Percona XtraBackup moved to https://jira.percona.com/projects/PXB

Merge lp:~gl-az/percona-xtrabackup/bug1255300-2.2 into lp:percona-xtrabackup/2.2

bug1255300-2.2
Merge into 2.2

Proposed by George Ormond Lorch III on 2013-11-27

Status:

Merged

Approved by:

Alexey Kopytov on 2013-11-28

Approved revision:

no longer in the source branch.

Merged at revision:

4913

Proposed branch:

lp:~gl-az/percona-xtrabackup/bug1255300-2.2

Merge into:

lp:percona-xtrabackup/2.2

Diff against target:

67 lines (+1/-23)

4 files modified

storage/innobase/xtrabackup/src/ds_encrypt.c (+0/-2)
storage/innobase/xtrabackup/src/xbcrypt.c (+0/-2)
storage/innobase/xtrabackup/src/xbcrypt.h (+0/-2)
storage/innobase/xtrabackup/src/xbcrypt_common.c (+1/-17)

To merge this branch:

bzr merge lp:~gl-az/percona-xtrabackup/bug1255300-2.2

Medium

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Alexey Kopytov (community)		2013-11-27	Approve on 2013-11-28
Review via email: mp+196804@code.launchpad.net

Description of the change

Simple fix for bug 1255300 - weak random numbers used for IV encryption.
Changed over to using libgcrypt gcry_create_nonce to create IV.

Revision history for this message

George Ormond Lorch III (gl-az) wrote on 2013-11-27:

BT-23557
jenkins http://jenkins.percona.com/view/XtraBackup/job/percona-xtrabackup-2.2-param/61/

Revision history for this message

Alexey Kopytov (akopytov) wrote on 2013-11-27:

If xb_crypt_init_iv() is now a no-op, what's the reason to preserve it?

review: Needs Fixing

Revision history for this message

George Ormond Lorch III (gl-az) wrote on 2013-11-27:

Same comment as 2.1 and new jenkins http://jenkins.percona.com/view/XtraBackup/job/percona-xtrabackup-2.2-param/64/

Revision history for this message

Alexey Kopytov (akopytov) on 2013-11-28:

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Alexey Kopytov

George Ormond Lorch III

Percona core

1	=== modified file 'storage/innobase/xtrabackup/src/ds_encrypt.c'
2	--- storage/innobase/xtrabackup/src/ds_encrypt.c 2013-11-26 10:44:44 +0000
3	+++ storage/innobase/xtrabackup/src/ds_encrypt.c 2013-11-27 19:18:55 +0000
4	@@ -183,8 +183,6 @@
5	xb_a(encrypt_iv_len > 0);
6	xb_a(encrypt_iv_len <= sizeof(encrypt_iv));
7
8	- xb_crypt_init_iv();
9	-
10	/* Now set up the key */
11	if (xtrabackup_encrypt_key == NULL &&
12	xtrabackup_encrypt_key_file == NULL) {
13
14	=== modified file 'storage/innobase/xtrabackup/src/xbcrypt.c'
15	--- storage/innobase/xtrabackup/src/xbcrypt.c 2013-11-26 10:44:44 +0000
16	+++ storage/innobase/xtrabackup/src/xbcrypt.c 2013-11-27 19:18:55 +0000
17	@@ -503,8 +503,6 @@
18
19	ivbuf = my_malloc(encrypt_iv_len, MYF(MY_FAE));
20
21	- xb_crypt_init_iv();
22	-
23	/* now read in data in chunk size, encrypt and write out */
24	chunkbuflen = opt_encrypt_chunk_size;
25	chunkbuf = my_malloc(chunkbuflen, MYF(MY_FAE));
26
27	=== modified file 'storage/innobase/xtrabackup/src/xbcrypt.h'
28	--- storage/innobase/xtrabackup/src/xbcrypt.h 2013-10-17 01:00:57 +0000
29	+++ storage/innobase/xtrabackup/src/xbcrypt.h 2013-11-27 19:18:55 +0000
30	@@ -76,7 +76,5 @@
31	my_bool xb_crypt_read_key_file(const char *filename,
32	void** key, uint *keylength);
33
34	-void xb_crypt_init_iv();
35	-
36	void xb_crypt_create_iv(void* ivbuf, size_t ivlen);
37	#endif
38
39	=== modified file 'storage/innobase/xtrabackup/src/xbcrypt_common.c'
40	--- storage/innobase/xtrabackup/src/xbcrypt_common.c 2013-11-26 10:44:44 +0000
41	+++ storage/innobase/xtrabackup/src/xbcrypt_common.c 2013-11-27 19:18:55 +0000
42	@@ -53,24 +53,8 @@
43	return TRUE;
44	}
45
46	-
47	-void
48	-xb_crypt_init_iv()
49	-{
50	- uint seed = time(NULL);
51	- srandom(seed);
52	-}
53	-
54	void
55	xb_crypt_create_iv(void* ivbuf, size_t ivlen)
56	{
57	- size_t i;
58	- ulong rndval;
59	-
60	- for (i = 0; i < ivlen; i++) {
61	- if (i % 4 == 0) {
62	- rndval = (ulong) random();
63	- }
64	- ((uchar)ivbuf)[i] = ((uchar)&rndval)[i % 4];
65	- }
66	+ gcry_create_nonce(ivbuf, ivlen);
67	}

Percona XtraBackup moved to https://jira.percona.com/projects/PXB

Merge lp:~gl-az/percona-xtrabackup/bug1255300-2.2 into lp:percona-xtrabackup/2.2

Commit message

Description of the change

Preview Diff

Subscribers