* use new deprecated printer for all deprecated server options
* restore alphabetic option sorting order
* move deprecated printer from mysqld.cc to my_getopt.c
* in --help print deprecation message at the end of the option help
* move 'ALL' help text where it belongs - to other SET options, and
with a correct indentation.
* consistently end all or none command-line option help strings
with a dot - my_print_help() needs that.
It's about 50/50 now, so let's do none, less line wraps in --help
* remove trailing spaces from command-line option help strings
AWS KMS plugin saves all key files under the root folder of data
directory. Increasing of the key IDs and key rotations will generate a
lot of key files under the root folder, looks messy and hard to
maintain the folder permission etc.
Now introduce a new plugin parameter `aws_key_management_keyfile_dir` to
define the directory for saving the key files for better maintenance.
Detailed parameter information as following:
```
VARIABLE_NAME: AWS_KEY_MANAGEMENT_KEYFILE_DIR
SESSION_VALUE: NULL
GLOBAL_VALUE: <Directory path>
GLOBAL_VALUE_ORIGIN: COMMAND-LINE
DEFAULT_VALUE:
VARIABLE_SCOPE: GLOBAL
VARIABLE_TYPE: VARCHAR
VARIABLE_COMMENT: Define the directory in which to save key files
for the AWS key management plugin. If not set,
the root datadir will be used
READ_ONLY: YES
COMMAND_LINE_ARGUMENT: REQUIRED
GLOBAL_VALUE_PATH: NULL
```
All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the
BSD-new license. I am contributing on behalf of my employer Amazon Web
Services, Inc.
Recent gcc/clang versions failed to compile the existing code.
Updating a later upstream SDK version was simple and required
only implementing a flush method. This was left blank as
there was no strong requirement to keep the error log
atomic or durable.
Reviewed-by: wlad@mariadb.com
The upstream SDK version added a flush method which was simple
to complete.
- Add new submodule for WolfSSL
- Build and use wolfssl and wolfcrypt instead of yassl/taocrypt
- Use HAVE_WOLFSSL instead of HAVE_YASSL
- Increase MY_AES_CTX_SIZE, to avoid compile time asserts in my_crypt.cc
(sizeof(EVP_CIPHER_CTX) is larger on WolfSSL)
Handle string length as size_t, consistently (almost always:))
Change function prototypes to accept size_t, where in the past
ulong or uint were used. change local/member variables to size_t
when appropriate.
This fix excludes rocksdb, spider,spider, sphinx and connect for now.
If this variable is set, skip actual AWS calls, and fake/mock
both generation and encryption of the keys.
The advantage of having a mock mode is that more aws_key_management tests
can be enabled on buildbot.
Do not exporting mysqld entry points directly.
This is needed for mariabackup, to load encryption plugins on Windows.
All plugins are "pure" by default. To mark plugin "impure"
it should use RECOMPILE_FOR_EMBEDDED or STORAGE_ENGINE keyword.
AWS C++ SDK always defaults region to us-east-1 for clientConfiguration
(ignoring config file or env.variable)
This patch introduces a plugin variable 'region' to make it usable
for master keys created in regions other than 'us-east-1'.
- Library path's are different now
- New dependency on Linux libuuid
- Add calls for SDK Initialization/shutdown
- Also add request_timeout parameter, default SDK HTTPs timeout appears
to be too short in my tests
