From: Date: June 17 2005 6:07pm Subject: bk commit into 4.1 tree (msvensson:1.2290) BUG#10589 List-Archive: http://lists.mysql.com/internals/26125 X-Bug: 10589 Message-Id: <20050617160751.9F45225DF8C@blaudden.homeip.net> Below is the list of changes that have just been committed into a local 4.1 repository of msvensson. When msvensson does a push these changes will be propagated to the main repository and, within 24 hours after the push, to the public repository. For information on how to access the public repository see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html ChangeSet 1.2290 05/06/17 18:07:46 msvensson@neptunus.(none) +7 -0 BUG#10589: des_encrypt functionality always return NULL - Push warnings if des_encrypt or des_descrypt function fails because of out of resources or wrong params. - Push warning if des_encrypt or des_decrypt function is used when server is missing support for openssl. - Add test func_encrypt_nossl that is tun when the server is missing support for openssl. mysql-test/t/func_encrypt_nossl.test 1.1 05/06/17 18:07:42 msvensson@neptunus.(none) +36 -0 mysql-test/r/not_openssl.require 1.1 05/06/17 18:07:42 msvensson@neptunus.(none) +2 -0 mysql-test/r/func_encrypt_nossl.result 1.1 05/06/17 18:07:42 msvensson@neptunus.(none) +93 -0 mysql-test/include/not_openssl.inc 1.1 05/06/17 18:07:42 msvensson@neptunus.(none) +4 -0 sql/item_strfunc.cc 1.227 05/06/17 18:07:42 msvensson@neptunus.(none) +22 -3 Push warning if invalid paremeters are used Push warning if out of resources Push warning if user tries to use des_* function when the server has been compiled without support for openssl. mysql-test/t/func_encrypt_nossl.test 1.0 05/06/17 18:07:42 msvensson@neptunus.(none) +0 -0 BitKeeper file /home/msvensson/mysql/bug10589/mysql-test/t/func_encrypt_nossl.test mysql-test/t/func_encrypt.test 1.6 05/06/17 18:07:42 msvensson@neptunus.(none) +16 -0 Add tests for use of des_* function with invalid parameters mysql-test/r/not_openssl.require 1.0 05/06/17 18:07:42 msvensson@neptunus.(none) +0 -0 BitKeeper file /home/msvensson/mysql/bug10589/mysql-test/r/not_openssl.require mysql-test/r/func_encrypt_nossl.result 1.0 05/06/17 18:07:42 msvensson@neptunus.(none) +0 -0 BitKeeper file /home/msvensson/mysql/bug10589/mysql-test/r/func_encrypt_nossl.result mysql-test/r/func_encrypt.result 1.7 05/06/17 18:07:42 msvensson@neptunus.(none) +52 -21 Add tests for use of des_* function with invalid parameters mysql-test/include/not_openssl.inc 1.0 05/06/17 18:07:42 msvensson@neptunus.(none) +0 -0 BitKeeper file /home/msvensson/mysql/bug10589/mysql-test/include/not_openssl.inc # This is a BitKeeper patch. What follows are the unified diffs for the # set of deltas contained in the patch. The rest of the patch, the part # that BitKeeper cares about, is below these diffs. # User: msvensson # Host: neptunus.(none) # Root: /home/msvensson/mysql/bug10589 --- 1.226/sql/item_strfunc.cc 2005-06-05 19:38:40 +02:00 +++ 1.227/sql/item_strfunc.cc 2005-06-17 18:07:42 +02:00 @@ -373,6 +373,7 @@ { DBUG_ASSERT(fixed == 1); #ifdef HAVE_OPENSSL + uint code= ER_WRONG_PARAMETERS_TO_PROCEDURE; DES_cblock ivec; struct st_des_keyblock keyblock; struct st_des_keyschedule keyschedule; @@ -381,7 +382,7 @@ String *res= args[0]->val_str(str); if ((null_value=args[0]->null_value)) - return 0; + goto error; if ((res_length=res->length()) == 0) return &my_empty_string; @@ -429,6 +430,7 @@ tail= (8-(res_length) % 8); // 1..8 marking extra length res_length+=tail; + code= ER_OUT_OF_RESOURCES; if (tail && res->append(append_str, tail) || tmp_value.alloc(res_length+1)) goto error; (*res)[res_length-1]=tail; // save extra length @@ -446,6 +448,13 @@ return &tmp_value; error: + push_warning_printf(current_thd,MYSQL_ERROR::WARN_LEVEL_ERROR, + code, ER(code), + "des_encrypt"); +#else + push_warning_printf(current_thd,MYSQL_ERROR::WARN_LEVEL_ERROR, + ER_FEATURE_DISABLED, ER(ER_FEATURE_DISABLED), + "des_encrypt","--with-openssl"); #endif /* HAVE_OPENSSL */ null_value=1; return 0; @@ -456,6 +465,7 @@ { DBUG_ASSERT(fixed == 1); #ifdef HAVE_OPENSSL + uint code= ER_WRONG_PARAMETERS_TO_PROCEDURE; DES_key_schedule ks1, ks2, ks3; DES_cblock ivec; struct st_des_keyblock keyblock; @@ -464,7 +474,7 @@ uint length=res->length(),tail; if ((null_value=args[0]->null_value)) - return 0; + goto error; length=res->length(); if (length < 9 || (length % 8) != 1 || !((*res)[0] & 128)) return res; // Skip decryption if not encrypted @@ -495,6 +505,7 @@ DES_set_key_unchecked(&keyblock.key2,&keyschedule.ks2); DES_set_key_unchecked(&keyblock.key3,&keyschedule.ks3); } + code= ER_OUT_OF_RESOURCES; if (tmp_value.alloc(length-1)) goto error; @@ -508,11 +519,19 @@ &ivec, FALSE); /* Restore old length of key */ if ((tail=(uint) (uchar) tmp_value[length-2]) > 8) - goto error; // Wrong key + goto wrong_key; // Wrong key tmp_value.length(length-1-tail); return &tmp_value; error: + push_warning_printf(current_thd,MYSQL_ERROR::WARN_LEVEL_ERROR, + code, ER(code), + "des_decrypt"); +wrong_key: +#else + push_warning_printf(current_thd,MYSQL_ERROR::WARN_LEVEL_ERROR, + ER_FEATURE_DISABLED, ER(ER_FEATURE_DISABLED), + "des_decrypt","--with-openssl"); #endif /* HAVE_OPENSSL */ null_value=1; return 0; --- New file --- +++ mysql-test/include/not_openssl.inc 05/06/17 18:07:42 -- require r/not_openssl.require disable_query_log; show variables like "have_openssl"; enable_query_log; --- New file --- +++ mysql-test/r/func_encrypt_nossl.result 05/06/17 18:07:42 select des_encrypt("test", 'akeystr'); des_encrypt("test", 'akeystr') NULL Warnings: Error 1289 The 'des_encrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select des_encrypt("test", 1); des_encrypt("test", 1) NULL Warnings: Error 1289 The 'des_encrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select des_encrypt("test", 9); des_encrypt("test", 9) NULL Warnings: Error 1289 The 'des_encrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select des_encrypt("test", 100); des_encrypt("test", 100) NULL Warnings: Error 1289 The 'des_encrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select des_encrypt("test", NULL); des_encrypt("test", NULL) NULL Warnings: Error 1289 The 'des_encrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select des_decrypt("test", 'anotherkeystr'); des_decrypt("test", 'anotherkeystr') NULL Warnings: Error 1289 The 'des_decrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select des_decrypt(1, 1); des_decrypt(1, 1) NULL Warnings: Error 1289 The 'des_decrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select des_decrypt(des_encrypt("test", 'thekey')); des_decrypt(des_encrypt("test", 'thekey')) NULL Warnings: Error 1289 The 'des_decrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select hex(des_encrypt("hello")),des_decrypt(des_encrypt("hello")); hex(des_encrypt("hello")) des_decrypt(des_encrypt("hello")) NULL NULL Warnings: Error 1289 The 'des_encrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working Error 1289 The 'des_decrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select des_decrypt(des_encrypt("hello",4)); des_decrypt(des_encrypt("hello",4)) NULL Warnings: Error 1289 The 'des_decrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select des_decrypt(des_encrypt("hello",'test'),'test'); des_decrypt(des_encrypt("hello",'test'),'test') NULL Warnings: Error 1289 The 'des_decrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select hex(des_encrypt("hello")),hex(des_encrypt("hello",5)),hex(des_encrypt("hello",'default_password')); hex(des_encrypt("hello")) hex(des_encrypt("hello",5)) hex(des_encrypt("hello",'default_password')) NULL NULL NULL Warnings: Error 1289 The 'des_encrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working Error 1289 The 'des_encrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working Error 1289 The 'des_encrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select des_decrypt(des_encrypt("hello"),'default_password'); des_decrypt(des_encrypt("hello"),'default_password') NULL Warnings: Error 1289 The 'des_decrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select des_decrypt(des_encrypt("hello",4),'password4'); des_decrypt(des_encrypt("hello",4),'password4') NULL Warnings: Error 1289 The 'des_decrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working SET @a=des_decrypt(des_encrypt("hello")); Warnings: Error 1289 The 'des_decrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working flush des_key_file; select @a = des_decrypt(des_encrypt("hello")); @a = des_decrypt(des_encrypt("hello")) NULL select hex("hello"); hex("hello") 68656C6C6F select hex(des_decrypt(des_encrypt("hello",4),'password2')); hex(des_decrypt(des_encrypt("hello",4),'password2')) NULL Warnings: Error 1289 The 'des_decrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working select hex(des_decrypt(des_encrypt("hello","hidden"))); hex(des_decrypt(des_encrypt("hello","hidden"))) NULL Warnings: Error 1289 The 'des_decrypt' feature is disabled; you need MySQL built with '--with-openssl' to have it working --- New file --- +++ mysql-test/r/not_openssl.require 05/06/17 18:07:42 Variable_name Value have_openssl NO --- New file --- +++ mysql-test/t/func_encrypt_nossl.test 05/06/17 18:07:42 -- source include/not_openssl.inc # # Test output from des_encrypt and des_decrypt when server is # compiled without openssl suuport # select des_encrypt("test", 'akeystr'); select des_encrypt("test", 1); select des_encrypt("test", 9); select des_encrypt("test", 100); select des_encrypt("test", NULL); select des_decrypt("test", 'anotherkeystr'); select des_decrypt(1, 1); select des_decrypt(des_encrypt("test", 'thekey')); # # Test default keys # select hex(des_encrypt("hello")),des_decrypt(des_encrypt("hello")); select des_decrypt(des_encrypt("hello",4)); select des_decrypt(des_encrypt("hello",'test'),'test'); select hex(des_encrypt("hello")),hex(des_encrypt("hello",5)),hex(des_encrypt("hello",'default_password')); select des_decrypt(des_encrypt("hello"),'default_password'); select des_decrypt(des_encrypt("hello",4),'password4'); # Test flush SET @a=des_decrypt(des_encrypt("hello")); flush des_key_file; select @a = des_decrypt(des_encrypt("hello")); # Test usage of wrong password select hex("hello"); select hex(des_decrypt(des_encrypt("hello",4),'password2')); select hex(des_decrypt(des_encrypt("hello","hidden"))); --- 1.6/mysql-test/r/func_encrypt.result 2004-05-19 16:09:33 +02:00 +++ 1.7/mysql-test/r/func_encrypt.result 2005-06-17 18:07:42 +02:00 @@ -120,6 +120,60 @@ select des_decrypt(des_encrypt("hello",4),'password4'); des_decrypt(des_encrypt("hello",4),'password4') hello +select des_encrypt("hello",10); +des_encrypt("hello",10) +NULL +Warnings: +Error 1108 Incorrect parameters to procedure 'des_encrypt' +select des_encrypt(NULL); +des_encrypt(NULL) +NULL +Warnings: +Error 1108 Incorrect parameters to procedure 'des_encrypt' +select des_encrypt(NULL, 10); +des_encrypt(NULL, 10) +NULL +Warnings: +Error 1108 Incorrect parameters to procedure 'des_encrypt' +select des_encrypt(NULL, NULL); +des_encrypt(NULL, NULL) +NULL +Warnings: +Error 1108 Incorrect parameters to procedure 'des_encrypt' +select des_encrypt(10, NULL); +des_encrypt(10, NULL) +NULL +Warnings: +Error 1108 Incorrect parameters to procedure 'des_encrypt' +select des_encrypt("hello", NULL); +des_encrypt("hello", NULL) +NULL +Warnings: +Error 1108 Incorrect parameters to procedure 'des_encrypt' +select des_decrypt("hello",10); +des_decrypt("hello",10) +hello +select des_decrypt(NULL); +des_decrypt(NULL) +NULL +Warnings: +Error 1108 Incorrect parameters to procedure 'des_decrypt' +select des_decrypt(NULL, 10); +des_decrypt(NULL, 10) +NULL +Warnings: +Error 1108 Incorrect parameters to procedure 'des_decrypt' +select des_decrypt(NULL, NULL); +des_decrypt(NULL, NULL) +NULL +Warnings: +Error 1108 Incorrect parameters to procedure 'des_decrypt' +select des_decrypt(10, NULL); +des_decrypt(10, NULL) +10 +select des_decrypt("hello", NULL); +des_decrypt("hello", NULL) +hello SET @a=des_decrypt(des_encrypt("hello")); flush des_key_file; select @a = des_decrypt(des_encrypt("hello")); @@ -134,6 +188,8 @@ select hex(des_decrypt(des_encrypt("hello","hidden"))); hex(des_decrypt(des_encrypt("hello","hidden"))) NULL +Warnings: +Error 1108 Incorrect parameters to procedure 'des_decrypt' explain extended select des_decrypt(des_encrypt("hello",4),'password2'), des_decrypt(des_encrypt("hello","hidden")); id select_type table type possible_keys key key_len ref rows Extra 1 SIMPLE NULL NULL NULL NULL NULL NULL NULL No tables used --- 1.5/mysql-test/t/func_encrypt.test 2003-11-07 08:43:22 +01:00 +++ 1.6/mysql-test/t/func_encrypt.test 2005-06-17 18:07:42 +02:00 @@ -59,6 +59,22 @@ select des_decrypt(des_encrypt("hello"),'default_password'); select des_decrypt(des_encrypt("hello",4),'password4'); +# Test use of invalid parameters +select des_encrypt("hello",10); +select des_encrypt(NULL); +select des_encrypt(NULL, 10); +select des_encrypt(NULL, NULL); +select des_encrypt(10, NULL); +select des_encrypt("hello", NULL); + +select des_decrypt("hello",10); +select des_decrypt(NULL); +select des_decrypt(NULL, 10); +select des_decrypt(NULL, NULL); +select des_decrypt(10, NULL); +select des_decrypt("hello", NULL); + + # Test flush SET @a=des_decrypt(des_encrypt("hello")); flush des_key_file;