MDEV-11663 Create services for functionality used by plugins

Added service for
- encryption (AES)
- error reporting, e.g my_printf_error()

include/my_crypt.h

@@ -18,74 +18,7 @@
 #ifndef MY_CRYPT_INCLUDED
 #define MY_CRYPT_INCLUDED
 
-#include <my_global.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* return values from my_aes_encrypt/my_aes_decrypt functions */
-#define MY_AES_OK               0
-#define MY_AES_BAD_DATA         -100
-#define MY_AES_OPENSSL_ERROR    -101
-#define MY_AES_BAD_KEYSIZE      -102
-
-/* The block size for all supported algorithms */
-#define MY_AES_BLOCK_SIZE 16
-
-/* The max key length of all supported algorithms */
-#define MY_AES_MAX_KEY_LENGTH 32
-
-#define MY_AES_CTX_SIZE 512
-
-enum my_aes_mode {
-    MY_AES_ECB, MY_AES_CBC
-#ifdef HAVE_EncryptAes128Ctr
-  , MY_AES_CTR
-#endif
-#ifdef HAVE_EncryptAes128Gcm
-  , MY_AES_GCM
-#endif
-};
-
-int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags,
-                      const unsigned char* key, unsigned int klen,
-                      const unsigned char* iv, unsigned int ivlen);
-int my_aes_crypt_update(void *ctx, const uchar *src, uint slen,
-                        uchar *dst, uint *dlen);
-int my_aes_crypt_finish(void *ctx, uchar *dst, uint *dlen);
-int my_aes_crypt(enum my_aes_mode mode, int flags,
-                 const uchar *src, uint slen, uchar *dst, uint *dlen,
-                 const uchar *key, uint klen, const uchar *iv, uint ivlen);
-
-/*
-  calculate the length of the cyphertext from the length of the plaintext
-  for different AES encryption modes with padding enabled.
-  Without padding (ENCRYPTION_FLAG_NOPAD) cyphertext has the same length
-  as the plaintext
-*/
-static inline uint my_aes_get_size(enum my_aes_mode mode __attribute__((unused)), uint source_length)
-{
-#ifdef HAVE_EncryptAes128Ctr
-  if (mode == MY_AES_CTR)
-    return source_length;
-#ifdef HAVE_EncryptAes128Gcm
-  if (mode == MY_AES_GCM)
-    return source_length + MY_AES_BLOCK_SIZE;
-#endif
-#endif
-  return (source_length / MY_AES_BLOCK_SIZE + 1) * MY_AES_BLOCK_SIZE;
-}
-
-static inline uint my_aes_ctx_size(enum my_aes_mode mode __attribute__((unused)))
-{
-  return MY_AES_CTX_SIZE;
-}
-
-int my_random_bytes(uchar* buf, int num);
-
-#ifdef __cplusplus
-}
-#endif
+#include <my_config.h> /* HAVE_EncryptAes128{Ctr,Gcm} */
+#include <mysql/service_my_crypt.h>
 
 #endif /* MY_CRYPT_INCLUDED */

include/my_sys.h

@@ -42,6 +42,7 @@ typedef struct my_aio_result {
 #include <malloc.h> /*for alloca*/
 #endif
 #include <mysql/plugin.h>
+#include <mysql/service_my_print_error.h>
 
 #define MY_INIT(name)   { my_progname= name; my_init(); }
 
@@ -104,18 +105,10 @@ typedef struct my_aio_result {
 #define MY_GIVE_INFO	2	/* Give time info about process*/
 #define MY_DONT_FREE_DBUG 4     /* Do not call DBUG_END() in my_end() */
 
-#define ME_HIGHBYTE	8	/* Shift for colours */
-#define ME_NOCUR	1	/* Don't use curses message */
-#define ME_OLDWIN	2	/* Use old window */
-#define ME_BELL		4	/* Ring bell then printing message */
-#define ME_HOLDTANG	8	/* Don't delete last keys */
-#define ME_WAITTOT	16	/* Wait for errtime secs of for a action */
-#define ME_WAITTANG	32	/* Wait for a user action  */
-#define ME_NOREFRESH	64	/* Write the error message to error log */
-#define ME_NOINPUT	128	/* Dont use the input libary */
-#define ME_COLOUR1	((1 << ME_HIGHBYTE))	/* Possibly error-colours */
-#define ME_COLOUR2	((2 << ME_HIGHBYTE))
-#define ME_COLOUR3	((3 << ME_HIGHBYTE))
+#define ME_BELL         4       /* Ring bell then printing message */
+#define ME_WAITTANG     0       /* Wait for a user action  */
+#define ME_NOREFRESH    64      /* Write the error message to error log */
+#define ME_NOINPUT      0       /* Dont use the input libary */
 #define ME_JUST_INFO    1024    /**< not error but just info */
 #define ME_JUST_WARNING 2048    /**< not error but just warning */
 #define ME_FATALERROR   4096    /* Fatal statement error */
@@ -715,12 +708,6 @@ extern int my_sync(File fd, myf my_flags);
 extern int my_sync_dir(const char *dir_name, myf my_flags);
 extern int my_sync_dir_by_file(const char *file_name, myf my_flags);
 extern const char *my_get_err_msg(uint nr);
-extern void my_error(uint nr,myf MyFlags, ...);
-extern void my_printf_error(uint my_err, const char *format,
-                            myf MyFlags, ...)
-                            ATTRIBUTE_FORMAT(printf, 2, 4);
-extern void my_printv_error(uint error, const char *format, myf MyFlags,
-                            va_list ap);
 extern int my_error_register(const char** (*get_errmsgs) (void),
                              uint first, uint last);
 extern const char **my_error_unregister(uint first, uint last);

include/mysql/plugin.h

@@ -75,7 +75,7 @@ typedef struct st_mysql_xid MYSQL_XID;
 #define MYSQL_PLUGIN_INTERFACE_VERSION 0x0104
 
 /* MariaDB plugin interface version */
-#define MARIA_PLUGIN_INTERFACE_VERSION 0x010c
+#define MARIA_PLUGIN_INTERFACE_VERSION 0x010d
 
 /*
   The allowable types of plugins

include/mysql/plugin_audit.h.pp

@@ -137,6 +137,43 @@ size_t my_md5_context_size();
 void my_md5_init(void *context);
 void my_md5_input(void *context, const unsigned char *buf, size_t len);
 void my_md5_result(void *context, unsigned char *digest);
+enum my_aes_mode {
+    MY_AES_ECB, MY_AES_CBC
+};
+extern struct my_crypt_service_st {
+  int (*my_aes_crypt_init)(void *ctx, enum my_aes_mode mode, int flags,
+                      const unsigned char* key, unsigned int klen,
+                      const unsigned char* iv, unsigned int ivlen);
+  int (*my_aes_crypt_update)(void *ctx, const unsigned char *src, unsigned int slen,
+                        unsigned char *dst, unsigned int *dlen);
+  int (*my_aes_crypt_finish)(void *ctx, unsigned char *dst, unsigned int *dlen);
+  int (*my_aes_crypt)(enum my_aes_mode mode, int flags,
+                 const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen,
+                 const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen);
+  unsigned int (*my_aes_get_size)(enum my_aes_mode mode, unsigned int source_length);
+  unsigned int (*my_aes_ctx_size)(enum my_aes_mode mode);
+  int (*my_random_bytes)(unsigned char* buf, int num);
+} *my_crypt_service;
+int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags,
+                      const unsigned char* key, unsigned int klen,
+                      const unsigned char* iv, unsigned int ivlen);
+int my_aes_crypt_update(void *ctx, const unsigned char *src, unsigned int slen,
+                        unsigned char *dst, unsigned int *dlen);
+int my_aes_crypt_finish(void *ctx, unsigned char *dst, unsigned int *dlen);
+int my_aes_crypt(enum my_aes_mode mode, int flags,
+                 const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen,
+                 const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen);
+int my_random_bytes(unsigned char* buf, int num);
+unsigned int my_aes_get_size(enum my_aes_mode mode, unsigned int source_length);
+unsigned int my_aes_ctx_size(enum my_aes_mode mode);
+extern struct my_print_error_service_st {
+  void(*my_error_func)(unsigned int nr, unsigned long MyFlags, ...);
+  void(*my_printf_error_func)(unsigned int nr, const char *fmt, unsigned long MyFlags,...);
+  void(*my_printv_error_func)(unsigned int error, const char *format, unsigned long MyFlags, va_list ap);
+} *my_print_error_service;
+extern void my_error(unsigned int nr, unsigned long MyFlags, ...);
+extern void my_printf_error(unsigned int my_err, const char *format, unsigned long MyFlags, ...);
+extern void my_printv_error(unsigned int error, const char *format, unsigned long MyFlags,va_list ap);
 extern struct my_snprintf_service_st {
   size_t (*my_snprintf_type)(char*, size_t, const char*, ...);
   size_t (*my_vsnprintf_type)(char *, size_t, const char*, va_list);

include/mysql/plugin_auth.h.pp

@@ -137,6 +137,43 @@ size_t my_md5_context_size();
 void my_md5_init(void *context);
 void my_md5_input(void *context, const unsigned char *buf, size_t len);
 void my_md5_result(void *context, unsigned char *digest);
+enum my_aes_mode {
+    MY_AES_ECB, MY_AES_CBC
+};
+extern struct my_crypt_service_st {
+  int (*my_aes_crypt_init)(void *ctx, enum my_aes_mode mode, int flags,
+                      const unsigned char* key, unsigned int klen,
+                      const unsigned char* iv, unsigned int ivlen);
+  int (*my_aes_crypt_update)(void *ctx, const unsigned char *src, unsigned int slen,
+                        unsigned char *dst, unsigned int *dlen);
+  int (*my_aes_crypt_finish)(void *ctx, unsigned char *dst, unsigned int *dlen);
+  int (*my_aes_crypt)(enum my_aes_mode mode, int flags,
+                 const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen,
+                 const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen);
+  unsigned int (*my_aes_get_size)(enum my_aes_mode mode, unsigned int source_length);
+  unsigned int (*my_aes_ctx_size)(enum my_aes_mode mode);
+  int (*my_random_bytes)(unsigned char* buf, int num);
+} *my_crypt_service;
+int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags,
+                      const unsigned char* key, unsigned int klen,
+                      const unsigned char* iv, unsigned int ivlen);
+int my_aes_crypt_update(void *ctx, const unsigned char *src, unsigned int slen,
+                        unsigned char *dst, unsigned int *dlen);
+int my_aes_crypt_finish(void *ctx, unsigned char *dst, unsigned int *dlen);
+int my_aes_crypt(enum my_aes_mode mode, int flags,
+                 const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen,
+                 const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen);
+int my_random_bytes(unsigned char* buf, int num);
+unsigned int my_aes_get_size(enum my_aes_mode mode, unsigned int source_length);
+unsigned int my_aes_ctx_size(enum my_aes_mode mode);
+extern struct my_print_error_service_st {
+  void(*my_error_func)(unsigned int nr, unsigned long MyFlags, ...);
+  void(*my_printf_error_func)(unsigned int nr, const char *fmt, unsigned long MyFlags,...);
+  void(*my_printv_error_func)(unsigned int error, const char *format, unsigned long MyFlags, va_list ap);
+} *my_print_error_service;
+extern void my_error(unsigned int nr, unsigned long MyFlags, ...);
+extern void my_printf_error(unsigned int my_err, const char *format, unsigned long MyFlags, ...);
+extern void my_printv_error(unsigned int error, const char *format, unsigned long MyFlags,va_list ap);
 extern struct my_snprintf_service_st {
   size_t (*my_snprintf_type)(char*, size_t, const char*, ...);
   size_t (*my_vsnprintf_type)(char *, size_t, const char*, va_list);

include/mysql/plugin_encryption.h.pp

@@ -137,6 +137,43 @@ size_t my_md5_context_size();
 void my_md5_init(void *context);
 void my_md5_input(void *context, const unsigned char *buf, size_t len);
 void my_md5_result(void *context, unsigned char *digest);
+enum my_aes_mode {
+    MY_AES_ECB, MY_AES_CBC
+};
+extern struct my_crypt_service_st {
+  int (*my_aes_crypt_init)(void *ctx, enum my_aes_mode mode, int flags,
+                      const unsigned char* key, unsigned int klen,
+                      const unsigned char* iv, unsigned int ivlen);
+  int (*my_aes_crypt_update)(void *ctx, const unsigned char *src, unsigned int slen,
+                        unsigned char *dst, unsigned int *dlen);
+  int (*my_aes_crypt_finish)(void *ctx, unsigned char *dst, unsigned int *dlen);
+  int (*my_aes_crypt)(enum my_aes_mode mode, int flags,
+                 const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen,
+                 const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen);
+  unsigned int (*my_aes_get_size)(enum my_aes_mode mode, unsigned int source_length);
+  unsigned int (*my_aes_ctx_size)(enum my_aes_mode mode);
+  int (*my_random_bytes)(unsigned char* buf, int num);
+} *my_crypt_service;
+int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags,
+                      const unsigned char* key, unsigned int klen,
+                      const unsigned char* iv, unsigned int ivlen);
+int my_aes_crypt_update(void *ctx, const unsigned char *src, unsigned int slen,
+                        unsigned char *dst, unsigned int *dlen);
+int my_aes_crypt_finish(void *ctx, unsigned char *dst, unsigned int *dlen);
+int my_aes_crypt(enum my_aes_mode mode, int flags,
+                 const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen,
+                 const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen);
+int my_random_bytes(unsigned char* buf, int num);
+unsigned int my_aes_get_size(enum my_aes_mode mode, unsigned int source_length);
+unsigned int my_aes_ctx_size(enum my_aes_mode mode);
+extern struct my_print_error_service_st {
+  void(*my_error_func)(unsigned int nr, unsigned long MyFlags, ...);
+  void(*my_printf_error_func)(unsigned int nr, const char *fmt, unsigned long MyFlags,...);
+  void(*my_printv_error_func)(unsigned int error, const char *format, unsigned long MyFlags, va_list ap);
+} *my_print_error_service;
+extern void my_error(unsigned int nr, unsigned long MyFlags, ...);
+extern void my_printf_error(unsigned int my_err, const char *format, unsigned long MyFlags, ...);
+extern void my_printv_error(unsigned int error, const char *format, unsigned long MyFlags,va_list ap);
 extern struct my_snprintf_service_st {
   size_t (*my_snprintf_type)(char*, size_t, const char*, ...);
   size_t (*my_vsnprintf_type)(char *, size_t, const char*, va_list);

include/mysql/plugin_ftparser.h.pp

@@ -137,6 +137,43 @@ size_t my_md5_context_size();
 void my_md5_init(void *context);
 void my_md5_input(void *context, const unsigned char *buf, size_t len);
 void my_md5_result(void *context, unsigned char *digest);
+enum my_aes_mode {
+    MY_AES_ECB, MY_AES_CBC
+};
+extern struct my_crypt_service_st {
+  int (*my_aes_crypt_init)(void *ctx, enum my_aes_mode mode, int flags,
+                      const unsigned char* key, unsigned int klen,
+                      const unsigned char* iv, unsigned int ivlen);
+  int (*my_aes_crypt_update)(void *ctx, const unsigned char *src, unsigned int slen,
+                        unsigned char *dst, unsigned int *dlen);
+  int (*my_aes_crypt_finish)(void *ctx, unsigned char *dst, unsigned int *dlen);
+  int (*my_aes_crypt)(enum my_aes_mode mode, int flags,
+                 const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen,
+                 const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen);
+  unsigned int (*my_aes_get_size)(enum my_aes_mode mode, unsigned int source_length);
+  unsigned int (*my_aes_ctx_size)(enum my_aes_mode mode);
+  int (*my_random_bytes)(unsigned char* buf, int num);
+} *my_crypt_service;
+int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags,
+                      const unsigned char* key, unsigned int klen,
+                      const unsigned char* iv, unsigned int ivlen);
+int my_aes_crypt_update(void *ctx, const unsigned char *src, unsigned int slen,
+                        unsigned char *dst, unsigned int *dlen);
+int my_aes_crypt_finish(void *ctx, unsigned char *dst, unsigned int *dlen);
+int my_aes_crypt(enum my_aes_mode mode, int flags,
+                 const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen,
+                 const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen);
+int my_random_bytes(unsigned char* buf, int num);
+unsigned int my_aes_get_size(enum my_aes_mode mode, unsigned int source_length);
+unsigned int my_aes_ctx_size(enum my_aes_mode mode);
+extern struct my_print_error_service_st {
+  void(*my_error_func)(unsigned int nr, unsigned long MyFlags, ...);
+  void(*my_printf_error_func)(unsigned int nr, const char *fmt, unsigned long MyFlags,...);
+  void(*my_printv_error_func)(unsigned int error, const char *format, unsigned long MyFlags, va_list ap);
+} *my_print_error_service;
+extern void my_error(unsigned int nr, unsigned long MyFlags, ...);
+extern void my_printf_error(unsigned int my_err, const char *format, unsigned long MyFlags, ...);
+extern void my_printv_error(unsigned int error, const char *format, unsigned long MyFlags,va_list ap);
 extern struct my_snprintf_service_st {
   size_t (*my_snprintf_type)(char*, size_t, const char*, ...);
   size_t (*my_vsnprintf_type)(char *, size_t, const char*, va_list);

include/mysql/plugin_password_validation.h.pp

@@ -137,6 +137,43 @@ size_t my_md5_context_size();
 void my_md5_init(void *context);
 void my_md5_input(void *context, const unsigned char *buf, size_t len);
 void my_md5_result(void *context, unsigned char *digest);
+enum my_aes_mode {
+    MY_AES_ECB, MY_AES_CBC
+};
+extern struct my_crypt_service_st {
+  int (*my_aes_crypt_init)(void *ctx, enum my_aes_mode mode, int flags,
+                      const unsigned char* key, unsigned int klen,
+                      const unsigned char* iv, unsigned int ivlen);
+  int (*my_aes_crypt_update)(void *ctx, const unsigned char *src, unsigned int slen,
+                        unsigned char *dst, unsigned int *dlen);
+  int (*my_aes_crypt_finish)(void *ctx, unsigned char *dst, unsigned int *dlen);
+  int (*my_aes_crypt)(enum my_aes_mode mode, int flags,
+                 const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen,
+                 const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen);
+  unsigned int (*my_aes_get_size)(enum my_aes_mode mode, unsigned int source_length);
+  unsigned int (*my_aes_ctx_size)(enum my_aes_mode mode);
+  int (*my_random_bytes)(unsigned char* buf, int num);
+} *my_crypt_service;
+int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags,
+                      const unsigned char* key, unsigned int klen,
+                      const unsigned char* iv, unsigned int ivlen);
+int my_aes_crypt_update(void *ctx, const unsigned char *src, unsigned int slen,
+                        unsigned char *dst, unsigned int *dlen);
+int my_aes_crypt_finish(void *ctx, unsigned char *dst, unsigned int *dlen);
+int my_aes_crypt(enum my_aes_mode mode, int flags,
+                 const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen,
+                 const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen);
+int my_random_bytes(unsigned char* buf, int num);
+unsigned int my_aes_get_size(enum my_aes_mode mode, unsigned int source_length);
+unsigned int my_aes_ctx_size(enum my_aes_mode mode);
+extern struct my_print_error_service_st {
+  void(*my_error_func)(unsigned int nr, unsigned long MyFlags, ...);
+  void(*my_printf_error_func)(unsigned int nr, const char *fmt, unsigned long MyFlags,...);
+  void(*my_printv_error_func)(unsigned int error, const char *format, unsigned long MyFlags, va_list ap);
+} *my_print_error_service;
+extern void my_error(unsigned int nr, unsigned long MyFlags, ...);
+extern void my_printf_error(unsigned int my_err, const char *format, unsigned long MyFlags, ...);
+extern void my_printv_error(unsigned int error, const char *format, unsigned long MyFlags,va_list ap);
 extern struct my_snprintf_service_st {
   size_t (*my_snprintf_type)(char*, size_t, const char*, ...);
   size_t (*my_vsnprintf_type)(char *, size_t, const char*, va_list);

include/mysql/service_my_crypt.h

+#ifndef MYSQL_SERVICE_MY_CRYPT_INCLUDED
+#define MYSQL_SERVICE_MY_CRYPT_INCLUDED
+
+/*
+ Copyright (c) 2014 Google Inc.
+ Copyright (c) 2014, 2015 MariaDB Corporation
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
+
+/**
+ @file
+ my crypt service
+
+ AES encryption functions, and a function to generate random bytes.
+
+ Include my_config.h before this file to use CTR and GCM modes
+ (they only work if server was compiled with  openssl).
+*/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* return values from my_aes_encrypt/my_aes_decrypt functions */
+#define MY_AES_OK               0
+#define MY_AES_BAD_DATA         -100
+#define MY_AES_OPENSSL_ERROR    -101
+#define MY_AES_BAD_KEYSIZE      -102
+
+/* The block size for all supported algorithms */
+#define MY_AES_BLOCK_SIZE 16
+
+/* The max key length of all supported algorithms */
+#define MY_AES_MAX_KEY_LENGTH 32
+
+#define MY_AES_CTX_SIZE 512
+
+enum my_aes_mode {
+    MY_AES_ECB, MY_AES_CBC
+#ifdef HAVE_EncryptAes128Ctr
+  , MY_AES_CTR
+#endif
+#ifdef HAVE_EncryptAes128Gcm
+  , MY_AES_GCM
+#endif
+};
+
+extern struct my_crypt_service_st {
+  int (*my_aes_crypt_init)(void *ctx, enum my_aes_mode mode, int flags,
+                      const unsigned char* key, unsigned int klen,
+                      const unsigned char* iv, unsigned int ivlen);
+  int (*my_aes_crypt_update)(void *ctx, const unsigned char *src, unsigned int slen,
+                        unsigned char *dst, unsigned int *dlen);
+  int (*my_aes_crypt_finish)(void *ctx, unsigned char *dst, unsigned int *dlen);
+  int (*my_aes_crypt)(enum my_aes_mode mode, int flags,
+                 const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen,
+                 const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen);
+  unsigned int (*my_aes_get_size)(enum my_aes_mode mode, unsigned int source_length);
+  unsigned int (*my_aes_ctx_size)(enum my_aes_mode mode);
+  int (*my_random_bytes)(unsigned char* buf, int num);
+} *my_crypt_service;
+
+#ifdef MYSQL_DYNAMIC_PLUGIN
+
+#define my_aes_crypt_init(A,B,C,D,E,F,G) \
+   my_crypt_service->my_aes_crypt_init(A,B,C,D,E,F,G)
+
+#define my_aes_crypt_update(A,B,C,D,E) \
+   my_crypt_service->my_aes_crypt_update(A,B,C,D,E)
+
+#define my_aes_crypt_finish(A,B,C) \
+  my_crypt_service->my_aes_crypt_finish(A,B,C)
+
+#define my_aes_crypt(A,B,C,D,E,F,G,H,I,J) \
+  my_crypt_service->my_aes_crypt(A,B,C,D,E,F,G,H,I,J)
+
+#define my_aes_get_size(A,B)\
+  my_crypt_service->my_aes_get_size(A,B)
+
+#define my_aes_ctx_size(A)\
+  my_crypt_service->my_aes_ctx_size(A)
+
+#define my_random_bytes(A,B)\
+  my_crypt_service->my_random_bytes(A,B)
+
+#else
+
+int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags,
+                      const unsigned char* key, unsigned int klen,
+                      const unsigned char* iv, unsigned int ivlen);
+int my_aes_crypt_update(void *ctx, const unsigned char *src, unsigned int slen,
+                        unsigned char *dst, unsigned int *dlen);
+int my_aes_crypt_finish(void *ctx, unsigned char *dst, unsigned int *dlen);
+int my_aes_crypt(enum my_aes_mode mode, int flags,
+                 const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen,
+                 const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen);
+
+int my_random_bytes(unsigned char* buf, int num);
+unsigned int my_aes_get_size(enum my_aes_mode mode, unsigned int source_length);
+unsigned int my_aes_ctx_size(enum my_aes_mode mode);
+#endif
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MYSQL_SERVICE_MY_CRYPT_INCLUDED */

include/mysql/service_my_print_error.h

+/* Copyright (c) 2016, MariaDB
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
+
+#ifndef MYSQL_SERVICE_MY_PRINT_ERROR_INCLUDED
+#define MYSQL_SERVICE_MY_PRINT_ERROR_INCLUDED
+
+/**
+  @file include/mysql/service_my_print_error.h
+
+  This service provides functions for plugins to report
+  errors to client (without client, the errors are written to the error log).
+
+*/
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef MYSQL_ABI_CHECK
+#include <stdarg.h>
+#include <stdlib.h>
+#endif
+
+#define ME_ERROR_LOG    64      /* Write the message to the error log */
+#define ME_NOTE         1024    /* Not an error, just a note */
+#define ME_WARNING      2048    /* Not an error, just a warning */
+#define ME_FATAL        4096    /* Fatal statement error */
+
+extern struct my_print_error_service_st {
+  void (*my_error_func)(unsigned int nr, unsigned long MyFlags, ...);
+  void (*my_printf_error_func)(unsigned int nr, const char *fmt, unsigned long MyFlags,...);
+  void (*my_printv_error_func)(unsigned int error, const char *format, unsigned long MyFlags, va_list ap);
+} *my_print_error_service;
+
+#ifdef MYSQL_DYNAMIC_PLUGIN
+
+#define my_error my_print_error_service->my_error_func
+#define my_printf_error my_print_error_service->my_printf_error_func
+#define my_printv_error(A,B,C,D) my_print_error_service->my_printv_error_func(A,B,C,D)
+
+#else
+
+extern void my_error(unsigned int nr, unsigned long MyFlags, ...);
+extern void my_printf_error(unsigned int my_err, const char *format, unsigned long MyFlags, ...);
+extern void my_printv_error(unsigned int error, const char *format, unsigned long MyFlags,va_list ap);
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+

include/mysql/services.h

@@ -26,6 +26,8 @@ extern "C" {
 #include <mysql/service_kill_statement.h>
 #include <mysql/service_logger.h>
 #include <mysql/service_md5.h>
+#include <mysql/service_my_crypt.h>
+#include <mysql/service_my_print_error.h>
 #include <mysql/service_my_snprintf.h>
 #include <mysql/service_progress_report.h>
 #include <mysql/service_sha1.h>

include/service_versions.h

@@ -27,7 +27,9 @@
 #define VERSION_encryption              0x0300
 #define VERSION_encryption_scheme       0x0100
 #define VERSION_logger                  0x0100
+#define VERSION_my_crypt                0x0100
 #define VERSION_my_md5                  0x0100
+#define VERSION_my_print_error          0x0100
 #define VERSION_my_sha1                 0x0101
 #define VERSION_my_sha2                 0x0100
 #define VERSION_my_snprintf             0x0100

libservices/CMakeLists.txt

@@ -22,7 +22,9 @@ SET(MYSQLSERVICES_SOURCES
   encryption_service.c
   kill_statement_service.c
   logger_service.c
+  my_crypt_service.c
   my_md5_service.c
+  my_print_error_service.c
   my_sha1_service.c
   my_sha2_service.c
   my_snprintf_service.c
@@ -35,7 +37,7 @@ SET(MYSQLSERVICES_SOURCES
   thd_timezone_service.c
   thd_wait_service.c
   wsrep_service.c
-)
+  )
 
 ADD_CONVENIENCE_LIBRARY(mysqlservices ${MYSQLSERVICES_SOURCES})
 INSTALL(TARGETS mysqlservices DESTINATION ${INSTALL_LIBDIR} COMPONENT Development)

libservices/my_crypt_service.c

+#include <service_versions.h>
+SERVICE_VERSION my_crypt_service= (void*)VERSION_my_crypt;

libservices/my_print_error_service.c

+/* Copyright (c) 2016 MariaDB
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 of the License.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
+
+#include <service_versions.h>
+SERVICE_VERSION my_print_error_service= (void*)VERSION_my_print_error;
\ No newline at end of file

mysql-test/r/handlersocket.result

@@ -5,7 +5,7 @@ plugin_version	1.0
 plugin_status	ACTIVE
 plugin_type	DAEMON
 plugin_library	handlersocket.so
-plugin_library_version	1.12
+plugin_library_version	1.13
 plugin_author	higuchi dot akira at dena dot jp
 plugin_description	Direct access into InnoDB
 plugin_license	BSD

mysql-test/r/plugin.result

@@ -12,7 +12,7 @@ PLUGIN_STATUS	ACTIVE
 PLUGIN_TYPE	STORAGE ENGINE
 PLUGIN_TYPE_VERSION	#
 PLUGIN_LIBRARY	ha_example.so
-PLUGIN_LIBRARY_VERSION	1.12
+PLUGIN_LIBRARY_VERSION	1.13
 PLUGIN_AUTHOR	Brian Aker, MySQL AB
 PLUGIN_DESCRIPTION	Example storage engine
 PLUGIN_LICENSE	GPL
@@ -25,7 +25,7 @@ PLUGIN_STATUS	ACTIVE
 PLUGIN_TYPE	DAEMON
 PLUGIN_TYPE_VERSION	#
 PLUGIN_LIBRARY	ha_example.so
-PLUGIN_LIBRARY_VERSION	1.12
+PLUGIN_LIBRARY_VERSION	1.13
 PLUGIN_AUTHOR	Sergei Golubchik
 PLUGIN_DESCRIPTION	Unusable Daemon
 PLUGIN_LICENSE	GPL
@@ -64,7 +64,7 @@ PLUGIN_STATUS	DELETED
 PLUGIN_TYPE	STORAGE ENGINE
 PLUGIN_TYPE_VERSION	#
 PLUGIN_LIBRARY	ha_example.so
-PLUGIN_LIBRARY_VERSION	1.12
+PLUGIN_LIBRARY_VERSION	1.13
 PLUGIN_AUTHOR	Brian Aker, MySQL AB
 PLUGIN_DESCRIPTION	Example storage engine
 PLUGIN_LICENSE	GPL

mysql-test/suite/plugins/r/auth_ed25519.result

@@ -27,7 +27,7 @@ PLUGIN_STATUS	ACTIVE
 PLUGIN_TYPE	AUTHENTICATION
 PLUGIN_TYPE_VERSION	2.1
 PLUGIN_LIBRARY	auth_ed25519.so
-PLUGIN_LIBRARY_VERSION	1.12
+PLUGIN_LIBRARY_VERSION	1.13
 PLUGIN_AUTHOR	Sergei Golubchik
 PLUGIN_DESCRIPTION	Elliptic curve ED25519 based authentication
 PLUGIN_LICENSE	GPL

mysql-test/suite/plugins/r/cracklib_password_check.result

@@ -6,7 +6,7 @@ PLUGIN_STATUS	ACTIVE
 PLUGIN_TYPE	PASSWORD VALIDATION
 PLUGIN_TYPE_VERSION	1.0
 PLUGIN_LIBRARY	cracklib_password_check.so
-PLUGIN_LIBRARY_VERSION	1.12
+PLUGIN_LIBRARY_VERSION	1.13
 PLUGIN_AUTHOR	Sergei Golubchik
 PLUGIN_DESCRIPTION	Password validation via CrackLib
 PLUGIN_LICENSE	GPL

mysql-test/suite/plugins/r/show_all_plugins.result

@@ -4,8 +4,8 @@ Variable_name	Value
 Opened_plugin_libraries	0
 select * from information_schema.all_plugins where plugin_library='ha_example.so';
 PLUGIN_NAME	PLUGIN_VERSION	PLUGIN_STATUS	PLUGIN_TYPE	PLUGIN_TYPE_VERSION	PLUGIN_LIBRARY	PLUGIN_LIBRARY_VERSION	PLUGIN_AUTHOR	PLUGIN_DESCRIPTION	PLUGIN_LICENSE	LOAD_OPTION	PLUGIN_MATURITY	PLUGIN_AUTH_VERSION
-EXAMPLE	0.1	NOT INSTALLED	STORAGE ENGINE	MYSQL_VERSION_ID	ha_example.so	1.12	Brian Aker, MySQL AB	Example storage engine	GPL	OFF	Experimental	0.1
-UNUSABLE	3.14	NOT INSTALLED	DAEMON	MYSQL_VERSION_ID	ha_example.so	1.12	Sergei Golubchik	Unusable Daemon	GPL	OFF	Experimental	3.14.15.926
+EXAMPLE	0.1	NOT INSTALLED	STORAGE ENGINE	MYSQL_VERSION_ID	ha_example.so	1.13	Brian Aker, MySQL AB	Example storage engine	GPL	OFF	Experimental	0.1
+UNUSABLE	3.14	NOT INSTALLED	DAEMON	MYSQL_VERSION_ID	ha_example.so	1.13	Sergei Golubchik	Unusable Daemon	GPL	OFF	Experimental	3.14.15.926
 show status like '%libraries%';
 Variable_name	Value
 Opened_plugin_libraries	1

mysql-test/suite/plugins/r/simple_password_check.result

@@ -6,7 +6,7 @@ PLUGIN_STATUS	ACTIVE
 PLUGIN_TYPE	PASSWORD VALIDATION
 PLUGIN_TYPE_VERSION	1.0
 PLUGIN_LIBRARY	simple_password_check.so
-PLUGIN_LIBRARY_VERSION	1.12
+PLUGIN_LIBRARY_VERSION	1.13
 PLUGIN_AUTHOR	Sergei Golubchik
 PLUGIN_DESCRIPTION	Simple password strength checks
 PLUGIN_LICENSE	GPL

mysys_ssl/my_crypt.cc

@@ -266,6 +266,32 @@ int my_aes_crypt(enum my_aes_mode mode, int flags,
   return res1 ? res1 : res2;
 }
 
+
+/*
+  calculate the length of the cyphertext from the length of the plaintext
+  for different AES encryption modes with padding enabled.
+  Without padding (ENCRYPTION_FLAG_NOPAD) cyphertext has the same length
+  as the plaintext
+*/
+unsigned int my_aes_get_size(enum my_aes_mode mode __attribute__((unused)), unsigned int source_length)
+{
+#ifdef HAVE_EncryptAes128Ctr
+  if (mode == MY_AES_CTR)
+    return source_length;
+#ifdef HAVE_EncryptAes128Gcm
+  if (mode == MY_AES_GCM)
+    return source_length + MY_AES_BLOCK_SIZE;
+#endif
+#endif
+  return (source_length / MY_AES_BLOCK_SIZE + 1) * MY_AES_BLOCK_SIZE;
+}
+
+
+unsigned int my_aes_ctx_size(enum my_aes_mode)
+{
+  return MY_AES_CTX_SIZE;
+}
+
 #ifdef HAVE_YASSL
 #include <random.hpp>
 int my_random_bytes(uchar* buf, int num)

plugin/auth_gssapi/gssapi_server.cc

@@ -44,26 +44,30 @@ static char* get_default_principal_name()
 
   if(krb5_init_context(&context))
   {
-    sql_print_warning("GSSAPI plugin : krb5_init_context failed");
+    my_printf_error(0, "GSSAPI plugin : krb5_init_context failed",
+                    ME_ERROR_LOG | ME_WARNING);
     goto cleanup;
   }
 
   if (krb5_sname_to_principal(context, NULL, "mariadb", KRB5_NT_SRV_HST, &principal))
   {
-    sql_print_warning("GSSAPI plugin :  krb5_sname_to_principal failed");
+    my_printf_error(0, "GSSAPI plugin :  krb5_sname_to_principal failed",
+                    ME_ERROR_LOG | ME_WARNING);
     goto cleanup;
   }
 
   if (krb5_unparse_name(context, principal, &unparsed_name))
   {
-    sql_print_warning("GSSAPI plugin :  krb5_unparse_name failed");
+    my_printf_error(0, "GSSAPI plugin :  krb5_unparse_name failed",
+                    ME_ERROR_LOG | ME_WARNING);
     goto cleanup;
   }
 
   /* Check for entry in keytab */
   if (krb5_kt_read_service_key(context, NULL, principal, 0, (krb5_enctype)0, &key))
   {
-    sql_print_warning("GSSAPI plugin : default principal '%s' not found in keytab", unparsed_name);
+    my_printf_error(0, "GSSAPI plugin : default principal '%s' not found in keytab",
+                    ME_ERROR_LOG | ME_WARNING, unparsed_name);
     goto cleanup;
   }
 
@@ -100,7 +104,8 @@ int plugin_init()
   /* import service principal from plain text */
   if(srv_principal_name && srv_principal_name[0])
   {
-    sql_print_information("GSSAPI plugin : using principal name '%s'", srv_principal_name);
+    my_printf_error(0, "GSSAPI plugin : using principal name '%s'",
+                    ME_ERROR_LOG | ME_NOTE, srv_principal_name);
     principal_name_buf.length= strlen(srv_principal_name);
     principal_name_buf.value= srv_principal_name;
     major= gss_import_name(&minor, &principal_name_buf, GSS_C_NT_USER_NAME, &service_name);
@@ -115,8 +120,6 @@ int plugin_init()
     service_name=  GSS_C_NO_NAME;
   }
 
-
-
   /* Check if SPN configuration is OK */
   major= gss_acquire_cred(&minor, service_name, GSS_C_INDEFINITE,
                             GSS_C_NO_OID_SET, GSS_C_ACCEPT, &cred, NULL,

plugin/auth_gssapi/sspi_server.cc

@@ -284,8 +284,8 @@ int plugin_init()
   {
     srv_principal_name= get_default_principal_name();
   }
-  sql_print_information("SSPI: using principal name '%s', mech '%s'",
-    srv_principal_name, srv_mech_name);
+  my_printf_error(0, "SSPI: using principal name '%s', mech '%s'",
+                  ME_ERROR_LOG | ME_NOTE, srv_principal_name, srv_mech_name);
 
   ret = AcquireCredentialsHandle(
     srv_principal_name,

plugin/aws_key_management/aws_key_management_plugin.cc

@@ -175,7 +175,7 @@ static int plugin_init(void *p)
   client = new KMSClient(clientConfiguration);
   if (!client)
   {
-    sql_print_error("Can not initialize KMS client");
+    my_printf_error(ER_UNKNOWN_ERROR, "Can not initialize KMS client", ME_ERROR_LOG,);
     DBUG_RETURN(-1);
   }
   
@@ -254,12 +254,12 @@ static int load_key(KEY_INFO *info)
 
   if (!ret)
   {
-    sql_print_information("AWS KMS plugin: loaded key %u, version %u, key length %u bit",
+    my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: loaded key %u, version %u, key length %u bit", ME_ERROR_LOG | ER_NOTE,
       info->key_id, info->key_version,(uint)info->length*8);
   }
   else
   {
-    sql_print_warning("AWS KMS plugin: key %u, version %u could not be decrypted",
+    my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: key %u, version %u could not be decrypted", ME_ERROR_LOG | ER_WARNING,
       info->key_id, info->key_version);
   }
   DBUG_RETURN(ret);
@@ -344,13 +344,13 @@ static  int aws_decrypt_key(const char *path, KEY_INFO *info)
   ifstream ifs(path, ios::binary | ios::ate);
   if (!ifs.good())
   {
-    sql_print_error("can't open file %s", path);
+    my_printf_error(ER_UNKNOWN_ERROR, "can't open file %s", ME_ERROR_LOG, path);
     DBUG_RETURN(-1);
   }
   size_t pos = (size_t)ifs.tellg();
   if (!pos || pos == SIZE_T_MAX)
   {
-    sql_print_error("invalid key file %s", path);
+    my_printf_error(ER_UNKNOWN_ERROR, "invalid key file %s", ME_ERROR_LOG, path);
     DBUG_RETURN(-1);
   }
   std::vector<char>  contents(pos);
@@ -364,7 +364,7 @@ static  int aws_decrypt_key(const char *path, KEY_INFO *info)
   DecryptOutcome outcome = client->Decrypt(request);
   if (!outcome.IsSuccess())
   {
-    sql_print_error("AWS KMS plugin: Decrypt failed for %s : %s", path,
+    my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: Decrypt failed for %s : %s", ME_ERROR_LOG, path,
       outcome.GetError().GetMessage().c_str());
     DBUG_RETURN(-1);
   }
@@ -373,7 +373,7 @@ static  int aws_decrypt_key(const char *path, KEY_INFO *info)
 
   if (len > (int)sizeof(info->data))
   {
-    sql_print_error("AWS KMS plugin: encoding key too large for %s", path);
+    my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: encoding key too large for %s", ME_ERROR_LOG, path);
     DBUG_RETURN(ENCRYPTION_KEY_BUFFER_TOO_SMALL);
   }
   memcpy(info->data, plaintext.GetUnderlyingData(), len);
@@ -395,7 +395,7 @@ static int aws_generate_datakey(uint keyid, uint version)
   outcome= client->GenerateDataKeyWithoutPlaintext(request);
   if (!outcome.IsSuccess())
   {
-    sql_print_error("AWS KMS plugin : GenerateDataKeyWithoutPlaintext failed : %s - %s",
+    my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin : GenerateDataKeyWithoutPlaintext failed : %s - %s", ME_ERROR_LOG,
       outcome.GetError().GetExceptionName().c_str(),
       outcome.GetError().GetMessage().c_str());
     DBUG_RETURN(-1);
@@ -409,19 +409,19 @@ static int aws_generate_datakey(uint keyid, uint version)
   int fd= my_open(filename, O_RDWR | O_CREAT, 0);
   if (fd < 0)
   {
-    sql_print_error("AWS KMS plugin: Can't create file %s", filename);
+    my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: Can't create file %s", ME_ERROR_LOG, filename);
     DBUG_RETURN(-1);
   }
   size_t len= byteBuffer.GetLength();
   if (my_write(fd, byteBuffer.GetUnderlyingData(), len, 0) != len)
   {
-    sql_print_error("AWS KMS plugin: can't write to %s", filename);
+    my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: can't write to %s", ME_ERROR_LOG, filename);
     my_close(fd, 0);
     my_delete(filename, 0);
     DBUG_RETURN(-1);
   }
   my_close(fd, 0);
-  sql_print_information("AWS KMS plugin: generated encrypted datakey for key id=%u, version=%u",
+  my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: generated encrypted datakey for key id=%u, version=%u", ME_ERROR_LOG | ER_NOTE,
     keyid, version);
   DBUG_RETURN(0);
 }

plugin/example_key_management/example_key_management_plugin.cc

@@ -114,14 +114,32 @@ static int example_key_management_plugin_deinit(void *p)
   return 0;
 }
 
+
+static int ctx_update(void *ctx, const unsigned char *src, unsigned int slen,
+  unsigned char *dst, unsigned int *dlen)
+{
+  return my_aes_crypt_update(ctx, src, slen, dst, dlen);
+}
+
+
+int ctx_finish(void *ctx, unsigned char *dst, unsigned int *dlen)
+{
+  return my_aes_crypt_finish(ctx, dst, dlen);
+}
+
+static  uint ctx_size(unsigned int , unsigned int key_version)
+{
+  return my_aes_ctx_size(mode(key_version));
+}
+
 struct st_mariadb_encryption example_key_management_plugin= {
   MariaDB_ENCRYPTION_INTERFACE_VERSION,
   get_latest_key_version,
   get_key,
-  (uint (*)(unsigned int, unsigned int))my_aes_ctx_size,
+  ctx_size,
   ctx_init,
-  my_aes_crypt_update,
-  my_aes_crypt_finish,
+  ctx_update,
+  ctx_finish,
   get_length
 };
 

plugin/file_key_management/file_key_management_plugin.cc

@@ -13,7 +13,8 @@
  along with this program; if not, write to the Free Software
  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
 
-
+#include <my_global.h>
+#include <typelib.h>
 #include "parser.h"
 #include <mysql/plugin_encryption.h>
 #include <string.h>
@@ -146,20 +147,37 @@ static int ctx_init(void *ctx, const unsigned char* key, unsigned int klen,
   return my_aes_crypt_init(ctx, mode(flags), flags, key, klen, iv, ivlen);
 }
 
+static int ctx_update(void *ctx, const unsigned char *src, unsigned int slen,
+  unsigned char *dst, unsigned int *dlen)
+{
+  return my_aes_crypt_update(ctx, src, slen, dst, dlen);
+}
+
+
+static int ctx_finish(void *ctx, unsigned char *dst, unsigned int *dlen)
+{
+  return my_aes_crypt_finish(ctx, dst, dlen);
+}
+
 static unsigned int get_length(unsigned int slen, unsigned int key_id,
                                unsigned int key_version)
 {
   return my_aes_get_size(mode(0), slen);
 }
 
+static uint ctx_size(uint, uint)
+{
+  return my_aes_ctx_size(mode(0));
+}
+
 struct st_mariadb_encryption file_key_management_plugin= {
   MariaDB_ENCRYPTION_INTERFACE_VERSION,
   get_latest_version,
   get_key_from_key_file,
-  (uint (*)(unsigned int, unsigned int))my_aes_ctx_size,
+  ctx_size,
   ctx_init,
-  my_aes_crypt_update,
-  my_aes_crypt_finish,
+  ctx_update,
+  ctx_finish,
   get_length
 };
 

plugin/file_key_management/parser.cc

@@ -232,7 +232,7 @@ bool Parser::parse_file(Dynamic_array<keyentry> *keys, const char *secret)
 void Parser::report_error(const char *reason, uint position)
 {
   my_printf_error(EE_READ, "%s at %s line %u, column %u",
-    MYF(ME_NOREFRESH), reason, filename, line_number, position + 1);
+    ME_ERROR_LOG, reason, filename, line_number, position + 1);
 }
 
 /*
@@ -300,9 +300,8 @@ char* Parser::read_and_decrypt_file(const char *secret)
 {
   if (!filename || !filename[0])
   {
-    my_printf_error(EE_CANT_OPEN_STREAM,
-                    "file-key-management-filename is not set",
-                    MYF(ME_NOREFRESH));
+    my_printf_error(EE_CANT_OPEN_STREAM, "file-key-management-filename is not set",
+                    ME_ERROR_LOG);
     goto err0;
   }
 
@@ -351,7 +350,7 @@ char* Parser::read_and_decrypt_file(const char *secret)
                      iv, OpenSSL_iv_len))
 
     {
-      my_printf_error(EE_READ, "Cannot decrypt %s. Wrong key?", MYF(ME_NOREFRESH), filename);
+      my_printf_error(EE_READ, "Cannot decrypt %s. Wrong key?", ME_ERROR_LOG, filename);
       goto err3;
     }
 
@@ -361,7 +360,7 @@ char* Parser::read_and_decrypt_file(const char *secret)
   }
   else if (*secret)
   {
-    my_printf_error(EE_READ, "Cannot decrypt %s. Not encrypted", MYF(ME_NOREFRESH), filename);
+    my_printf_error(EE_READ, "Cannot decrypt %s. Not encrypted", ME_ERROR_LOG, filename);
     goto err2;
   }
 
@@ -378,4 +377,3 @@ char* Parser::read_and_decrypt_file(const char *secret)
 err0:
   return NULL;
 }
-

sql/innodb_priv.h

@@ -28,6 +28,7 @@ void localtime_to_TIME(MYSQL_TIME *to, struct tm *from);
 uint strconvert(CHARSET_INFO *from_cs, const char *from, uint from_length,
                 CHARSET_INFO *to_cs, char *to, uint to_length,
                 uint *errors);
+
 void sql_print_error(const char *format, ...);
 
 #define thd_binlog_pos(X, Y, Z) mysql_bin_log_commit_pos(X, Z, Y)

sql/sql_plugin_services.ic

@@ -133,7 +133,7 @@ static struct base64_service_st base64_handler= {
   base64_decode
 };
 
-static struct thd_error_context_service_st thd_error_conext_handler= {
+static struct thd_error_context_service_st thd_error_context_handler= {
   thd_get_error_message,
   thd_get_error_number,
   thd_get_error_row,
@@ -196,6 +196,24 @@ static struct encryption_scheme_service_st encryption_scheme_handler=
  encryption_scheme_decrypt
 };
 
+static struct my_crypt_service_st crypt_handler=
+{
+  my_aes_crypt_init,
+  my_aes_crypt_update,
+  my_aes_crypt_finish,
+  my_aes_crypt,
+  my_aes_get_size,
+  my_aes_ctx_size,
+  my_random_bytes
+};
+
+static struct my_print_error_service_st my_print_error_handler=
+{
+  my_error,
+  my_printf_error,
+  my_printv_error
+};
+
 static struct st_service_ref list_of_services[]=
 {
   { "base64_service",              VERSION_base64,              &base64_handler },
@@ -203,19 +221,21 @@ static struct st_service_ref list_of_services[]=
   { "encryption_scheme_service",   VERSION_encryption_scheme,   &encryption_scheme_handler },
   { "encryption_service",          VERSION_encryption,          &encryption_handler },
   { "logger_service",              VERSION_logger,              &logger_service_handler },
+  { "my_crypt_service",            VERSION_my_crypt,            &crypt_handler},
   { "my_md5_service",              VERSION_my_md5,              &my_md5_handler},
+  { "my_print_error_service",      VERSION_my_print_error,      &my_print_error_handler},
   { "my_sha1_service",             VERSION_my_sha1,             &my_sha1_handler},
   { "my_sha2_service",             VERSION_my_sha2,             &my_sha2_handler},
   { "my_snprintf_service",         VERSION_my_snprintf,         &my_snprintf_handler },
   { "progress_report_service",     VERSION_progress_report,     &progress_report_handler },
   { "thd_alloc_service",           VERSION_thd_alloc,           &thd_alloc_handler },
   { "thd_autoinc_service",         VERSION_thd_autoinc,         &thd_autoinc_handler },
-  { "thd_error_context_service",   VERSION_thd_error_context,   &thd_error_conext_handler },
+  { "thd_error_context_service",   VERSION_thd_error_context,   &thd_error_context_handler },
   { "thd_kill_statement_service",  VERSION_kill_statement,      &thd_kill_statement_handler },
   { "thd_rnd_service",             VERSION_thd_rnd,             &thd_rnd_handler },
   { "thd_specifics_service",       VERSION_thd_specifics,       &thd_specifics_handler },
   { "thd_timezone_service",        VERSION_thd_timezone,        &thd_timezone_handler },
   { "thd_wait_service",            VERSION_thd_wait,            &thd_wait_handler },
-  { "wsrep_service",               VERSION_wsrep,               &wsrep_handler },
+  { "wsrep_service",               VERSION_wsrep,               &wsrep_handler }
 };
 

sql/unireg.h

@@ -53,8 +53,8 @@
 #define ER_THD(thd,X) ((thd)->variables.errmsgs[(X) - ER_ERROR_FIRST])
 #define ER_THD_OR_DEFAULT(thd,X) ((thd) ? ER_THD(thd, X) : ER_DEFAULT(X))
 
-#define ME_INFO (ME_HOLDTANG+ME_OLDWIN+ME_NOREFRESH)
-#define ME_ERROR (ME_BELL+ME_OLDWIN+ME_NOREFRESH)
+#define ME_INFO (ME_HOLDTANG | ME_NOREFRESH)
+#define ME_ERROR (ME_BELL | ME_NOREFRESH)
 #define MYF_RW MYF(MY_WME+MY_NABP)		/* Vid my_read & my_write */
 
 #define SPECIAL_USE_LOCKS	1		/* Lock used databases */

storage/innobase/log/log0crypt.cc

@@ -25,8 +25,7 @@ Modified           Jan Lindström jan.lindstrom@mariadb.com
 *******************************************************/
 #include "m_string.h"
 #include "log0crypt.h"
-#include <my_crypt.h>
-#include <my_crypt.h>
+#include <mysql/service_my_crypt.h>
 
 #include "log0log.h"
 #include "srv0start.h" // for srv_start_lsn
@@ -34,7 +33,6 @@ Modified           Jan Lindström jan.lindstrom@mariadb.com
 
 #include "ha_prototypes.h" // IB_LOG_
 
-#include "my_crypt.h"
 
 /* Used for debugging */
 // #define DEBUG_CRYPT 1

storage/xtradb/log/log0crypt.cc

@@ -25,8 +25,7 @@ Modified           Jan Lindström jan.lindstrom@mariadb.com
 *******************************************************/
 #include "m_string.h"
 #include "log0crypt.h"
-#include <my_crypt.h>
-#include <my_crypt.h>
+#include <mysql/service_my_crypt.h>
 
 #include "log0log.h"
 #include "srv0start.h" // for srv_start_lsn
@@ -34,8 +33,6 @@ Modified           Jan Lindström jan.lindstrom@mariadb.com
 
 #include "ha_prototypes.h" // IB_LOG_
 
-#include "my_crypt.h"
-
 /* Used for debugging */
 // #define DEBUG_CRYPT 1
 #define UNENCRYPTED_KEY_VER	0