Percona XtraBackup moved to https://jira.percona.com/projects/PXB

Merge lp:~gl-az/percona-xtrabackup/bug1255300-2.1 into lp:percona-xtrabackup/2.1

bug1255300-2.1
Merge into 2.1

Proposed by George Ormond Lorch III on 2013-11-27

Status:

Merged

Approved by:

Alexey Kopytov on 2013-11-28

Approved revision:

no longer in the source branch.

Merged at revision:

704

Proposed branch:

lp:~gl-az/percona-xtrabackup/bug1255300-2.1

Merge into:

lp:percona-xtrabackup/2.1

Diff against target:

67 lines (+1/-23)

4 files modified

src/ds_encrypt.c (+0/-2)
src/xbcrypt.c (+0/-2)
src/xbcrypt.h (+0/-2)
src/xbcrypt_common.c (+1/-17)

To merge this branch:

bzr merge lp:~gl-az/percona-xtrabackup/bug1255300-2.1

Medium

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Alexey Kopytov (community)		2013-11-27	Approve on 2013-11-28
Review via email: mp+196803@code.launchpad.net

Description of the change

Simple fix for bug 1255300 - weak random numbers used for IV encryption.
Changed over to using libgcrypt gcry_create_nonce to create IV.

Revision history for this message

George Ormond Lorch III (gl-az) wrote on 2013-11-27:

BT-23557
jenkins http://jenkins.percona.com/view/XtraBackup/job/percona-xtrabackup-2.1-param/501/

Revision history for this message

Alexey Kopytov (akopytov) wrote on 2013-11-27:

If xb_crypt_init_iv() is now a no-op, what's the reason to preserve it?

review: Needs Fixing

Revision history for this message

George Ormond Lorch III (gl-az) wrote on 2013-11-27:

Yeah, I thought I might want to keep it for some of the asymmetric work but that won't apply to 2.0 anyway so you are right, it is not needed. Pulled it and new jenkins http://jenkins.percona.com/view/XtraBackup/job/percona-xtrabackup-2.1-param/502/

Revision history for this message

Alexey Kopytov (akopytov) on 2013-11-28:

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Alexey Kopytov

George Ormond Lorch III

Percona core

1	=== modified file 'src/ds_encrypt.c'
2	--- src/ds_encrypt.c 2013-10-17 01:00:57 +0000
3	+++ src/ds_encrypt.c 2013-11-27 18:44:33 +0000
4	@@ -172,8 +172,6 @@
5	xb_a(encrypt_iv_len > 0);
6	xb_a(encrypt_iv_len <= sizeof(encrypt_iv));
7
8	- xb_crypt_init_iv();
9	-
10	/* Now set up the key */
11	if (xtrabackup_encrypt_key == NULL &&
12	xtrabackup_encrypt_key_file == NULL) {
13
14	=== modified file 'src/xbcrypt.c'
15	--- src/xbcrypt.c 2013-10-17 01:00:57 +0000
16	+++ src/xbcrypt.c 2013-11-27 18:44:33 +0000
17	@@ -503,8 +503,6 @@
18
19	ivbuf = my_malloc(encrypt_iv_len, MYF(MY_FAE));
20
21	- xb_crypt_init_iv();
22	-
23	/* now read in data in chunk size, encrypt and write out */
24	chunkbuflen = opt_encrypt_chunk_size;
25	chunkbuf = my_malloc(chunkbuflen, MYF(MY_FAE));
26
27	=== modified file 'src/xbcrypt.h'
28	--- src/xbcrypt.h 2013-10-17 01:00:57 +0000
29	+++ src/xbcrypt.h 2013-11-27 18:44:33 +0000
30	@@ -76,7 +76,5 @@
31	my_bool xb_crypt_read_key_file(const char *filename,
32	void** key, uint *keylength);
33
34	-void xb_crypt_init_iv();
35	-
36	void xb_crypt_create_iv(void* ivbuf, size_t ivlen);
37	#endif
38
39	=== modified file 'src/xbcrypt_common.c'
40	--- src/xbcrypt_common.c 2013-10-17 01:00:57 +0000
41	+++ src/xbcrypt_common.c 2013-11-27 18:44:33 +0000
42	@@ -43,24 +43,8 @@
43	return TRUE;
44	}
45
46	-
47	-void
48	-xb_crypt_init_iv()
49	-{
50	- uint seed = time(NULL);
51	- srandom(seed);
52	-}
53	-
54	void
55	xb_crypt_create_iv(void* ivbuf, size_t ivlen)
56	{
57	- size_t i;
58	- ulong rndval;
59	-
60	- for (i = 0; i < ivlen; i++) {
61	- if (i % 4 == 0) {
62	- rndval = (ulong) random();
63	- }
64	- ((uchar)ivbuf)[i] = ((uchar)&rndval)[i % 4];
65	- }
66	+ gcry_create_nonce(ivbuf, ivlen);
67	}

Percona XtraBackup moved to https://jira.percona.com/projects/PXB

Merge lp:~gl-az/percona-xtrabackup/bug1255300-2.1 into lp:percona-xtrabackup/2.1

Commit message

Description of the change

Preview Diff

Subscribers