to finish libgcrypt initialization - "
"%s : %s
\n
"
,
gcry_strsource
(
gcry_error
),
gcry_strerror
(
gcry_error
));
return
gcry_error
;
}
/* Determine the algorithm */
encrypt_algo
=
encrypt_algos
[
ds_encrypt_algo
];
/* Set up the iv length */
encrypt_iv_len
=
gcry_cipher_get_algo_blklen
(
encrypt_algo
);
xb_a
(
encrypt_iv_len
>
0
);
if
(
iv_len
!=
NULL
)
{
*
iv_len
=
encrypt_iv_len
;
}
/* Now set up the key */
if
(
ds_encrypt_key
==
NULL
&&
ds_encrypt_key_file
==
NULL
)
{
msg
(
"encryption: no encryption key or key file specified.
\n
"
);
return
gcry_error
;
}
else
if
(
ds_encrypt_key
&&
ds_encrypt_key_file
)
{
msg
(
"encryption: both encryption key and key file specified.
\n
"
);
return
gcry_error
;
}
else
if
(
ds_encrypt_key_file
)
{
if
(
!
xb_crypt_read_key_file
(
ds_encrypt_key_file
,
(
void
**
)
&
ds_encrypt_key
,
&
encrypt_key_len
))
{
msg
(
"encryption: unable to read encryption key file"
"
\"
%s
\"
.
\n
"
,
ds_encrypt_key_file
);
return
gcry_error
;
}
}
else
if
(
ds_encrypt_key
)
{
encrypt_key_len
=
strlen
(
ds_encrypt_key
);
}
else
{
msg
(
"encryption: no encryption key or key file specified.
\n
"
);
return
gcry_error
;
}
return
0
;
}
gcry_error_t
xb_crypt_cipher_open
(
gcry_cipher_hd_t
*
cipher_handle
)
{
if
(
encrypt_algo
!=
GCRY_CIPHER_NONE
)
{
gcry_error_t
gcry_error
;
gcry_error
=
gcry_cipher_open
(
cipher_handle
,
encrypt_algo
,
encrypt_mode
,
0
);
if
(
gcry_error
)
{
msg
(
"encryption: unable to open libgcrypt"
" cipher - %s : %s
\n
"
,
gcry_strsource
(
gcry_error
),
gcry_strerror
(
gcry_error
));
gcry_cipher_close
(
*
cipher_handle
);
return
gcry_error
;
}
gcry_error
=
gcry_cipher_setkey
(
*
cipher_handle
,
ds_encrypt_key
,
encrypt_key_len
);
if
(
gcry_error
)
{
msg
(
"encryption: unable to set libgcrypt"
" cipher key - %s : %s
\n
"
,
gcry_strsource
(
gcry_error
),
gcry_strerror
(
gcry_error
));
gcry_cipher_close
(
*
cipher_handle
);
return
gcry_error
;
}
return
gcry_error
;
}
return
0
;
}
void
xb_crypt_cipher_close
(
gcry_cipher_hd_t
cipher_handle
)
{
if
(
encrypt_algo
!=
GCRY_CIPHER_NONE
)
gcry_cipher_close
(
cipher_handle
);
}
gcry_error_t
xb_crypt_decrypt
(
gcry_cipher_hd_t
cipher_handle
,
const
uchar
*
from
,
size_t
from_len
,
uchar
*
to
,
size_t
*
to_len
,
const
uchar
*
iv
,
size_t
iv_len
,
my_bool
hash_appended
)
{
*
to_len
=
from_len
;
if
(
encrypt_algo
!=
GCRY_CIPHER_NONE
)
{
gcry_error_t
gcry_error
;
gcry_error
=
gcry_cipher_reset
(
cipher_handle
);
if
(
gcry_error
)
{
msg
(
"%s:encryption: unable to reset libgcrypt"
" cipher - %s : %s
\n
"
,
my_progname
,
gcry_strsource
(
gcry_error
),
gcry_strerror
(
gcry_error
));
return
gcry_error
;
}
if
(
iv_len
>
0
)
{
gcry_error
=
gcry_cipher_setctr
(
cipher_handle
,
iv
,
iv_len
);
}
if
(
gcry_error
)
{
msg
(
"%s:encryption: unable to set cipher iv - "
"%s : %s
\n
"
,
my_progname
,
gcry_strsource
(
gcry_error
),
gcry_strerror
(
gcry_error
));
return
gcry_error
;
}
/* Try to decrypt it */
gcry_error
=
gcry_cipher_decrypt
(
cipher_handle
,
to
,
*
to_len
,
from
,
from_len
);
if
(
gcry_error
)
{
msg
(
"%s:encryption: unable to decrypt chunk - "
"%s : %s
\n
"
,
my_progname
,
gcry_strsource
(
gcry_error
),
gcry_strerror
(
gcry_error
));
gcry_cipher_close
(
cipher_handle
);
return
gcry_error
;
}
if
(
hash_appended
)
{
uchar
hash
[
XB_CRYPT_HASH_LEN
];
*
to_len
-=
XB_CRYPT_HASH_LEN
;
/* ensure that XB_CRYPT_HASH_LEN is the correct length
of XB_CRYPT_HASH hashing algorithm output */
xb_ad
(
gcry_md_get_algo_dlen
(
XB_CRYPT_HASH
)
==
XB_CRYPT_HASH_LEN
);
gcry_md_hash_buffer
(
XB_CRYPT_HASH
,
hash
,
to
,
*
to_len
);
if
(
memcmp
(
hash
,
(
char
*
)
to
+
*
to_len
,
XB_CRYPT_HASH_LEN
)
!=
0
)
{
msg
(
"%s:%s invalid plaintext hash. "
"Wrong encrytion key specified?
\n
"
,
my_progname
,
__FUNCTION__
);
return
1
;
}
}
}
else
{
memcpy
(
to
,
from
,
*
to_len
);
}
return
0
;
}
gcry_error_t
xb_crypt_encrypt
(
gcry_cipher_hd_t
cipher_handle
,
const
uchar
*
from
,
size_t
from_len
,
uchar
*
to
,
size_t
*
to_len
,
uchar
*
iv
)
{
gcry_error_t
gcry_error
;
/* ensure that XB_CRYPT_HASH_LEN is the correct length
of XB_CRYPT_HASH hashing algorithm output */
xb_ad
(
gcry_md_get_algo_dlen
(
XB_CRYPT_HASH
)
==
XB_CRYPT_HASH_LEN
);
memcpy
(
to
,
from
,
from_len
);
gcry_md_hash_buffer
(
XB_CRYPT_HASH
,
to
+
from_len
,
from
,
from_len
);
*
to_len
=
from_len
;
if
(
encrypt_algo
!=
GCRY_CIPHER_NONE
)
{
gcry_error
=
gcry_cipher_reset
(
cipher_handle
);
if
(
gcry_error
)
{
msg
(
"encrypt: unable to reset cipher - "
"%s : %s
\n
"
,
gcry_strsource
(
gcry_error
),
gcry_strerror
(
gcry_error
));
return
gcry_error
;
}
xb_crypt_create_iv
(
iv
,
encrypt_iv_len
);
gcry_error
=
gcry_cipher_setctr
(
cipher_handle
,
iv
,
encrypt_iv_len
);
if
(
gcry_error
)
{
msg
(
"encrypt: unable to set cipher ctr - "
"%s : %s
\n
"
,
gcry_strsource
(
gcry_error
),
gcry_strerror
(
gcry_error
));
return
gcry_error
;
}
gcry_error
=
gcry_cipher_encrypt
(
cipher_handle
,
to
,
*
to_len
+
XB_CRYPT_HASH_LEN
,
to
,
from_len
+
XB_CRYPT_HASH_LEN
);
if
(
gcry_error
)
{
msg
(
"encrypt: unable to encrypt buffer - "
"%s : %s
\n
"
,
gcry_strsource
(
gcry_error
),
gcry_strerror
(
gcry_error
));
return
gcry_error
;
}
}
else
{
memcpy
(
to
,
from
,
from_len
+
XB_CRYPT_HASH_LEN
);
}
*
to_len
+=
XB_CRYPT_HASH_LEN
;
return
0
;
}
#endif
\ No newline at end of file
extra/mariabackup/xbcrypt_common.h
deleted
100644 → 0
View file @
7e22050e
/******************************************************
Copyright (c) 2017 Percona LLC and/or its affiliates.
Encryption datasink implementation for XtraBackup.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*******************************************************/
#include <my_base.h>
#if HAVE_GCRYPT
#if GCC_VERSION >= 4002
/* Workaround to avoid "gcry_ac_* is deprecated" warnings in gcrypt.h */
# pragma GCC diagnostic ignored "-Wdeprecated-declarations"
#endif
#include <gcrypt.h>
extern
char
*
ds_encrypt_key
;
extern
char
*
ds_encrypt_key_file
;
extern
int
ds_encrypt_threads
;
extern
ulong
ds_encrypt_algo
;
/******************************************************************************
Utility interface */
my_bool
xb_crypt_read_key_file
(
const
char
*
filename
,
void
**
key
,
uint
*
keylength
);
void
xb_crypt_create_iv
(
void
*
ivbuf
,
size_t
ivlen
);
/* Initialize gcrypt and setup encryption key and IV lengths */
gcry_error_t
xb_crypt_init
(
uint
*
iv_len
);
/* Setup gcrypt cipher */
gcry_error_t
xb_crypt_cipher_open
(
gcry_cipher_hd_t
*
cipher_handle
);
/* Close gcrypt cipher */
void
xb_crypt_cipher_close
(
gcry_cipher_hd_t
cipher_handle
);
/* Decrypt buffer */
gcry_error_t
xb_crypt_decrypt
(
gcry_cipher_hd_t
cipher_handle
,
const
uchar
*
from
,
size_t
from_len
,
uchar
*
to
,
size_t
*
to_len
,
const
uchar
*
iv
,
size_t
iv_len
,
my_bool
hash_appended
);
/* Encrypt buffer */
gcry_error_t
xb_crypt_encrypt
(
gcry_cipher_hd_t
cipher_handle
,
const
uchar
*
from
,
size_t
from_len
,
uchar
*
to
,
size_t
*
to_len
,
uchar
*
iv
);
#endif
extra/mariabackup/xbcrypt_read.c
deleted
100644 → 0
View file @
7e22050e
/******************************************************
Copyright (c) 2013 Percona LLC and/or its affiliates.
The xbcrypt format reader implementation.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*******************************************************/
#include "xbcrypt.h"
#include "crc_glue.h"
struct
xb_rcrypt_struct
{
void
*
userdata
;
xb_crypt_read_callback
*
read
;
void
*
buffer
;
size_t
bufsize
;
void
*
ivbuffer
;
size_t
ivbufsize
;
ulonglong
offset
;
};
xb_rcrypt_t
*
xb_crypt_read_open
(
void
*
userdata
,
xb_crypt_read_callback
*
onread
)
{
xb_rcrypt_t
*
crypt
;
xb_ad
(
onread
);
crypt
=
(
xb_rcrypt_t
*
)
my_malloc
(
sizeof
(
xb_rcrypt_t
),
MYF
(
MY_FAE
));
crypt
->
userdata
=
userdata
;
crypt
->
read
=
onread
;
crypt
->
buffer
=
NULL
;
crypt
->
bufsize
=
0
;
crypt
->
offset
=
0
;
crypt
->
ivbuffer
=
NULL
;
crypt
->
ivbufsize
=
0
;
return
crypt
;
}
xb_rcrypt_result_t
xb_crypt_read_chunk
(
xb_rcrypt_t
*
crypt
,
void
**
buf
,
size_t
*
olen
,
size_t
*
elen
,
void
**
iv
,
size_t
*
ivlen
,
my_bool
*
hash_appended
)
{
uchar
tmpbuf
[
XB_CRYPT_CHUNK_MAGIC_SIZE
+
8
+
8
+
8
+
4
];
uchar
*
ptr
;
ulonglong
tmp
;
ulong
checksum
,
checksum_exp
,
version
;
size_t
bytesread
;
xb_rcrypt_result_t
result
=
XB_CRYPT_READ_CHUNK
;
if
((
bytesread
=
crypt
->
read
(
crypt
->
userdata
,
tmpbuf
,
sizeof
(
tmpbuf
)))
!=
sizeof
(
tmpbuf
))
{
if
(
bytesread
==
0
)
{
result
=
XB_CRYPT_READ_EOF
;
goto
err
;
}
else
{
msg
(
"%s:%s: unable to read chunk header data at "
"offset 0x%llx.
\n
"
,
my_progname
,
__FUNCTION__
,
crypt
->
offset
);
result
=
XB_CRYPT_READ_ERROR
;
goto
err
;
}
}
ptr
=
tmpbuf
;
if
(
memcmp
(
ptr
,
XB_CRYPT_CHUNK_MAGIC3
,
XB_CRYPT_CHUNK_MAGIC_SIZE
)
==
0
)
{
version
=
3
;
}
else
if
(
memcmp
(
ptr
,
XB_CRYPT_CHUNK_MAGIC2
,
XB_CRYPT_CHUNK_MAGIC_SIZE
)
==
0
)
{
version
=
2
;
}
else
if
(
memcmp
(
ptr
,
XB_CRYPT_CHUNK_MAGIC1
,
XB_CRYPT_CHUNK_MAGIC_SIZE
)
==
0
)
{
version
=
1
;
}
else
{
msg
(
"%s:%s: wrong chunk magic at offset 0x%llx.
\n
"
,
my_progname
,
__FUNCTION__
,
crypt
->
offset
);
result
=
XB_CRYPT_READ_ERROR
;
goto
err
;
}
ptr
+=
XB_CRYPT_CHUNK_MAGIC_SIZE
;
crypt
->
offset
+=
XB_CRYPT_CHUNK_MAGIC_SIZE
;
tmp
=
uint8korr
(
ptr
);
/* reserved */
ptr
+=
8
;
crypt
->
offset
+=
8
;
tmp
=
uint8korr
(
ptr
);
/* original size */
ptr
+=
8
;
if
(
tmp
>
INT_MAX
)
{
msg
(
"%s:%s: invalid original size at offset 0x%llx.
\n
"
,
my_progname
,
__FUNCTION__
,
crypt
->
offset
);
result
=
XB_CRYPT_READ_ERROR
;
goto
err
;
}
crypt
->
offset
+=
8
;
*
olen
=
(
size_t
)
tmp
;
tmp
=
uint8korr
(
ptr
);
/* encrypted size */
ptr
+=
8
;
if
(
tmp
>
INT_MAX
)
{
msg
(
"%s:%s: invalid encrypted size at offset 0x%llx.
\n
"
,
my_progname
,
__FUNCTION__
,
crypt
->
offset
);
result
=
XB_CRYPT_READ_ERROR
;
goto
err
;
}
crypt
->
offset
+=
8
;
*
elen
=
(
size_t
)
tmp
;
checksum_exp
=
uint4korr
(
ptr
);
/* checksum */
ptr
+=
4
;
crypt
->
offset
+=
4
;
/* iv size */
if
(
version
==
1
)
{
*
ivlen
=
0
;
*
iv
=
0
;
}
else
{
if
((
bytesread
=
crypt
->
read
(
crypt
->
userdata
,
tmpbuf
,
8
))
!=
8
)
{
if
(
bytesread
==
0
)
{
result
=
XB_CRYPT_READ_EOF
;
goto
err
;
}
else
{
msg
(
"%s:%s: unable to read chunk iv size at "
"offset 0x%llx.
\n
"
,
my_progname
,
__FUNCTION__
,
crypt
->
offset
);
result
=
XB_CRYPT_READ_ERROR
;
goto
err
;
}
}
tmp
=
uint8korr
(
tmpbuf
);
if
(
tmp
>
INT_MAX
)
{
msg
(
"%s:%s: invalid iv size at offset 0x%llx.
\n
"
,
my_progname
,
__FUNCTION__
,
crypt
->
offset
);
result
=
XB_CRYPT_READ_ERROR
;
goto
err
;
}
crypt
->
offset
+=
8
;
*
ivlen
=
(
size_t
)
tmp
;
}
if
(
*
ivlen
>
crypt
->
ivbufsize
)
{
crypt
->
ivbuffer
=
my_realloc
(
crypt
->
ivbuffer
,
*
ivlen
,
MYF
(
MY_WME
|
MY_ALLOW_ZERO_PTR
));
if
(
crypt
->
ivbuffer
==
NULL
)
{
msg
(
"%s:%s: failed to increase iv buffer to "
"%llu bytes.
\n
"
,
my_progname
,
__FUNCTION__
,
(
ulonglong
)
*
ivlen
);
result
=
XB_CRYPT_READ_ERROR
;
goto
err
;
}
crypt
->
ivbufsize
=
*
ivlen
;
}
if
(
*
ivlen
>
0
)
{
if
(
crypt
->
read
(
crypt
->
userdata
,
crypt
->
ivbuffer
,
*
ivlen
)
!=
*
ivlen
)
{
msg
(
"%s:%s: failed to read %lld bytes for chunk iv "
"at offset 0x%llx.
\n
"
,
my_progname
,
__FUNCTION__
,
(
ulonglong
)
*
ivlen
,
crypt
->
offset
);
result
=
XB_CRYPT_READ_ERROR
;
goto
err
;
}
*
iv
=
crypt
->
ivbuffer
;
}
/* for version euqals 2 we need to read in the iv data but do not init
CTR with it */
if
(
version
==
2
)
{
*
ivlen
=
0
;
*
iv
=
0
;
}
if
(
*
olen
>
crypt
->
bufsize
)
{
crypt
->
buffer
=
my_realloc
(
crypt
->
buffer
,
*
olen
,
MYF
(
MY_WME
|
MY_ALLOW_ZERO_PTR
));
if
(
crypt
->
buffer
==
NULL
)
{
msg
(
"%s:%s: failed to increase buffer to "
"%llu bytes.
\n
"
,
my_progname
,
__FUNCTION__
,
(
ulonglong
)
*
olen
);
result
=
XB_CRYPT_READ_ERROR
;
goto
err
;
}
crypt
->
bufsize
=
*
olen
;
}
if
(
*
elen
>
0
)
{
if
(
crypt
->
read
(
crypt
->
userdata
,
crypt
->
buffer
,
*
elen
)
!=
*
elen
)
{
msg
(
"%s:%s: failed to read %lld bytes for chunk payload "
"at offset 0x%llx.
\n
"
,
my_progname
,
__FUNCTION__
,
(
ulonglong
)
*
elen
,
crypt
->
offset
);
result
=
XB_CRYPT_READ_ERROR
;
goto
err
;
}
}
checksum
=
crc32_iso3309
(
0
,
crypt
->
buffer
,
*
elen
);
if
(
checksum
!=
checksum_exp
)
{
msg
(
"%s:%s invalid checksum at offset 0x%llx, "
"expected 0x%lx, actual 0x%lx.
\n
"
,
my_progname
,
__FUNCTION__
,
crypt
->
offset
,
checksum_exp
,
checksum
);
result
=
XB_CRYPT_READ_ERROR
;
goto
err
;
}
crypt
->
offset
+=
*
elen
;
*
buf
=
crypt
->
buffer
;
*
hash_appended
=
version
>
2
;
goto
exit
;
err:
*
buf
=
NULL
;
*
olen
=
0
;
*
elen
=
0
;
*
ivlen
=
0
;
*
iv
=
0
;
exit:
return
result
;
}
int
xb_crypt_read_close
(
xb_rcrypt_t
*
crypt
)
{
if
(
crypt
->
buffer
)
my_free
(
crypt
->
buffer
);
if
(
crypt
->
ivbuffer
)
my_free
(
crypt
->
ivbuffer
);
my_free
(
crypt
);
return
0
;
}
extra/mariabackup/xbcrypt_write.c
deleted
100644 → 0
View file @
7e22050e
/******************************************************
Copyright (c) 2013 Percona LLC and/or its affiliates.
The xbcrypt format writer implementation.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*******************************************************/
#include "xbcrypt.h"
#include "crc_glue.h"
struct
xb_wcrypt_struct
{
void
*
userdata
;
xb_crypt_write_callback
*
write
;
};
xb_wcrypt_t
*
xb_crypt_write_open
(
void
*
userdata
,
xb_crypt_write_callback
*
onwrite
)
{
xb_wcrypt_t
*
crypt
;
xb_ad
(
onwrite
);
crypt
=
(
xb_wcrypt_t
*
)
my_malloc
(
sizeof
(
xb_wcrypt_t
),
MYF
(
MY_FAE
));
crypt
->
userdata
=
userdata
;
crypt
->
write
=
onwrite
;
return
crypt
;
}
int
xb_crypt_write_chunk
(
xb_wcrypt_t
*
crypt
,
const
void
*
buf
,
size_t
olen
,
size_t
elen
,
const
void
*
iv
,
size_t
ivlen
)
{
uchar
tmpbuf
[
XB_CRYPT_CHUNK_MAGIC_SIZE
+
8
+
8
+
8
+
4
+
8
];
uchar
*
ptr
;
ulong
checksum
;
xb_ad
(
olen
<=
INT_MAX
);
if
(
olen
>
INT_MAX
)
return
0
;
xb_ad
(
elen
<=
INT_MAX
);
if
(
elen
>
INT_MAX
)
return
0
;
xb_ad
(
ivlen
<=
INT_MAX
);
if
(
ivlen
>
INT_MAX
)
return
0
;
ptr
=
tmpbuf
;
memcpy
(
ptr
,
XB_CRYPT_CHUNK_MAGIC_CURRENT
,
XB_CRYPT_CHUNK_MAGIC_SIZE
);
ptr
+=
XB_CRYPT_CHUNK_MAGIC_SIZE
;
int8store
(
ptr
,
(
ulonglong
)
0
);
/* reserved */
ptr
+=
8
;
int8store
(
ptr
,
(
ulonglong
)
olen
);
/* original size */
ptr
+=
8
;
int8store
(
ptr
,
(
ulonglong
)
elen
);
/* encrypted (actual) size */
ptr
+=
8
;
checksum
=
crc32_iso3309
(
0
,
buf
,
elen
);
int4store
(
ptr
,
checksum
);
/* checksum */
ptr
+=
4
;
int8store
(
ptr
,
(
ulonglong
)
ivlen
);
/* iv size */
ptr
+=
8
;
xb_ad
(
ptr
<=
tmpbuf
+
sizeof
(
tmpbuf
));
if
(
crypt
->
write
(
crypt
->
userdata
,
tmpbuf
,
ptr
-
tmpbuf
)
==
-
1
)
return
1
;
if
(
crypt
->
write
(
crypt
->
userdata
,
iv
,
ivlen
)
==
-
1
)
return
1
;
if
(
crypt
->
write
(
crypt
->
userdata
,
buf
,
elen
)
==
-
1
)
return
1
;
return
0
;
}
int
xb_crypt_write_close
(
xb_wcrypt_t
*
crypt
)
{
my_free
(
crypt
);
return
0
;
}
extra/mariabackup/xbstream.c
View file @
cede2b6f
...
@@ -25,9 +25,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
...
@@ -25,9 +25,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
#include <my_pthread.h>
#include <my_pthread.h>
#include "common.h"
#include "common.h"
#include "xbstream.h"
#include "xbstream.h"
#include "xbcrypt_common.h"
#include "datasink.h"
#include "datasink.h"
#include "ds_decrypt.h"
#include "crc_glue.h"
#include "crc_glue.h"
#define XBSTREAM_VERSION "1.0"
#define XBSTREAM_VERSION "1.0"
...
@@ -41,33 +39,18 @@ typedef enum {
...
@@ -41,33 +39,18 @@ typedef enum {
RUN_MODE_EXTRACT
RUN_MODE_EXTRACT
}
run_mode_t
;
}
run_mode_t
;
const
char
*
xbstream_encrypt_algo_names
[]
=
{
"NONE"
,
"AES128"
,
"AES192"
,
"AES256"
,
NullS
};
TYPELIB
xbstream_encrypt_algo_typelib
=
{
array_elements
(
xbstream_encrypt_algo_names
)
-
1
,
""
,
xbstream_encrypt_algo_names
,
NULL
};
/* Need the following definitions to avoid linking with ds_*.o and their link
/* Need the following definitions to avoid linking with ds_*.o and their link
dependencies */
dependencies */
datasink_t
datasink_archive
;
datasink_t
datasink_archive
;
datasink_t
datasink_xbstream
;
datasink_t
datasink_xbstream
;
datasink_t
datasink_compress
;
datasink_t
datasink_compress
;
datasink_t
datasink_tmpfile
;
datasink_t
datasink_tmpfile
;
datasink_t
datasink_encrypt
;
datasink_t
datasink_buffer
;
datasink_t
datasink_buffer
;
static
run_mode_t
opt_mode
;
static
run_mode_t
opt_mode
;
static
char
*
opt_directory
=
NULL
;
static
char
*
opt_directory
=
NULL
;
static
my_bool
opt_verbose
=
0
;
static
my_bool
opt_verbose
=
0
;
static
int
opt_parallel
=
1
;
static
int
opt_parallel
=
1
;
static
ulong
opt_encrypt_algo
;
static
char
*
opt_encrypt_key_file
=
NULL
;
static
void
*
opt_encrypt_key
=
NULL
;
static
int
opt_encrypt_threads
=
1
;
enum
{
OPT_ENCRYPT_THREADS
=
256
};
static
struct
my_option
my_long_options
[]
=
static
struct
my_option
my_long_options
[]
=
{
{
...
@@ -86,20 +69,6 @@ static struct my_option my_long_options[] =
...
@@ -86,20 +69,6 @@ static struct my_option my_long_options[] =
{
"parallel"
,
'p'
,
"Number of worker threads for reading / writing."
,
{
"parallel"
,
'p'
,
"Number of worker threads for reading / writing."
,
&
opt_parallel
,
&
opt_parallel
,
0
,
GET_INT
,
REQUIRED_ARG
,
&
opt_parallel
,
&
opt_parallel
,
0
,
GET_INT
,
REQUIRED_ARG
,
1
,
1
,
INT_MAX
,
0
,
0
,
0
},
1
,
1
,
INT_MAX
,
0
,
0
,
0
},
{
"decrypt"
,
'd'
,
"Decrypt files ending with .xbcrypt."
,
&
opt_encrypt_algo
,
&
opt_encrypt_algo
,
&
xbstream_encrypt_algo_typelib
,
GET_ENUM
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"encrypt-key"
,
'k'
,
"Encryption key."
,
&
opt_encrypt_key
,
&
opt_encrypt_key
,
0
,
GET_STR_ALLOC
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"encrypt-key-file"
,
'f'
,
"File which contains encryption key."
,
&
opt_encrypt_key_file
,
&
opt_encrypt_key_file
,
0
,
GET_STR_ALLOC
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"encrypt-threads"
,
OPT_ENCRYPT_THREADS
,
"Number of threads for parallel data encryption. "
"The default value is 1."
,
&
opt_encrypt_threads
,
&
opt_encrypt_threads
,
0
,
GET_INT
,
REQUIRED_ARG
,
1
,
1
,
INT_MAX
,
0
,
0
,
0
},
{
0
,
0
,
0
,
0
,
0
,
0
,
GET_NO_ARG
,
NO_ARG
,
0
,
0
,
0
,
0
,
0
,
0
}
{
0
,
0
,
0
,
0
,
0
,
0
,
GET_NO_ARG
,
NO_ARG
,
0
,
0
,
0
,
0
,
0
,
0
}
};
};
...
@@ -108,7 +77,6 @@ typedef struct {
...
@@ -108,7 +77,6 @@ typedef struct {
HASH
*
filehash
;
HASH
*
filehash
;
xb_rstream_t
*
stream
;
xb_rstream_t
*
stream
;
ds_ctxt_t
*
ds_ctxt
;
ds_ctxt_t
*
ds_ctxt
;
ds_ctxt_t
*
ds_decrypt_ctxt
;
pthread_mutex_t
*
mutex
;
pthread_mutex_t
*
mutex
;
}
extract_ctxt_t
;
}
extract_ctxt_t
;
...
@@ -348,19 +316,6 @@ mode_create(int argc, char **argv)
...
@@ -348,19 +316,6 @@ mode_create(int argc, char **argv)
return
1
;
return
1
;
}
}
/************************************************************************
Check if string ends with given suffix.
@return true if string ends with given suffix. */
static
my_bool
ends_with
(
const
char
*
str
,
const
char
*
suffix
)
{
size_t
suffix_len
=
strlen
(
suffix
);
size_t
str_len
=
strlen
(
str
);
return
(
str_len
>=
suffix_len
&&
strcmp
(
str
+
str_len
-
suffix_len
,
suffix
)
==
0
);
}
static
static
file_entry_t
*
file_entry_t
*
file_entry_new
(
extract_ctxt_t
*
ctxt
,
const
char
*
path
,
uint
pathlen
)
file_entry_new
(
extract_ctxt_t
*
ctxt
,
const
char
*
path
,
uint
pathlen
)
...
@@ -380,11 +335,8 @@ file_entry_new(extract_ctxt_t *ctxt, const char *path, uint pathlen)
...
@@ -380,11 +335,8 @@ file_entry_new(extract_ctxt_t *ctxt, const char *path, uint pathlen)
}
}
entry
->
pathlen
=
pathlen
;
entry
->
pathlen
=
pathlen
;
if
(
ctxt
->
ds_decrypt_ctxt
&&
ends_with
(
path
,
".xbcrypt"
))
{
file
=
ds_open
(
ctxt
->
ds_decrypt_ctxt
,
path
,
NULL
);
}
else
{
file
=
ds_open
(
ctxt
->
ds_ctxt
,
path
,
NULL
);
file
=
ds_open
(
ctxt
->
ds_ctxt
,
path
,
NULL
);
}
if
(
file
==
NULL
)
{
if
(
file
==
NULL
)
{
msg
(
"%s: failed to create file.
\n
"
,
my_progname
);
msg
(
"%s: failed to create file.
\n
"
,
my_progname
);
goto
err
;
goto
err
;
...
@@ -534,7 +486,6 @@ mode_extract(int n_threads, int argc __attribute__((unused)),
...
@@ -534,7 +486,6 @@ mode_extract(int n_threads, int argc __attribute__((unused)),
xb_rstream_t
*
stream
=
NULL
;
xb_rstream_t
*
stream
=
NULL
;
HASH
filehash
;
HASH
filehash
;
ds_ctxt_t
*
ds_ctxt
=
NULL
;
ds_ctxt_t
*
ds_ctxt
=
NULL
;
ds_ctxt_t
*
ds_decrypt_ctxt
=
NULL
;
extract_ctxt_t
ctxt
;
extract_ctxt_t
ctxt
;
int
i
;
int
i
;
pthread_t
*
tids
=
NULL
;
pthread_t
*
tids
=
NULL
;
...
@@ -574,7 +525,6 @@ mode_extract(int n_threads, int argc __attribute__((unused)),
...
@@ -574,7 +525,6 @@ mode_extract(int n_threads, int argc __attribute__((unused)),
ctxt
.
stream
=
stream
;
ctxt
.
stream
=
stream
;
ctxt
.
filehash
=
&
filehash
;
ctxt
.
filehash
=
&
filehash
;
ctxt
.
ds_ctxt
=
ds_ctxt
;
ctxt
.
ds_ctxt
=
ds_ctxt
;
ctxt
.
ds_decrypt_ctxt
=
ds_decrypt_ctxt
;
ctxt
.
mutex
=
&
mutex
;
ctxt
.
mutex
=
&
mutex
;
tids
=
malloc
(
sizeof
(
pthread_t
)
*
n_threads
);
tids
=
malloc
(
sizeof
(
pthread_t
)
*
n_threads
);
...
@@ -604,9 +554,6 @@ mode_extract(int n_threads, int argc __attribute__((unused)),
...
@@ -604,9 +554,6 @@ mode_extract(int n_threads, int argc __attribute__((unused)),
if
(
ds_ctxt
!=
NULL
)
{
if
(
ds_ctxt
!=
NULL
)
{
ds_destroy
(
ds_ctxt
);
ds_destroy
(
ds_ctxt
);
}
}
if
(
ds_decrypt_ctxt
)
{
ds_destroy
(
ds_decrypt_ctxt
);
}
xb_stream_read_done
(
stream
);
xb_stream_read_done
(
stream
);
return
ret
;
return
ret
;
...
...
extra/mariabackup/xtrabackup.cc
View file @
cede2b6f
...
@@ -195,19 +195,6 @@ ibool xtrabackup_compress = FALSE;
...
@@ -195,19 +195,6 @@ ibool xtrabackup_compress = FALSE;
uint
xtrabackup_compress_threads
;
uint
xtrabackup_compress_threads
;
ulonglong
xtrabackup_compress_chunk_size
=
0
;
ulonglong
xtrabackup_compress_chunk_size
=
0
;
const
char
*
xtrabackup_encrypt_algo_names
[]
=
{
"NONE"
,
"AES128"
,
"AES192"
,
"AES256"
,
NullS
};
TYPELIB
xtrabackup_encrypt_algo_typelib
=
{
array_elements
(
xtrabackup_encrypt_algo_names
)
-
1
,
""
,
xtrabackup_encrypt_algo_names
,
NULL
};
ibool
xtrabackup_encrypt
=
FALSE
;
ulong
xtrabackup_encrypt_algo
;
char
*
xtrabackup_encrypt_key
=
NULL
;
char
*
xtrabackup_encrypt_key_file
=
NULL
;
uint
xtrabackup_encrypt_threads
;
ulonglong
xtrabackup_encrypt_chunk_size
=
0
;
/* sleep interval beetween log copy iterations in log copying thread
/* sleep interval beetween log copy iterations in log copying thread
in milliseconds (default is 1 second) */
in milliseconds (default is 1 second) */
ulint
xtrabackup_log_copy_interval
=
1000
;
ulint
xtrabackup_log_copy_interval
=
1000
;
...
@@ -366,8 +353,6 @@ TYPELIB query_type_typelib= {array_elements(query_type_names) - 1, "",
...
@@ -366,8 +353,6 @@ TYPELIB query_type_typelib= {array_elements(query_type_names) - 1, "",
ulong
opt_lock_wait_query_type
;
ulong
opt_lock_wait_query_type
;
ulong
opt_kill_long_query_type
;
ulong
opt_kill_long_query_type
;
ulong
opt_decrypt_algo
=
0
;
uint
opt_kill_long_queries_timeout
=
0
;
uint
opt_kill_long_queries_timeout
=
0
;
uint
opt_lock_wait_timeout
=
0
;
uint
opt_lock_wait_timeout
=
0
;
uint
opt_lock_wait_threshold
=
0
;
uint
opt_lock_wait_threshold
=
0
;
...
@@ -375,7 +360,6 @@ uint opt_debug_sleep_before_unlock = 0;
...
@@ -375,7 +360,6 @@ uint opt_debug_sleep_before_unlock = 0;
uint
opt_safe_slave_backup_timeout
=
0
;
uint
opt_safe_slave_backup_timeout
=
0
;
const
char
*
opt_history
=
NULL
;
const
char
*
opt_history
=
NULL
;
my_bool
opt_decrypt
=
FALSE
;
#if defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
my_bool
opt_ssl_verify_server_cert
=
FALSE
;
my_bool
opt_ssl_verify_server_cert
=
FALSE
;
...
@@ -501,11 +485,6 @@ enum options_xtrabackup
...
@@ -501,11 +485,6 @@ enum options_xtrabackup
OPT_XTRA_COMPRESS
,
OPT_XTRA_COMPRESS
,
OPT_XTRA_COMPRESS_THREADS
,
OPT_XTRA_COMPRESS_THREADS
,
OPT_XTRA_COMPRESS_CHUNK_SIZE
,
OPT_XTRA_COMPRESS_CHUNK_SIZE
,
OPT_XTRA_ENCRYPT
,
OPT_XTRA_ENCRYPT_KEY
,
OPT_XTRA_ENCRYPT_KEY_FILE
,
OPT_XTRA_ENCRYPT_THREADS
,
OPT_XTRA_ENCRYPT_CHUNK_SIZE
,
OPT_LOG
,
OPT_LOG
,
OPT_INNODB
,
OPT_INNODB
,
OPT_INNODB_CHECKSUMS
,
OPT_INNODB_CHECKSUMS
,
...
@@ -576,7 +555,6 @@ enum options_xtrabackup
...
@@ -576,7 +555,6 @@ enum options_xtrabackup
OPT_DECOMPRESS
,
OPT_DECOMPRESS
,
OPT_INCREMENTAL_HISTORY_NAME
,
OPT_INCREMENTAL_HISTORY_NAME
,
OPT_INCREMENTAL_HISTORY_UUID
,
OPT_INCREMENTAL_HISTORY_UUID
,
OPT_DECRYPT
,
OPT_REMOVE_ORIGINAL
,
OPT_REMOVE_ORIGINAL
,
OPT_LOCK_WAIT_QUERY_TYPE
,
OPT_LOCK_WAIT_QUERY_TYPE
,
OPT_KILL_LONG_QUERY_TYPE
,
OPT_KILL_LONG_QUERY_TYPE
,
...
@@ -699,29 +677,6 @@ struct my_option xb_client_options[] =
...
@@ -699,29 +677,6 @@ struct my_option xb_client_options[] =
(
G_PTR
*
)
&
xtrabackup_compress_chunk_size
,
(
G_PTR
*
)
&
xtrabackup_compress_chunk_size
,
(
G_PTR
*
)
&
xtrabackup_compress_chunk_size
,
(
G_PTR
*
)
&
xtrabackup_compress_chunk_size
,
0
,
GET_ULL
,
REQUIRED_ARG
,
(
1
<<
16
),
1024
,
ULONGLONG_MAX
,
0
,
0
,
0
},
0
,
GET_ULL
,
REQUIRED_ARG
,
(
1
<<
16
),
1024
,
ULONGLONG_MAX
,
0
,
0
,
0
},
{
"encrypt"
,
OPT_XTRA_ENCRYPT
,
"Encrypt individual backup files using the "
"specified encryption algorithm."
,
&
xtrabackup_encrypt_algo
,
&
xtrabackup_encrypt_algo
,
&
xtrabackup_encrypt_algo_typelib
,
GET_ENUM
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"encrypt-key"
,
OPT_XTRA_ENCRYPT_KEY
,
"Encryption key to use."
,
(
G_PTR
*
)
&
xtrabackup_encrypt_key
,
(
G_PTR
*
)
&
xtrabackup_encrypt_key
,
0
,
GET_STR_ALLOC
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"encrypt-key-file"
,
OPT_XTRA_ENCRYPT_KEY_FILE
,
"File which contains encryption key to use."
,
(
G_PTR
*
)
&
xtrabackup_encrypt_key_file
,
(
G_PTR
*
)
&
xtrabackup_encrypt_key_file
,
0
,
GET_STR_ALLOC
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"encrypt-threads"
,
OPT_XTRA_ENCRYPT_THREADS
,
"Number of threads for parallel data encryption. The default value is 1."
,
(
G_PTR
*
)
&
xtrabackup_encrypt_threads
,
(
G_PTR
*
)
&
xtrabackup_encrypt_threads
,
0
,
GET_UINT
,
REQUIRED_ARG
,
1
,
1
,
UINT_MAX
,
0
,
0
,
0
},
{
"encrypt-chunk-size"
,
OPT_XTRA_ENCRYPT_CHUNK_SIZE
,
"Size of working buffer(S) for encryption threads in bytes. The default value is 64K."
,
(
G_PTR
*
)
&
xtrabackup_encrypt_chunk_size
,
(
G_PTR
*
)
&
xtrabackup_encrypt_chunk_size
,
0
,
GET_ULL
,
REQUIRED_ARG
,
(
1
<<
16
),
1024
,
ULONGLONG_MAX
,
0
,
0
,
0
},
{
"incremental-force-scan"
,
OPT_XTRA_INCREMENTAL_FORCE_SCAN
,
{
"incremental-force-scan"
,
OPT_XTRA_INCREMENTAL_FORCE_SCAN
,
"Perform a full-scan incremental backup even in the presence of changed "
"Perform a full-scan incremental backup even in the presence of changed "
"page bitmap data"
,
"page bitmap data"
,
...
@@ -892,18 +847,6 @@ struct my_option xb_client_options[] =
...
@@ -892,18 +847,6 @@ struct my_option xb_client_options[] =
(
uchar
*
)
&
opt_incremental_history_uuid
,
0
,
GET_STR
,
(
uchar
*
)
&
opt_incremental_history_uuid
,
0
,
GET_STR
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"decrypt"
,
OPT_DECRYPT
,
"Decrypts all files with the .xbcrypt "
"extension in a backup previously made with --encrypt option."
,
&
opt_decrypt_algo
,
&
opt_decrypt_algo
,
&
xtrabackup_encrypt_algo_typelib
,
GET_ENUM
,
REQUIRED_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"remove-original"
,
OPT_REMOVE_ORIGINAL
,
"Remove .qp and .xbcrypt files "
"after decryption and decompression."
,
(
uchar
*
)
&
opt_remove_original
,
(
uchar
*
)
&
opt_remove_original
,
0
,
GET_BOOL
,
NO_ARG
,
0
,
0
,
0
,
0
,
0
,
0
},
{
"ftwrl-wait-query-type"
,
OPT_LOCK_WAIT_QUERY_TYPE
,
{
"ftwrl-wait-query-type"
,
OPT_LOCK_WAIT_QUERY_TYPE
,
"This option specifies which types of queries are allowed to complete "
"This option specifies which types of queries are allowed to complete "
"before innobackupex will issue the global lock. Default is all."
,
"before innobackupex will issue the global lock. Default is all."
,
...
@@ -1421,24 +1364,6 @@ xb_get_one_option(int optid,
...
@@ -1421,24 +1364,6 @@ xb_get_one_option(int optid,
}
}
xtrabackup_compress
=
TRUE
;
xtrabackup_compress
=
TRUE
;
break
;
break
;
case
OPT_XTRA_ENCRYPT
:
if
(
argument
==
NULL
)
{
msg
(
"Missing --encrypt argument, must specify a valid encryption "
" algorithm.
\n
"
);
return
1
;
}
xtrabackup_encrypt
=
TRUE
;
break
;
case
OPT_DECRYPT
:
if
(
argument
==
NULL
)
{
msg
(
"Missing --decrypt argument, must specify a "
"valid encryption algorithm.
\n
"
);
return
(
1
);
}
opt_decrypt
=
TRUE
;
xtrabackup_decrypt_decompress
=
true
;
break
;
case
OPT_DECOMPRESS
:
case
OPT_DECOMPRESS
:
opt_decompress
=
TRUE
;
opt_decompress
=
TRUE
;
xtrabackup_decrypt_decompress
=
true
;
xtrabackup_decrypt_decompress
=
true
;
...
@@ -2377,25 +2302,13 @@ xb_get_copy_action(const char *dflt)
...
@@ -2377,25 +2302,13 @@ xb_get_copy_action(const char *dflt)
if
(
xtrabackup_stream
)
{
if
(
xtrabackup_stream
)
{
if
(
xtrabackup_compress
)
{
if
(
xtrabackup_compress
)
{
if
(
xtrabackup_encrypt
)
{
action
=
"Compressing, encrypting and streaming"
;
}
else
{
action
=
"Compressing and streaming"
;
action
=
"Compressing and streaming"
;
}
}
else
if
(
xtrabackup_encrypt
)
{
action
=
"Encrypting and streaming"
;
}
else
{
}
else
{
action
=
"Streaming"
;
action
=
"Streaming"
;
}
}
}
else
{
}
else
{
if
(
xtrabackup_compress
)
{
if
(
xtrabackup_compress
)
{
if
(
xtrabackup_encrypt
)
{
action
=
"Compressing and encrypting"
;
}
else
{
action
=
"Compressing"
;
action
=
"Compressing"
;
}
}
else
if
(
xtrabackup_encrypt
)
{
action
=
"Encrypting"
;
}
else
{
}
else
{
action
=
dflt
;
action
=
dflt
;
}
}
...
@@ -3069,28 +2982,6 @@ xtrabackup_init_datasinks(void)
...
@@ -3069,28 +2982,6 @@ xtrabackup_init_datasinks(void)
ds_redo
=
ds_meta
=
ds_data
;
ds_redo
=
ds_meta
=
ds_data
;
}
}
/* Encryption */
if
(
xtrabackup_encrypt
)
{
ds_ctxt_t
*
ds
;
ds
=
ds_create
(
xtrabackup_target_dir
,
DS_TYPE_ENCRYPT
);
xtrabackup_add_datasink
(
ds
);
ds_set_pipe
(
ds
,
ds_data
);
if
(
ds_data
!=
ds_meta
)
{
ds_data
=
ds
;
ds
=
ds_create
(
xtrabackup_target_dir
,
DS_TYPE_ENCRYPT
);
xtrabackup_add_datasink
(
ds
);
ds_set_pipe
(
ds
,
ds_meta
);
ds_redo
=
ds_meta
=
ds
;
}
else
{
ds_redo
=
ds_data
=
ds_meta
=
ds
;
}
}
/* Compression for ds_data and ds_redo */
/* Compression for ds_data and ds_redo */
if
(
xtrabackup_compress
)
{
if
(
xtrabackup_compress
)
{
ds_ctxt_t
*
ds
;
ds_ctxt_t
*
ds
;
...
@@ -6726,8 +6617,6 @@ xb_init()
...
@@ -6726,8 +6617,6 @@ xb_init()
if
(
opt_decompress
)
{
if
(
opt_decompress
)
{
mixed_options
[
n_mixed_options
++
]
=
"--decompress"
;
mixed_options
[
n_mixed_options
++
]
=
"--decompress"
;
}
else
if
(
opt_decrypt
)
{
mixed_options
[
n_mixed_options
++
]
=
"--decrypt"
;
}
}
if
(
xtrabackup_copy_back
)
{
if
(
xtrabackup_copy_back
)
{
...
...
extra/mariabackup/xtrabackup.h
View file @
cede2b6f
...
@@ -81,7 +81,6 @@ extern char *xtrabackup_tables_exclude;
...
@@ -81,7 +81,6 @@ extern char *xtrabackup_tables_exclude;
extern
char
*
xtrabackup_databases_exclude
;
extern
char
*
xtrabackup_databases_exclude
;
extern
ibool
xtrabackup_compress
;
extern
ibool
xtrabackup_compress
;
extern
ibool
xtrabackup_encrypt
;
extern
my_bool
xtrabackup_backup
;
extern
my_bool
xtrabackup_backup
;
extern
my_bool
xtrabackup_prepare
;
extern
my_bool
xtrabackup_prepare
;
...
@@ -92,15 +91,10 @@ extern my_bool xtrabackup_decrypt_decompress;
...
@@ -92,15 +91,10 @@ extern my_bool xtrabackup_decrypt_decompress;
extern
char
*
innobase_data_file_path
;
extern
char
*
innobase_data_file_path
;
extern
char
*
innobase_doublewrite_file
;
extern
char
*
innobase_doublewrite_file
;
extern
char
*
xtrabackup_encrypt_key
;
extern
char
*
xtrabackup_encrypt_key_file
;
extern
longlong
innobase_log_file_size
;
extern
longlong
innobase_log_file_size
;
extern
long
innobase_log_files_in_group
;
extern
long
innobase_log_files_in_group
;
extern
longlong
innobase_page_size
;
extern
longlong
innobase_page_size
;
extern
const
char
*
xtrabackup_encrypt_algo_names
[];
extern
TYPELIB
xtrabackup_encrypt_algo_typelib
;
extern
int
xtrabackup_parallel
;
extern
int
xtrabackup_parallel
;
extern
my_bool
xb_close_files
;
extern
my_bool
xb_close_files
;
...
@@ -113,9 +107,6 @@ extern "C"{
...
@@ -113,9 +107,6 @@ extern "C"{
#ifdef __cplusplus
#ifdef __cplusplus
}
}
#endif
#endif
extern
ulong
xtrabackup_encrypt_algo
;
extern
uint
xtrabackup_encrypt_threads
;
extern
ulonglong
xtrabackup_encrypt_chunk_size
;
extern
my_bool
xtrabackup_export
;
extern
my_bool
xtrabackup_export
;
extern
char
*
xtrabackup_incremental_basedir
;
extern
char
*
xtrabackup_incremental_basedir
;
extern
char
*
xtrabackup_extra_lsndir
;
extern
char
*
xtrabackup_extra_lsndir
;
...
@@ -158,8 +149,6 @@ extern TYPELIB query_type_typelib;
...
@@ -158,8 +149,6 @@ extern TYPELIB query_type_typelib;
extern
ulong
opt_lock_wait_query_type
;
extern
ulong
opt_lock_wait_query_type
;
extern
ulong
opt_kill_long_query_type
;
extern
ulong
opt_kill_long_query_type
;
extern
ulong
opt_decrypt_algo
;
extern
uint
opt_kill_long_queries_timeout
;
extern
uint
opt_kill_long_queries_timeout
;
extern
uint
opt_lock_wait_timeout
;
extern
uint
opt_lock_wait_timeout
;
extern
uint
opt_lock_wait_threshold
;
extern
uint
opt_lock_wait_threshold
;
...
@@ -167,7 +156,6 @@ extern uint opt_debug_sleep_before_unlock;
...
@@ -167,7 +156,6 @@ extern uint opt_debug_sleep_before_unlock;
extern
uint
opt_safe_slave_backup_timeout
;
extern
uint
opt_safe_slave_backup_timeout
;
extern
const
char
*
opt_history
;
extern
const
char
*
opt_history
;
extern
my_bool
opt_decrypt
;
enum
binlog_info_enum
{
BINLOG_INFO_OFF
,
BINLOG_INFO_LOCKLESS
,
BINLOG_INFO_ON
,
enum
binlog_info_enum
{
BINLOG_INFO_OFF
,
BINLOG_INFO_LOCKLESS
,
BINLOG_INFO_ON
,
BINLOG_INFO_AUTO
};
BINLOG_INFO_AUTO
};
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment