The issue was a bad merge of MDEV-12253 from 10.1 to 10.2
in commit f9cc391863.
In that merge, I wrongly assumed that all test file conflicts
for mysql-test/suite/encryption had been properly resolved in
bb-10.2-MDEV-12253 (commit 76aa6be77635c7017459ce33b41c837c9acb606d)
while in fact, some files there had been copied from the 10.1 branch.
This commit is based on a manually done conflict resolution of
the mysql-test/suite/encryption on the same merge, applied to
the current 10.2 branch.
As part of this commit, the test encryption.innodb-bad-key-change4
which was shortly disabled due to MDEV-11336 will be re-enabled again.
(While the test enables innodb_defragment, it does not fail even though
enabling innodb_defragment currently has no effect.)
Apparently openssl ignores CRYPTO_set_mem_functions() in fips mode,
so we cannot detect structure sizes. Don't freak out when
no mallocs were detected.
When MySQL 5.7.9 was merged to MariaDB 10.2.2, an important
debug assertion was omitted from mlog_write_initial_log_record_low().
mlog_write_initial_log_record_low(): Put back the assertion
mtr_t::is_named_space().
fil_crypt_start_encrypting_space(), fil_crypt_rotate_page():
Call mtr_t::set_named_space() before modifying any pages.
fsp_flags_try_adjust(): Call mtr_t::set_named_space(). This additional
breakage was introduced in the merge of MDEV-11623 from 10.1. It was
not caught because of the missing debug assertion in
mlog_write_initial_log_record_low().
Remove some suppressions from the encryption.innodb-redo-badkey test.
Added a new file ha_xtradb.h where XtraDB parameters are defined. This
file is included in two places to avoid too intrusive change to
ha_innodb.cc that would make future merges harder.
innodb_show_locks_held and innodb_show_verbose_locks should be
implemented (but on different commit).
post-review fixes:
* move all ssl implementation related ifdefs/defines to one file
(ssl_compat.h)
* work around OpenSSL-1.1 desire to malloc every EVP context by
run-time checking that context allocated on the stack is big enough
(openssl.c)
* use newer version of the AWS SDK for OpenSSL 1.1
* use get_dh2048() function as generated by openssl 1.1
(viosslfactories.c)
Initial support
tested against OpenSSL 1.0.1, 1.0.2, 1.1.0, Yassl and LibreSSL
not working on Windows with native SChannel support, due to wrong cipher
mapping: Latter one requires push of CONC-241 fixes.
Please note that OpenSSL 0.9.8 and OpenSSL 1.1.0 will not work: Even if
the build succeeds, test cases will fail with various errors, especially
when using different tls libraries or versions for client and server.
Reason for this crash is that table->rpl_write_set is NULL. In
Rows_log_event::do_apply_event we set table->rpl_write_set equal to
table->write_set. But we do not set table->rpl_write_set in
Old_rows_log_event::do_apply_event.
This is a backport from 10.2 where it fixes the
cmake -DWITH_ASAN test failure that was mentioned
in commit f9cc391863
(merging MDEV-12253 from 10.1 to 10.2).
fil_parse_write_crypt_data(): If the tablespace is not found,
invoke fil_space_destroy_crypt_data(&crypt_data) to properly
free the created object.
The function buf_read_page_low() invokes fil_io(), which can return
DB_ERROR when the requested page is out of bounds (such as when
restoring a buffer pool dump). The callers should be handling that.
This fixes the cmake -DWITH_ASAN test failure that was mentioned
in commit f9cc391863 (merging
MDEV-12253 from 10.1 to 10.2).
fil_parse_write_crypt_data(): If the tablespace is not found,
invoke fil_space_destroy_crypt_data(&crypt_data) to properly
free the created object.
With this, the test encryption.innodb-redo-badkey still reports
"Missing MLOG_FILE_NAME or MLOG_FILE_DELETE before MLOG_CHECKPOINT"
but does not fail. The misleading message should be corrected,
maybe as part of MDEV-12699.
Binlog_background_thread does not make a call to set_time(), And when
we call binlog_checkpoint_log_event->write() , we write the wrong timestamp.
In this patch we correct this by calling thd->set_time().
This bug was introduced in the fix of MDEV-12123, which invoked
page_zip_write_header() in the wrong way.
page_zip_write_header(): Assert that the length is not zero, to
be compatible with page_zip_parse_write_header().
btr_root_raise_and_insert(): Update the uncompressed page and then
invoke page_zip_write_header() with the correct length.
row_undo_mod_parse_undo_rec(): Relax the too strict assertion and
correct the comment.
innodb.innodb-blob: Force a flush of the redo log right before
killing the server, to ensure that the code path gets exercised.
(The bogus debug assertion failed on the rollback of the statement
UPDATE t3 SET c=REPEAT('j',3000) WHERE a=2 which did not modify
any indexes before the server was killed.)
Reintroduce 3d1a7cba71
that removed the maths from ut_delay.
Existing definitions of UT_COMPILE_BARRIER used.
Signed-off-by: Daniel Black <daniel.black@au.ibm.com>
ha_innobase::check_if_supported_inplace_alter(): For now, reject
ALGORITHM=INPLACE when a non-constant DEFAULT expression is specified
for ADD COLUMN or for changing a NULL column to NOT NULL.
Later, we should evaluate the non-constant column values in these cases.
* Update debian control file to include AWS key management plugin.
* Update dependencies in control file to include uuid.
* Include enable_encryption.preset with the aws-key-management plugin.
Actual error number returned from the query depends what point
corrupted page is accessed, is it accessed when we read
one of the pages for result set or is it accessed during
background page read.
JOIN_TAB::remove_redundant_bnl_scan_conds() removes select_cond
from a JOIN_TAB if join cache is enabled, and tab->cache_select->cond
is the equal to tab->select_cond.
But after 8d99166c69 the code to initialize join cache was moved
to happen much later than JOIN_TAB::remove_redundant_bnl_scan_conds(),
and that code might, under certain conditions, revert to *not* using
join cache (set_join_cache_denial()).
If JOIN_TAB::remove_redundant_bnl_scan_conds() removes the WHERE
condition from the JOIN_TAB and later set_join_cache_denial() disables
join cache, we end up with no WHERE condition at all.
Fix: move JOIN_TAB::remove_redundant_bnl_scan_conds() to happen
after all possible set_join_cache_denial() calls.
table_already_fk_prelocked() was looking for a table in the wrong
list (not the complete list of prelocked tables, but only in its tail,
starting from the current table - which is always empty for the last
added table), so for circular FKs it kept adding same tables to the list
indefinitely.
Actual error number returned from the query depends what point
corrupted page is accessed, is it accessed when we read
one of the pages for result set or is it accessed during
background page read.
The function buf_read_page_low() invokes fil_io(), which can return
DB_ERROR when the requested page is out of bounds (such as when
restoring a buffer pool dump). The callers should be handling that.
Our RPL_VERSION_HACK prefix caused MySQL clients to always report 5.5
major and minor versions, even if a specific fake version is passed via
my.cnf or command line parameters. When a specific version is requested,
don't employ the RPL_VERSION_HACK prefix within the server handshake
packet.
We only want to retry posix_fallocate() on EINTR as long as the system
is not being shut down. We do not want to retry on any other (hard) error.
Thanks to Jocelyn Fournier for quickly noticing the mistake in my
previous commit.
Also, include fixes by Vladislav Vaintroub to the
aws_key_management plugin. The AWS C++ SDK specifically depends on
OPENSSL_LIBRARIES, not generic SSL_LIBRARIES (such as YaSSL).
