ChangeSet@1.2703, 2007-12-07 09:35:28-05:00, cmiller@zippy.cornsilk.net +40 -0
Bug#13174: SHA2 function
Patch contributed from Bill Karwin, paper unnumbered CLA in Seattle
Implement SHA2 functions.
Chad added code to make it work with YaSSL. Also, he removed the
(probable) bug of embedded server never using SSL-dependent
functions. (libmysqld/Makefile.am didn't read ANY autoconf defs.)
Function specification:
SHA2( string cleartext, integer hash_length )
-> string hash, or NULL
where hash_length is one of 224, 256, 384, or 512. If either is
NULL or a length is unsupported, then the result is NULL. The
resulting string is always the length of the hash_length parameter
or is NULL.
Include the canonical hash examples from the NIST in the test
results.
---
Polish and address concerns of reviewers.
.bzrignore:
Added libmysqld/sha2.cc to the ignore list.
client/mysql.cc:
Add condition to remove code for embedded server.
client/mysqltest.cc:
Add condition to remove code for embedded server.
include/Makefile.am:
New header file to header list.
include/mysql_embed.h:
Embedded servers can use SSL-library functions too!
include/sha2.h:
Compatibility layer to make YaSSL behave like OpenSSL.
include/sslopt-case.h:
Remove SSL-communication parameters from command lines.
include/sslopt-longopts.h:
Remove SSL-communication parameters from command lines.
include/sslopt-vars.h:
Don't declare variables that are only used in SSL communication, if
we are compiling the embedded server.
include/violite.h:
Don't even compile the SSL-communication function if we're in the
embedded server.
---
Remove CPP condition indentation.
libmysqld/CMakeLists.txt:
Add new file to source list.
libmysqld/Makefile.am:
Include standard DEFS in embedded compilation. It's an undiscovered
but that it's not there.
Add new file to source list.
libmysqld/examples/Makefile.am:
Include autoconf DEFS.
libmysqld/lib_sql.cc:
Initialize SSL-related variables in embedded server.
mysql-test/include/have_ssl_crypto_functs.inc:
Distinguish between communication and crypto.
Use the tristate value of "have_ssl" variable to know whether to
test or not for SSL-provided crypto functions.
mysql-test/r/func_digest.result:
Test against the sample test vectors in the NIST Secure
Hash Standard (http://csrc.nist.gov/cryptval/shs.htm)
mysql-test/r/func_encrypt_nossl.result:
Update results to the new error message text.
mysql-test/r/have_ssl_is_yes_or_disabled_only.require:
Distinguish between communication and crypto.
Use the tristate value of "have_ssl" variable to know whether to
test or not for SSL-provided crypto functions.
mysql-test/suite/rpl/t/rpl_ssl.test:
Distinguish between communication and crypto.
mysql-test/suite/rpl/t/rpl_ssl1.test:
Distinguish between communication and crypto.
mysql-test/t/func_des_encrypt.test:
Distinguish between communication and crypto.
mysql-test/t/func_digest.test:
Test against the sample test vectors in the NIST Secure
Hash Standard (http://csrc.nist.gov/cryptval/shs.htm)
Also, test that various parameters (legal and illegal)
do what we expect.
---
Distinguish between communication and crypto.
mysql-test/t/func_encrypt.test:
Distinguish between communication and crypto.
mysql-test/t/openssl_1.test:
Don't test SSL communication if we're in the embedded server.
---
Distinguish between communication and crypto.
mysql-test/t/ssl-big.test:
Don't test SSL communication if we're in the embedded server.
---
Distinguish between communication and crypto.
mysql-test/t/ssl.test:
Don't test SSL communication if we're in the embedded server.
---
Distinguish between communication and crypto.
mysql-test/t/ssl_8k_key.test:
Don't test SSL communication if we're in the embedded server.
---
Distinguish between communication and crypto.
mysql-test/t/ssl_compress.test:
Don't test SSL communication if we're in the embedded server.
---
Distinguish between communication and crypto.
mysql-test/t/ssl_connect.test:
Don't test SSL communication if we're in the embedded server.
---
Distinguish between communication and crypto.
sql-common/client.c:
SSL is useful for more functionality than just connecting. Test
for whether we are not embedded server also.
sql/CMakeLists.txt:
Add new source file to source list so that we have access to SHA2
functions.
sql/Makefile.am:
Add new source file to source list so that we have access to SHA2
functions.
sql/item_create.cc:
Bootstrap the SHA2 function into the server.
sql/item_strfunc.cc:
Add new SHA2 Item class methods.
Clean up two minor problems.
---
Remove extraneous debugging.
---
We must check nullness of a parameter only /after/ computing its
value.
sql/item_strfunc.h:
Declare new SHA2 Item class.
sql/mysqld.cc:
For embedded server, don't refer to SSL-communications variables
or values.
---
Remove CPP condition indentation.
sql/sha2.cc:
Compatibility layer to make YaSSL behave like OpenSSL.
---
Add comment for generated functions.
sql/sql_acl.cc:
For embedded server, don't refer to SSL-communications variables
or values.
sql/sql_connect.cc:
SSL is useful for more functionality than just connecting. Test
for whether we are not embedded server also.
sql/sys_vars.cc:
For embedded server, don't refer to SSL-communications variables
or values.
ChangeSet@1.2703, 2007-12-07 09:35:28-05:00, cmiller@zippy.cornsilk.net +40 -0
Bug#13174: SHA2 function
Patch contributed from Bill Karwin, paper unnumbered CLA in Seattle
Implement SHA2 functions.
Chad added code to make it work with YaSSL. Also, he removed the
(probable) bug of embedded server never using SSL-dependent
functions. (libmysqld/Makefile.am didn't read ANY autoconf defs.)
Function specification:
SHA2( string cleartext, integer hash_length )
-> string hash, or NULL
where hash_length is one of 224, 256, 384, or 512. If either is
NULL or a length is unsupported, then the result is NULL. The
resulting string is always the length of the hash_length parameter
or is NULL.
Include the canonical hash examples from the NIST in the test
results.
---
Polish and address concerns of reviewers.
Adding my_global.h first in all files using
NO_EMBEDDED_ACCESS_CHECKS.
Correcting a merge problem resulting from a changed definition
of check_some_access compared to the original patches.
Adding my_global.h first in all files using
NO_EMBEDDED_ACCESS_CHECKS.
Correcting a merge problem resulting from a changed definition
of check_some_access compared to the original patches.
Conflicts:
Text conflict in mysql-test/suite/binlog/r/binlog_row_mix_innodb_myisam.result
Text conflict in sql/log.cc
Text conflict in sql/set_var.cc
Text conflict in sql/sql_class.cc
Conflicts:
Text conflict in mysql-test/suite/binlog/r/binlog_row_mix_innodb_myisam.result
Text conflict in sql/log.cc
Text conflict in sql/set_var.cc
Text conflict in sql/sql_class.cc
This patch:
- Moves all definitions from the mysql_priv.h file into
header files for the component where the variable is
defined
- Creates header files if the component lacks one
- Eliminates all include directives from mysql_priv.h
- Eliminates all circular include cycles
- Rename time.cc to sql_time.cc
- Rename mysql_priv.h to sql_priv.h
This patch:
- Moves all definitions from the mysql_priv.h file into
header files for the component where the variable is
defined
- Creates header files if the component lacks one
- Eliminates all include directives from mysql_priv.h
- Eliminates all circular include cycles
- Rename time.cc to sql_time.cc
- Rename mysql_priv.h to sql_priv.h
sql/handler.cc:
Initialize the "comment" member of the structure.
sql/sql_base.cc:
Compile out unused function.
sql/sql_update.cc:
Remove unused variable.
sql/sys_vars.cc:
Use correct format specifier.
This deadlock could occour betweeen one connection executing
SET GLOBAL EVENT_SCHEDULER= ON and another executing SET GLOBAL
EVENT_SCHEDULER= OFF. The bug was introduced by WL#4738.
The first connection would hold LOCK_event_metadata (protecting
the global variable) while trying to lock LOCK_global_system_variables
starting the event scheduler thread (in THD:init()).
The second connection would hold LOCK_global_system_variables
while trying to get LOCK_event_scheduler after stopping the event
scheduler inside event_scheduler_update().
This patch fixes the problem by not using LOCK_event_metadata to
protect the event_scheduler variable. It is still protected using
LOCK_global_system_variables. This fixes the deadlock as it removes
one of the two mutexes used to produce it.
However, this patch opens up the possibility that the event_scheduler
variable and the real event_scheduler state can become out of sync
(e.g. variable = OFF, but scheduler running). But this can only
happen under very unlikely conditions - two concurrent SET GLOBAL
statments, with one thread interrupted at the exact wrong moment.
This is preferable to having the possibility of a deadlock.
This patch also fixes a bug where it was possible to exit create_event()
without releasing LOCK_event_metadata if running out of memory during
its exection.
No test case added since a repeatable test case would have required
excessive use of new sync points. Instead we rely on the fact that
this bug was easily reproduceable using RGQ tests.
This deadlock could occour betweeen one connection executing
SET GLOBAL EVENT_SCHEDULER= ON and another executing SET GLOBAL
EVENT_SCHEDULER= OFF. The bug was introduced by WL#4738.
The first connection would hold LOCK_event_metadata (protecting
the global variable) while trying to lock LOCK_global_system_variables
starting the event scheduler thread (in THD:init()).
The second connection would hold LOCK_global_system_variables
while trying to get LOCK_event_scheduler after stopping the event
scheduler inside event_scheduler_update().
This patch fixes the problem by not using LOCK_event_metadata to
protect the event_scheduler variable. It is still protected using
LOCK_global_system_variables. This fixes the deadlock as it removes
one of the two mutexes used to produce it.
However, this patch opens up the possibility that the event_scheduler
variable and the real event_scheduler state can become out of sync
(e.g. variable = OFF, but scheduler running). But this can only
happen under very unlikely conditions - two concurrent SET GLOBAL
statments, with one thread interrupted at the exact wrong moment.
This is preferable to having the possibility of a deadlock.
This patch also fixes a bug where it was possible to exit create_event()
without releasing LOCK_event_metadata if running out of memory during
its exection.
No test case added since a repeatable test case would have required
excessive use of new sync points. Instead we rely on the fact that
this bug was easily reproduceable using RGQ tests.
had broken the 5.1 behaviour of --log-error: --log-error without argument sent to stderr instead of writing
to a file with an autogenerated name.
mysql-test/suite/sys_vars/t/log_error_func.test:
test that error log is created and shown in SHOW VARIABLES.
Interestingly the error log's path is apparently relative if --log-error=argument is used, but
may be absolute or relative if --log-error(no argument) is used (because then the path is derived from
that of pidfile_name, which can be absolute or relative, depending on if autogenerated or not).
mysql-test/suite/sys_vars/t/log_error_func2.test:
test that error log is created and shown in SHOW VARIABLES
mysql-test/suite/sys_vars/t/log_error_func3.test:
test that error log is empty in SHOW VARIABLES
sql/mysql_priv.h:
id for option --log-error
sql/mysqld.cc:
No --log-error means "write errors to stderr", whereas --log-error
without argument means "write errors to a file". So we cannot use the default logic
of class sys_var_charptr, which treats "option not used" the same as "option used
without argument" and uses the same default for both. We need to catch "option used",
in mysqld_get_one_option(), and then "without argument". Setting to "" makes sure
that init_server_components() will create the log, with an autogenerated name.
sql/sys_vars.cc:
need to give the option a numeric id so that we can catch it in mysqld_get_one_option()
Add deprecation warning when variable optimizer_search_depth is given
the value 63.
mysql-test/r/greedy_optimizer.result
Updated with warning text.
mysql-test/r/mysqld--help-notwin.result
Updated with warning from mysqld --help --verbose.
mysql-test/r/mysqld--help-win.result
Updated with warning from mysqld --help --verbose.
sql/sys_vars.cc
Added an update check function to the constructor invocation for
the optimizer_search_depth variable. The function emits a
warning message for the value 63.
Add deprecation warning when variable optimizer_search_depth is given
the value 63.
mysql-test/r/greedy_optimizer.result
Updated with warning text.
mysql-test/r/mysqld--help-notwin.result
Updated with warning from mysqld --help --verbose.
mysql-test/r/mysqld--help-win.result
Updated with warning from mysqld --help --verbose.
sql/sys_vars.cc
Added an update check function to the constructor invocation for
the optimizer_search_depth variable. The function emits a
warning message for the value 63.
There was auto-reconnecting by slave earlier than a prescribed by slave_net_timeout value.
The issue happened on 64bit solaris that spotted rather incorrect casting of
the ulong slave_net_timeout into the uint of mysql.options.read_timeout.
Notice, that there is no reason for slave_net_timeout to be of type of ulong.
Since it's primarily passed as arg to mysql_options the type can be made
as uint to avoid all conversion hassles.
That's what the fixes are made.
A "side" effect of the patch is a new value for the max of slave_net_timeout
to be the max of the unsigned int type (therefore to vary across platforms).
Note, a regression test can't be made to run reliably without making it to last over some
20 secs. That's why it is placed in suite/large_tests.
mysql-test/suite/large_tests/r/rpl_slave_net_timeout.result:
the new test results.
mysql-test/suite/large_tests/t/rpl_slave_net_timeout-slave.opt:
Initialization of the option that yields slave_net_timeout's default.
sql/mysql_priv.h:
changing type for slave_net_timeout from ulong to uint
sql/mysqld.cc:
changing type for slave_net_timeout from ulong to uint
sql/sys_vars.cc:
Refining the max value for slave_net_timeout to be as the max for uint type.
There was auto-reconnecting by slave earlier than a prescribed by slave_net_timeout value.
The issue happened on 64bit solaris that spotted rather incorrect casting of
the ulong slave_net_timeout into the uint of mysql.options.read_timeout.
Notice, that there is no reason for slave_net_timeout to be of type of ulong.
Since it's primarily passed as arg to mysql_options the type can be made
as uint to avoid all conversion hassles.
That's what the fixes are made.
A "side" effect of the patch is a new value for the max of slave_net_timeout
to be the max of the unsigned int type (therefore to vary across platforms).
Note, a regression test can't be made to run reliably without making it to last over some
20 secs. That's why it is placed in suite/large_tests.
SUPER_ACL should be checked unconditionally while verifying if the binlog_format
or the binlog_direct_non_transactional_updates might be changed.
Roughly speaking, both session values cannot be changed in the context of a
transaction or a stored function. Note that changing the global value does
not cause any effect until a new connection is created.
So, we fixed the problem by first checking the permissions and right after further
verifications are ignored if the global value is being updated. In this patch, we
also re-structure the test case to make it more readable.
SUPER_ACL should be checked unconditionally while verifying if the binlog_format
or the binlog_direct_non_transactional_updates might be changed.
Roughly speaking, both session values cannot be changed in the context of a
transaction or a stored function. Note that changing the global value does
not cause any effect until a new connection is created.
So, we fixed the problem by first checking the permissions and right after further
verifications are ignored if the global value is being updated. In this patch, we
also re-structure the test case to make it more readable.
A set of program options and variables was deprecated in
MySQL 5.1, and is hereby removed.
client/mysql.cc:
--no-auto-rehash (-A) is no longer deprecated
--no-named-commands (-g) is now removed
--skip-line-numbers (-L) is no longer deprecated
--set-variable (-O) is now removed
--no-pager is now removed
client/mysqlbinlog.cc:
--position is now removed (use --start-position)
-j is now equivalent with --start-position
client/mysqldump.c:
--first-slave is now removed
--no-set-names (-N) is now removed
--set-variable (-O) is now removed
mysql-test/include/default_mysqld.cnf:
default-character-set is removed as an option
character-set-server is equivalent.
mysql-test/t/bug47671-master.opt:
default-character-set option is removed
character-set-server is equivalent
mysql-test/t/ctype_latin1_de-master.opt:
default-character-set option is removed
character-set-server is equivalent
mysql-test/t/ctype_ucs2_def-master.opt:
default-collation is removed
collation-server is equicalent
scripts/mysqld_multi.sh:
--config-file has been superseded by
--defaults-extra-file
sql/mysql_priv.h:
Removed the version number in the deprecation
warning text, as decided by ServerPT.
sql/mysqld.cc:
--default-character-set (-C) is removed
--default-collation is removed
--log-long-format (-0) is removed
--safe-show-database is removed
--set-variable (-O) is removed
sql/sql_yacc.yy:
The FRAC_SECOND keyword is removed
sql/sys_vars.cc:
The sql_log_update system variable is removed
This patch removes the unused server variable
"table_lock_wait_timeout".
mysql-test/r/variables.result:
Updated the test for Bug#28580 to reflect that
"table_lock_wait_timeout" no longer exists.
mysql-test/t/variables.test:
Updated the test for Bug#28580 to reflect that
"table_lock_wait_timeout" no longer exists.
