MySQL 8.4.2
Source Code Documentation
migrate_keyring.h
Go to the documentation of this file.
1/* Copyright (c) 2017, 2024, Oracle and/or its affiliates.
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License, version 2.0,
5 as published by the Free Software Foundation.
6
7 This program is designed to work with certain software (including
8 but not limited to OpenSSL) that is licensed under separate terms,
9 as designated in a particular file or component or in included license
10 documentation. The authors of MySQL hereby grant you an additional
11 permission to link the program and your derivative works with the
12 separately licensed software that they have either included with
13 the program or referenced in the documentation.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License, version 2.0, for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
23
24#ifndef MIGRATE_KEYRING_H_INCLUDED
25#define MIGRATE_KEYRING_H_INCLUDED
26
27#include <string>
28#include "mysql.h"
29#include "mysql/plugin_keyring.h"
30#include "sql_common.h" // NET_SERVER
31
32#include <mysql/components/services/keyring_keys_metadata_iterator.h>
33#include <mysql/components/services/keyring_load.h>
34#include <mysql/components/services/keyring_reader_with_status.h>
35#include <mysql/components/services/keyring_writer.h>
36
37class THD;
38
39#define MAX_KEY_LEN 16384
40
41enum class enum_plugin_type { SOURCE_PLUGIN = 0, DESTINATION_PLUGIN };
42
43class Key_info {
44 public:
45 Key_info() = default;
46 Key_info(char *key_id, char *user_id) {
47 m_key_id = key_id;
48 m_user_id = user_id;
49 }
50 Key_info(const Key_info &ki) {
51 this->m_key_id = ki.m_key_id;
52 this->m_user_id = ki.m_user_id;
53 }
54
55 public:
56 std::string m_key_id;
57 std::string m_user_id;
58};
59
60using const_keyring_writer_t = SERVICE_TYPE(keyring_writer);
61using const_keyring_load_t = SERVICE_TYPE(keyring_load);
62using const_keyring_reader_with_status_t =
63 SERVICE_TYPE(keyring_reader_with_status);
64using const_keyring_keys_metadata_iterator_t =
65 SERVICE_TYPE(keyring_keys_metadata_iterator);
66
67class Keyring_component {
68 protected:
69 Keyring_component() {}
70 Keyring_component(const std::string component_path,
71 const std::string implementation_name);
72 ~Keyring_component();
73
74 public:
75 const_keyring_load_t *initializer() { return keyring_load_service_; }
76 bool ok() { return ok_; }
77
78 protected:
79 const std::string component_path_;
80 my_h_service h_keyring_load_service;
81 const_keyring_load_t *keyring_load_service_;
82 bool component_loaded_;
83 bool ok_;
84};
85
86class Source_keyring_component final : public Keyring_component {
87 public:
88 Source_keyring_component(const std::string component_path,
89 const std::string implementation_name);
90 ~Source_keyring_component();
91
92 const_keyring_reader_with_status_t *reader() {
93 return keyring_reader_service_;
94 }
95 const_keyring_keys_metadata_iterator_t *metadata_iterator() {
96 return keyring_keys_metadata_iterator_service_;
97 }
98
99 private:
100 const_keyring_keys_metadata_iterator_t
101 *keyring_keys_metadata_iterator_service_;
102 const_keyring_reader_with_status_t *keyring_reader_service_;
103};
104
105class Destination_keyring_component final : public Keyring_component {
106 public:
107 Destination_keyring_component(const std::string component_path,
108 const std::string implementation_name);
109 ~Destination_keyring_component();
110
111 const_keyring_writer_t *writer() { return keyring_writer_service_; }
112
113 private:
114 const_keyring_writer_t *keyring_writer_service_;
115};
116
117class Migrate_keyring {
118 public:
119 /**
120 Standard constructor.
121 */
122 Migrate_keyring();
123 /**
124 Initialize all needed parameters to proceed with migration process.
125 */
126 bool init(int argc, char **argv, char *source_plugin,
127 char *destination_plugin, char *user, char *host, char *password,
128 char *socket, ulong port, bool migrate_to_component,
129 bool migrate_from_component);
130 /**
131 Migrate keys from source keyring to destination keyring.
132 */
133 bool execute();
134 /**
135 Standard destructor
136 */
137 ~Migrate_keyring();
138
139 private:
140 /**
141 Load source or destination plugin.
142 */
143 bool load_plugin(enum_plugin_type plugin_type);
144 /**
145 Load component
146 */
147 bool load_component();
148 /**
149 Fetch keys from source plugin and store in destination plugin.
150 */
151 bool fetch_and_store_keys();
152 /**
153 Disable @@keyring_operations variable.
154 */
155 bool disable_keyring_operations();
156 /**
157 Enable @@keyring_operations variable.
158 */
159 bool enable_keyring_operations();
160
161 private:
162 int m_argc;
163 char **m_argv;
164 std::string m_source_plugin_option;
165 std::string m_destination_plugin_option;
166 std::string m_source_plugin_name;
167 std::string m_destination_plugin_name;
168 std::string m_internal_option[2];
169 st_mysql_keyring *m_source_plugin_handle;
170 st_mysql_keyring *m_destination_plugin_handle;
171 std::vector<Key_info> m_source_keys;
172 MYSQL *mysql;
173 NET_SERVER server_extn;
174 bool m_migrate_to_component;
175 bool m_migrate_from_component;
176 Source_keyring_component *m_source_component;
177 Destination_keyring_component *m_destination_component;
178};
179
180#endif /* MIGRATE_KEYRING_H_INCLUDED */
Destination_keyring_component
Definition: migrate_keyring.h:105
Destination_keyring_component::writer
const_keyring_writer_t * writer()
Definition: migrate_keyring.h:111
Destination_keyring_component::Destination_keyring_component
Destination_keyring_component(const std::string component_path, const std::string implementation_name)
Definition: migrate_keyring.cc:149
Destination_keyring_component::~Destination_keyring_component
~Destination_keyring_component()
Definition: migrate_keyring.cc:183
Destination_keyring_component::keyring_writer_service_
const_keyring_writer_t * keyring_writer_service_
Definition: migrate_keyring.h:114
Key_info
Definition: migrate_keyring.h:43
Key_info::m_key_id
std::string m_key_id
Definition: migrate_keyring.h:56
Key_info::Key_info
Key_info(char *key_id, char *user_id)
Definition: migrate_keyring.h:46
Key_info::Key_info
Key_info(const Key_info &ki)
Definition: migrate_keyring.h:50
Key_info::m_user_id
std::string m_user_id
Definition: migrate_keyring.h:57
Key_info::Key_info
Key_info()=default
Keyring_component
Definition: migrate_keyring.h:67
Keyring_component::component_loaded_
bool component_loaded_
Definition: migrate_keyring.h:82
Keyring_component::keyring_load_service_
const_keyring_load_t * keyring_load_service_
Definition: migrate_keyring.h:81
Keyring_component::~Keyring_component
~Keyring_component()
Definition: migrate_keyring.cc:70
Keyring_component::ok
bool ok()
Definition: migrate_keyring.h:76
Keyring_component::component_path_
const std::string component_path_
Definition: migrate_keyring.h:79
Keyring_component::initializer
const_keyring_load_t * initializer()
Definition: migrate_keyring.h:75
Keyring_component::h_keyring_load_service
my_h_service h_keyring_load_service
Definition: migrate_keyring.h:80
Keyring_component::Keyring_component
Keyring_component()
Definition: migrate_keyring.h:69
Keyring_component::ok_
bool ok_
Definition: migrate_keyring.h:83
Migrate_keyring
Definition: migrate_keyring.h:117
Migrate_keyring::m_source_plugin_handle
st_mysql_keyring * m_source_plugin_handle
Definition: migrate_keyring.h:169
Migrate_keyring::m_source_plugin_option
std::string m_source_plugin_option
Definition: migrate_keyring.h:164
Migrate_keyring::m_destination_component
Destination_keyring_component * m_destination_component
Definition: migrate_keyring.h:177
Migrate_keyring::m_argc
int m_argc
Definition: migrate_keyring.h:162
Migrate_keyring::server_extn
NET_SERVER server_extn
Definition: migrate_keyring.h:173
Migrate_keyring::m_destination_plugin_handle
st_mysql_keyring * m_destination_plugin_handle
Definition: migrate_keyring.h:170
Migrate_keyring::enable_keyring_operations
bool enable_keyring_operations()
Enable @keyring_operations variable.
Definition: migrate_keyring.cc:748
Migrate_keyring::m_destination_plugin_option
std::string m_destination_plugin_option
Definition: migrate_keyring.h:165
Migrate_keyring::load_component
bool load_component()
Load component.
Definition: migrate_keyring.cc:454
Migrate_keyring::fetch_and_store_keys
bool fetch_and_store_keys()
Fetch keys from source plugin and store in destination plugin.
Definition: migrate_keyring.cc:614
Migrate_keyring::~Migrate_keyring
~Migrate_keyring()
Standard destructor.
Definition: migrate_keyring.cc:766
Migrate_keyring::mysql
MYSQL * mysql
Definition: migrate_keyring.h:172
Migrate_keyring::m_argv
char ** m_argv
Definition: migrate_keyring.h:163
Migrate_keyring::Migrate_keyring
Migrate_keyring()
Standard constructor.
Definition: migrate_keyring.cc:190
Migrate_keyring::m_source_plugin_name
std::string m_source_plugin_name
Definition: migrate_keyring.h:166
Migrate_keyring::init
bool init(int argc, char **argv, char *source_plugin, char *destination_plugin, char *user, char *host, char *password, char *socket, ulong port, bool migrate_to_component, bool migrate_from_component)
Initialize all needed parameters to proceed with migration process.
Definition: migrate_keyring.cc:231
Migrate_keyring::m_migrate_to_component
bool m_migrate_to_component
Definition: migrate_keyring.h:174
Migrate_keyring::m_source_keys
std::vector< Key_info > m_source_keys
Definition: migrate_keyring.h:171
Migrate_keyring::m_internal_option
std::string m_internal_option[2]
Definition: migrate_keyring.h:168
Migrate_keyring::disable_keyring_operations
bool disable_keyring_operations()
Disable @keyring_operations variable.
Definition: migrate_keyring.cc:731
Migrate_keyring::m_destination_plugin_name
std::string m_destination_plugin_name
Definition: migrate_keyring.h:167
Migrate_keyring::m_source_component
Source_keyring_component * m_source_component
Definition: migrate_keyring.h:176
Migrate_keyring::load_plugin
bool load_plugin(enum_plugin_type plugin_type)
Load source or destination plugin.
Definition: migrate_keyring.cc:486
Migrate_keyring::execute
bool execute()
Migrate keys from source keyring to destination keyring.
Definition: migrate_keyring.cc:390
Migrate_keyring::m_migrate_from_component
bool m_migrate_from_component
Definition: migrate_keyring.h:175
Source_keyring_component
Definition: migrate_keyring.h:86
Source_keyring_component::~Source_keyring_component
~Source_keyring_component()
Definition: migrate_keyring.cc:136
Source_keyring_component::metadata_iterator
const_keyring_keys_metadata_iterator_t * metadata_iterator()
Definition: migrate_keyring.h:95
Source_keyring_component::Source_keyring_component
Source_keyring_component(const std::string component_path, const std::string implementation_name)
Definition: migrate_keyring.cc:88
Source_keyring_component::keyring_keys_metadata_iterator_service_
const_keyring_keys_metadata_iterator_t * keyring_keys_metadata_iterator_service_
Definition: migrate_keyring.h:101
Source_keyring_component::reader
const_keyring_reader_with_status_t * reader()
Definition: migrate_keyring.h:92
Source_keyring_component::keyring_reader_service_
const_keyring_reader_with_status_t * keyring_reader_service_
Definition: migrate_keyring.h:102
THD
For each client connection we create a separate thread with THD serving as a thread/connection descri...
Definition: sql_lexer_thd.h:36
my_h_service
struct my_h_service_imp * my_h_service
A handle type for acquired Service.
Definition: registry.h:33
keyring_keys_metadata_iterator.h
keyring_load.h
keyring_reader_with_status.h
keyring_writer.h
enum_plugin_type
enum_plugin_type
Definition: migrate_keyring.h:41
enum_plugin_type::SOURCE_PLUGIN
@ SOURCE_PLUGIN
enum_plugin_type::DESTINATION_PLUGIN
@ DESTINATION_PLUGIN
mysql.h
This file defines the client API to MySQL and also the ABI of the dynamically linked libmysqlclient.
password
static char * password
Definition: mysql_secure_installation.cc:58
user
char * user
Definition: mysqladmin.cc:66
host
const char * host
Definition: mysqladmin.cc:65
net::impl::socket::socket
stdx::expected< native_handle_type, error_type > socket(int family, int sock_type, int protocol)
Definition: socket.h:63
plugin_keyring.h
port
required uint64 port
Definition: replication_asynchronous_connection_failover.proto:33
SERVICE_TYPE
#define SERVICE_TYPE(name)
Generates the standard Service type name.
Definition: service.h:76
sql_common.h
MYSQL
Definition: mysql.h:300
NET_SERVER
Definition: mysql_com_server.h:59
s_mysql_keyring_keys_metadata_iterator
Keyring keys metadata iterator service provides APIs to create and use iterator to access metadata as...
Definition: keyring_keys_metadata_iterator.h:76
s_mysql_keyring_load
Keyring load service provides way to initialize or reiniitalize keyring component.
Definition: keyring_load.h:52
s_mysql_keyring_reader_with_status
Keyring reader with status service provides APIs to fetch sensitive data from keyring backend.
Definition: keyring_reader_with_status.h:128
s_mysql_keyring_writer
Keyring writer service provides APIs to add/remove sensitive data to/from keyring backend.
Definition: keyring_writer.h:70
st_mysql_keyring
The descriptor structure for the plugin, that is referred from st_mysql_plugin.
Definition: plugin_keyring.h:39