From dddcf400af9a693fdbed4e692d71bf98b79b7aa1 Mon Sep 17 00:00:00 2001 From: Nikita Malyavin Date: Wed, 26 Jun 2024 15:10:13 +0200 Subject: [PATCH 1/3] fix MDEV-34424 for ed255129 realloc can't be done for mysql->passwd. There's also no pretty way to pass the ext-salt into hash_password, so let's use thread_local instead. For GCC < 4.9 (SLES 12, CentOS 7), which don't support _Thread_local, pk will be recalculated instead --- plugins/auth/CMakeLists.txt | 13 +++++++++++++ plugins/auth/ed25519.c | 30 ++++++++++++++++++------------ 2 files changed, 31 insertions(+), 12 deletions(-) diff --git a/plugins/auth/CMakeLists.txt b/plugins/auth/CMakeLists.txt index d04fc7f1..b5a48fd6 100644 --- a/plugins/auth/CMakeLists.txt +++ b/plugins/auth/CMakeLists.txt @@ -20,6 +20,13 @@ ELSE() UNSET(CRYPTO_PLUGIN) ENDIF() +# GCC < 3.9 does not support thread-local storage in C +IF(CMAKE_C_COMPILER_ID MATCHES "GNU" AND CMAKE_C_COMPILER_VERSION VERSION_LESS "4.9") + SET(HAVE_C_THREAD_LOCAL 0) +ELSE() + SET(HAVE_C_THREAD_LOCAL 1) +ENDIF() + #native password REGISTER_PLUGIN(TARGET mysql_native_password TYPE MARIADB_CLIENT_PLUGIN_AUTH @@ -62,6 +69,12 @@ IF(CRYPTO_PLUGIN) INCLUDES ${REF10_DIR} LIBRARIES ${CRYPT_LIBS} COMPILE_OPTIONS -DMYSQL_CLIENT=1) + SET_PROPERTY(TARGET client_ed25519 PROPERTY C_STANDARD 11) + + IF(HAVE_C_THREAD_LOCAL) + TARGET_COMPILE_DEFINITIONS(client_ed25519 PRIVATE -DHAVE_THREAD_LOCAL) + ENDIF() + IF(MSVC) # Silence conversion (integer truncation) warnings from reference code SET_SOURCE_FILES_PROPERTIES(${REF10_SOURCES} PROPERTY COMPILE_FLAGS "-DMYSQL_CLIENT=1 /wd4244 /wd4146") diff --git a/plugins/auth/ed25519.c b/plugins/auth/ed25519.c index ff2f39a5..a47a5049 100644 --- a/plugins/auth/ed25519.c +++ b/plugins/auth/ed25519.c @@ -88,15 +88,20 @@ struct st_mysql_client_plugin_AUTHENTICATION _mysql_client_plugin_declaration_ = auth_ed25519_hash }; +#ifdef HAVE_THREAD_LOCAL +/* pk will be used in the future auth_ed25519_hash() call, after the authentication */ +static _Thread_local unsigned char pk[CRYPTO_PUBLICKEYBYTES]; +#endif static int auth_ed25519_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql) { unsigned char *packet, - signature[CRYPTO_BYTES + NONCE_BYTES], - pk[CRYPTO_PUBLICKEYBYTES]; + signature[CRYPTO_BYTES + NONCE_BYTES]; +#ifndef HAVE_THREAD_LOCAL + unsigned char pk[CRYPTO_PUBLICKEYBYTES]; +#endif unsigned long long pkt_len; size_t pwlen= strlen(mysql->passwd); - char *newpw; /* Step 1: Server sends nonce @@ -117,26 +122,27 @@ static int auth_ed25519_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql) if (vio->write_packet(vio, signature, CRYPTO_BYTES)) return CR_ERROR; - /* save pk for the future auth_ed25519_hash() call */ - if ((newpw= realloc(mysql->passwd, pwlen + 1 + sizeof(pk)))) - { - memcpy(newpw + pwlen + 1, pk, sizeof(pk)); - mysql->passwd= newpw; - } - return CR_OK; } /* }}} */ /* {{{ static int auth_ed25519_hash */ -static int auth_ed25519_hash(MYSQL *mysql, unsigned char *out, size_t *outlen) +static int auth_ed25519_hash(MYSQL *mysql __attribute__((unused)), + unsigned char *out, size_t *outlen) { +#ifndef HAVE_THREAD_LOCAL + unsigned char pk[CRYPTO_PUBLICKEYBYTES]; +#endif if (*outlen < CRYPTO_PUBLICKEYBYTES) return 1; *outlen= CRYPTO_PUBLICKEYBYTES; +#ifndef HAVE_THREAD_LOCAL + crypto_sign_keypair(pk, (unsigned char*)mysql->passwd, strlen(mysql->passwd)); +#endif + /* use the cached value */ - memcpy(out, mysql->passwd + strlen(mysql->passwd) + 1, CRYPTO_PUBLICKEYBYTES); + memcpy(out, pk, CRYPTO_PUBLICKEYBYTES); return 0; } /* }}} */ From 2888c180e404eb7d31e9b85d4de20fd055bbe641 Mon Sep 17 00:00:00 2001 From: Oleksandr Byelkin Date: Wed, 24 Jul 2024 09:53:26 +0200 Subject: [PATCH 2/3] bump version --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index ed9572cb..32211bde 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -37,7 +37,7 @@ SET(CC_BINARY_DIR ${CMAKE_CURRENT_BINARY_DIR}) SET(CPACK_PACKAGE_VERSION_MAJOR 3) SET(CPACK_PACKAGE_VERSION_MINOR 4) -SET(CPACK_PACKAGE_VERSION_PATCH 0) +SET(CPACK_PACKAGE_VERSION_PATCH 1) SET(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") MATH(EXPR MARIADB_PACKAGE_VERSION_ID "${CPACK_PACKAGE_VERSION_MAJOR} * 10000 + ${CPACK_PACKAGE_VERSION_MINOR} * 100 + From 4681372f9cfe157752ff78520923c49e9af71e90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20M=C3=A4kel=C3=A4?= Date: Wed, 31 Jul 2024 10:05:00 +0300 Subject: [PATCH 3/3] CONC-700: Fix gcc-14 -Wcalloc-transposed-args --- unittest/libmariadb/bulk1.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/unittest/libmariadb/bulk1.c b/unittest/libmariadb/bulk1.c index 56ae20d8..eb28719c 100644 --- a/unittest/libmariadb/bulk1.c +++ b/unittest/libmariadb/bulk1.c @@ -1125,8 +1125,8 @@ static int bulk_with_unit_result_insert(MYSQL *my) check_stmt_rc(rc, stmt); /* allocate memory */ - buffer= calloc(TEST_ARRAY_SIZE, sizeof(char *)); - lengths= (unsigned long *)calloc(sizeof(long), TEST_ARRAY_SIZE); + buffer= calloc(TEST_ARRAY_SIZE, sizeof *buffer); + lengths= calloc(TEST_ARRAY_SIZE, sizeof *lengths); for (i=0; i < TEST_ARRAY_SIZE; i++) { @@ -1251,7 +1251,7 @@ static int bulk_with_unit_result_delete(MYSQL *my) rc= mysql_stmt_attr_set(stmt, STMT_ATTR_ARRAY_SIZE, &array_size); check_stmt_rc(rc, stmt); - vals= (unsigned int *)calloc(sizeof(int), 5); + vals= calloc(5, sizeof *vals); memset(bind, 0, sizeof(MYSQL_BIND) * 1); bind[0].buffer_type= MYSQL_TYPE_LONG; bind[0].buffer= vals; @@ -1359,7 +1359,7 @@ static int bulk_with_unit_result_update(MYSQL *my) rc= mysql_stmt_attr_set(stmt, STMT_ATTR_ARRAY_SIZE, &array_size); check_stmt_rc(rc, stmt); - vals= (unsigned int *)calloc(sizeof(int), 5); + vals= calloc(5, sizeof *vals); memset(bind, 0, sizeof(MYSQL_BIND) * 1); bind[0].buffer_type= MYSQL_TYPE_LONG; bind[0].buffer= vals;