MySQL 9.3.0
Source Code Documentation
migrate_keyring.h
Go to the documentation of this file.
1/* Copyright (c) 2017, 2025, Oracle and/or its affiliates.
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License, version 2.0,
5 as published by the Free Software Foundation.
6
7 This program is designed to work with certain software (including
8 but not limited to OpenSSL) that is licensed under separate terms,
9 as designated in a particular file or component or in included license
10 documentation. The authors of MySQL hereby grant you an additional
11 permission to link the program and your derivative works with the
12 separately licensed software that they have either included with
13 the program or referenced in the documentation.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License, version 2.0, for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
23
24#ifndef MIGRATE_KEYRING_H_INCLUDED
25#define MIGRATE_KEYRING_H_INCLUDED
26
27#include <string>
28#include "mysql.h"
29#include "mysql/plugin_keyring.h"
30#include "sql_common.h" // NET_SERVER
31
32#include <mysql/components/services/keyring_keys_metadata_iterator.h>
33#include <mysql/components/services/keyring_load.h>
34#include <mysql/components/services/keyring_reader_with_status.h>
35#include <mysql/components/services/keyring_writer.h>
36
37class THD;
38
39#define MAX_KEY_LEN 16384
40
41enum class enum_plugin_type { SOURCE_PLUGIN = 0, DESTINATION_PLUGIN };
42
43class Key_info {
44 public:
45 Key_info() = default;
46 Key_info(char *key_id, char *user_id)
47 : m_key_id(key_id), m_user_id(user_id) {}
48 Key_info(const Key_info &ki)
49 : m_key_id(ki.m_key_id), m_user_id(ki.m_user_id) {}
50
51 public:
52 std::string m_key_id;
53 std::string m_user_id;
54};
55
56using const_keyring_writer_t = SERVICE_TYPE(keyring_writer);
57using const_keyring_load_t = SERVICE_TYPE(keyring_load);
58using const_keyring_reader_with_status_t =
59 SERVICE_TYPE(keyring_reader_with_status);
60using const_keyring_keys_metadata_iterator_t =
61 SERVICE_TYPE(keyring_keys_metadata_iterator);
62
63class Keyring_component {
64 protected:
65 Keyring_component() = default;
66 Keyring_component(std::string component_path,
67 const std::string &implementation_name);
68 ~Keyring_component();
69
70 public:
71 const_keyring_load_t *initializer() { return keyring_load_service_; }
72 bool ok() const { return ok_; }
73
74 protected:
75 const std::string component_path_;
76 my_h_service h_keyring_load_service;
77 const_keyring_load_t *keyring_load_service_;
78 bool component_loaded_;
79 bool ok_;
80};
81
82class Source_keyring_component final : public Keyring_component {
83 public:
84 Source_keyring_component(const std::string &component_path,
85 const std::string &implementation_name);
86 ~Source_keyring_component();
87
88 const_keyring_reader_with_status_t *reader() {
89 return keyring_reader_service_;
90 }
91 const_keyring_keys_metadata_iterator_t *metadata_iterator() {
92 return keyring_keys_metadata_iterator_service_;
93 }
94
95 private:
96 const_keyring_keys_metadata_iterator_t
97 *keyring_keys_metadata_iterator_service_;
98 const_keyring_reader_with_status_t *keyring_reader_service_;
99};
100
101class Destination_keyring_component final : public Keyring_component {
102 public:
103 Destination_keyring_component(const std::string &component_path,
104 const std::string &implementation_name);
105 ~Destination_keyring_component();
106
107 const_keyring_writer_t *writer() { return keyring_writer_service_; }
108
109 private:
110 const_keyring_writer_t *keyring_writer_service_;
111};
112
113class Migrate_keyring {
114 public:
115 /**
116 Standard constructor.
117 */
118 Migrate_keyring();
119 /**
120 Initialize all needed parameters to proceed with migration process.
121 */
122 bool init(int argc, char **argv, char *source_plugin,
123 char *destination_plugin, char *user, char *host, char *password,
124 char *socket, ulong port, bool migrate_to_component,
125 bool migrate_from_component);
126 /**
127 Migrate keys from source keyring to destination keyring.
128 */
129 bool execute();
130 /**
131 Standard destructor
132 */
133 ~Migrate_keyring();
134
135 private:
136 /**
137 Load source or destination plugin.
138 */
139 bool load_plugin(enum_plugin_type plugin_type);
140 /**
141 Load component
142 */
143 bool load_component();
144 /**
145 Fetch keys from source plugin and store in destination plugin.
146 */
147 bool fetch_and_store_keys();
148 /**
149 Disable @@keyring_operations variable.
150 */
151 bool disable_keyring_operations();
152 /**
153 Enable @@keyring_operations variable.
154 */
155 bool enable_keyring_operations();
156
157 private:
158 int m_argc;
159 char **m_argv;
160 std::string m_source_plugin_option;
161 std::string m_destination_plugin_option;
162 std::string m_source_plugin_name;
163 std::string m_destination_plugin_name;
164 std::string m_internal_option[2];
165 st_mysql_keyring *m_source_plugin_handle;
166 st_mysql_keyring *m_destination_plugin_handle;
167 std::vector<Key_info> m_source_keys;
168 MYSQL *mysql;
169 NET_SERVER server_extn;
170 bool m_migrate_to_component;
171 bool m_migrate_from_component;
172 Source_keyring_component *m_source_component;
173 Destination_keyring_component *m_destination_component;
174};
175
176#endif /* MIGRATE_KEYRING_H_INCLUDED */
Destination_keyring_component
Definition: migrate_keyring.h:101
Destination_keyring_component::writer
const_keyring_writer_t * writer()
Definition: migrate_keyring.h:107
Destination_keyring_component::~Destination_keyring_component
~Destination_keyring_component()
Definition: migrate_keyring.cc:183
Destination_keyring_component::Destination_keyring_component
Destination_keyring_component(const std::string &component_path, const std::string &implementation_name)
Definition: migrate_keyring.cc:149
Destination_keyring_component::keyring_writer_service_
const_keyring_writer_t * keyring_writer_service_
Definition: migrate_keyring.h:110
Key_info
Definition: migrate_keyring.h:43
Key_info::m_key_id
std::string m_key_id
Definition: migrate_keyring.h:52
Key_info::Key_info
Key_info(char *key_id, char *user_id)
Definition: migrate_keyring.h:46
Key_info::Key_info
Key_info(const Key_info &ki)
Definition: migrate_keyring.h:48
Key_info::m_user_id
std::string m_user_id
Definition: migrate_keyring.h:53
Key_info::Key_info
Key_info()=default
Keyring_component
Definition: migrate_keyring.h:63
Keyring_component::Keyring_component
Keyring_component()=default
Keyring_component::component_loaded_
bool component_loaded_
Definition: migrate_keyring.h:78
Keyring_component::ok
bool ok() const
Definition: migrate_keyring.h:72
Keyring_component::keyring_load_service_
const_keyring_load_t * keyring_load_service_
Definition: migrate_keyring.h:77
Keyring_component::~Keyring_component
~Keyring_component()
Definition: migrate_keyring.cc:70
Keyring_component::component_path_
const std::string component_path_
Definition: migrate_keyring.h:75
Keyring_component::initializer
const_keyring_load_t * initializer()
Definition: migrate_keyring.h:71
Keyring_component::h_keyring_load_service
my_h_service h_keyring_load_service
Definition: migrate_keyring.h:76
Keyring_component::ok_
bool ok_
Definition: migrate_keyring.h:79
Migrate_keyring
Definition: migrate_keyring.h:113
Migrate_keyring::m_source_plugin_handle
st_mysql_keyring * m_source_plugin_handle
Definition: migrate_keyring.h:165
Migrate_keyring::m_source_plugin_option
std::string m_source_plugin_option
Definition: migrate_keyring.h:160
Migrate_keyring::m_destination_component
Destination_keyring_component * m_destination_component
Definition: migrate_keyring.h:173
Migrate_keyring::m_argc
int m_argc
Definition: migrate_keyring.h:158
Migrate_keyring::server_extn
NET_SERVER server_extn
Definition: migrate_keyring.h:169
Migrate_keyring::m_destination_plugin_handle
st_mysql_keyring * m_destination_plugin_handle
Definition: migrate_keyring.h:166
Migrate_keyring::enable_keyring_operations
bool enable_keyring_operations()
Enable @keyring_operations variable.
Definition: migrate_keyring.cc:756
Migrate_keyring::m_destination_plugin_option
std::string m_destination_plugin_option
Definition: migrate_keyring.h:161
Migrate_keyring::load_component
bool load_component()
Load component.
Definition: migrate_keyring.cc:454
Migrate_keyring::fetch_and_store_keys
bool fetch_and_store_keys()
Fetch keys from source plugin and store in destination plugin.
Definition: migrate_keyring.cc:622
Migrate_keyring::~Migrate_keyring
~Migrate_keyring()
Standard destructor.
Definition: migrate_keyring.cc:774
Migrate_keyring::mysql
MYSQL * mysql
Definition: migrate_keyring.h:168
Migrate_keyring::m_argv
char ** m_argv
Definition: migrate_keyring.h:159
Migrate_keyring::Migrate_keyring
Migrate_keyring()
Standard constructor.
Definition: migrate_keyring.cc:190
Migrate_keyring::m_source_plugin_name
std::string m_source_plugin_name
Definition: migrate_keyring.h:162
Migrate_keyring::init
bool init(int argc, char **argv, char *source_plugin, char *destination_plugin, char *user, char *host, char *password, char *socket, ulong port, bool migrate_to_component, bool migrate_from_component)
Initialize all needed parameters to proceed with migration process.
Definition: migrate_keyring.cc:231
Migrate_keyring::m_migrate_to_component
bool m_migrate_to_component
Definition: migrate_keyring.h:170
Migrate_keyring::m_source_keys
std::vector< Key_info > m_source_keys
Definition: migrate_keyring.h:167
Migrate_keyring::m_internal_option
std::string m_internal_option[2]
Definition: migrate_keyring.h:164
Migrate_keyring::disable_keyring_operations
bool disable_keyring_operations()
Disable @keyring_operations variable.
Definition: migrate_keyring.cc:739
Migrate_keyring::m_destination_plugin_name
std::string m_destination_plugin_name
Definition: migrate_keyring.h:163
Migrate_keyring::m_source_component
Source_keyring_component * m_source_component
Definition: migrate_keyring.h:172
Migrate_keyring::load_plugin
bool load_plugin(enum_plugin_type plugin_type)
Load source or destination plugin.
Definition: migrate_keyring.cc:486
Migrate_keyring::execute
bool execute()
Migrate keys from source keyring to destination keyring.
Definition: migrate_keyring.cc:390
Migrate_keyring::m_migrate_from_component
bool m_migrate_from_component
Definition: migrate_keyring.h:171
Source_keyring_component
Definition: migrate_keyring.h:82
Source_keyring_component::~Source_keyring_component
~Source_keyring_component()
Definition: migrate_keyring.cc:136
Source_keyring_component::metadata_iterator
const_keyring_keys_metadata_iterator_t * metadata_iterator()
Definition: migrate_keyring.h:91
Source_keyring_component::Source_keyring_component
Source_keyring_component(const std::string &component_path, const std::string &implementation_name)
Definition: migrate_keyring.cc:88
Source_keyring_component::keyring_keys_metadata_iterator_service_
const_keyring_keys_metadata_iterator_t * keyring_keys_metadata_iterator_service_
Definition: migrate_keyring.h:97
Source_keyring_component::reader
const_keyring_reader_with_status_t * reader()
Definition: migrate_keyring.h:88
Source_keyring_component::keyring_reader_service_
const_keyring_reader_with_status_t * keyring_reader_service_
Definition: migrate_keyring.h:98
THD
For each client connection we create a separate thread with THD serving as a thread/connection descri...
Definition: sql_lexer_thd.h:36
my_h_service
struct my_h_service_imp * my_h_service
A handle type for acquired Service.
Definition: registry.h:33
keyring_keys_metadata_iterator.h
keyring_load.h
keyring_reader_with_status.h
keyring_writer.h
enum_plugin_type
enum_plugin_type
Definition: migrate_keyring.h:41
enum_plugin_type::SOURCE_PLUGIN
@ SOURCE_PLUGIN
enum_plugin_type::DESTINATION_PLUGIN
@ DESTINATION_PLUGIN
mysql.h
This file defines the client API to MySQL and also the ABI of the dynamically linked libmysqlclient.
password
static char * password
Definition: mysql_secure_installation.cc:58
user
char * user
Definition: mysqladmin.cc:67
host
const char * host
Definition: mysqladmin.cc:66
net::impl::socket::socket
stdx::expected< native_handle_type, error_type > socket(int family, int sock_type, int protocol)
Definition: socket.h:63
plugin_keyring.h
port
required uint64 port
Definition: replication_asynchronous_connection_failover.proto:33
SERVICE_TYPE
#define SERVICE_TYPE(name)
Generates the standard Service type name.
Definition: service.h:76
sql_common.h
MYSQL
Definition: mysql.h:300
NET_SERVER
Definition: mysql_com_server.h:59
s_mysql_keyring_keys_metadata_iterator
Keyring keys metadata iterator service provides APIs to create and use iterator to access metadata as...
Definition: keyring_keys_metadata_iterator.h:76
s_mysql_keyring_load
Keyring load service provides way to initialize or reiniitalize keyring component.
Definition: keyring_load.h:52
s_mysql_keyring_reader_with_status
Keyring reader with status service provides APIs to fetch sensitive data from keyring backend.
Definition: keyring_reader_with_status.h:128
s_mysql_keyring_writer
Keyring writer service provides APIs to add/remove sensitive data to/from keyring backend.
Definition: keyring_writer.h:70
st_mysql_keyring
The descriptor structure for the plugin, that is referred from st_mysql_plugin.
Definition: plugin_keyring.h:39