Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Database corrupted when trying to encrypt it but appropriate key is missing [CORE5292] #5570

Closed
firebird-automations opened this issue Jun 24, 2016 · 4 comments

Comments

@firebird-automations
Copy link
Collaborator

Submitted by: @AlexPeshkoff

When one issues

alter database encrypt with "CryptPluginName" key KeyName;

but key is missing for some reason (up to incorrectly typed name) plugin correctly rejects an attempt with an exception but database header gets corrupted (flag 'encypted' is anyway set).

Commits: 0273ed9 129c43b

====== Test Details ======

Could NOT reproduce on:
1) LI-T4.0.0.238 (build on sources of 23-JUN-2016)
2) WI-V3.0.1.32539 (SNAPSHOT of 19-JUN-2016)
3) WI-T4.0.0.258 (SNAPSHOT of 19-JUN-2016), WI-T4.0.0.267 (SNAPSHOT of 23-JUN-2016)
(every of them use SS arch.)

In all cases name "CryptPluginName" was used (and there was no such file), but 'encrypted' flag always stay unchanged.

This is .sh for checking on Linux:

fbc=/root/downloads/chroot/64-gcc.4.8.2/opt/fb40hist/bin
host=localhost/3407
dbnm=/var/db/fb40/c5292.fdb
rm -f /var/db/fb40/c5292.fdb

echo "create database '$host:$dbnm';" | $fbc/isql -q -z

echo "set list on; show database; select * from mon\$database; commit; alter database encrypt with \"CryptPluginName\" key KeyName; commit; show database; select * from mon\$database;" \
| $fbc/isql $host:$dbnm \
| grep -i crypt

$fbc/gstat -h $host:$dbnm | grep -i attrib

Its output:

ISQL Version: LI-T4.0.0.238 Firebird 4.0 Unstable
Server version:
LI-T4.0.0.238 Firebird 4.0 Unstable
LI-T4.0.0.238 Firebird 4.0 Unstable/tcp (oel64)/P13
LI-T4.0.0.238 Firebird 4.0 Unstable/tcp (oel64)/P13
Database not encrypted
MON$CRYPT_PAGE 0
Statement failed, SQLSTATE = HY024
unsuccessful metadata update
-ALTER DATABASE failed
-Crypt plugin CryptPluginName failed to load
Database not encrypted
MON$CRYPT_PAGE 0
Attributes force write

This is batch for checking on Windows:

@echo off
setlocal
set fbc=C:\MIX\firebird\fb40tmp
set host=localhost/3401
set dbnm=C:\MIX\firebird\QA\fbt-repo\tmp\c5292-40.fdb

del %dbnm% 2>nul

echo create database '%host%:%dbnm%'; | %fbc%\isql -q -z

echo show version; alter database encrypt with "CryptPluginName" key KeyName; commit; show database; ^
| %fbc%\isql %host%:%dbnm% ^
| findstr /i /c:encrypt

gstat -z -h %host%:%dbnm% | findstr /i /c:attrib

Its output:

ISQL Version: WI-T4.0.0.267 Firebird 4.0 Unstable
Server version:
WI-T4.0.0.267 Firebird 4.0 Unstable
WI-T4.0.0.267 Firebird 4.0 Unstable/tcp (csprog)/P13
WI-T4.0.0.267 Firebird 4.0 Unstable/tcp (csprog)/P13
Statement failed, SQLSTATE = HY024
unsuccessful metadata update
-ALTER DATABASE failed
-Crypt plugin CryptPluginName failed to load
Database not encrypted
Attributes force write

Any idea how to implement this test properly ?

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 3.0.1 [ 10730 ]

Fix Version: 4.0 Alpha 1 [ 10731 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Resolved [ 5 ]

QA Status: No test => Deferred

Test Details: Could NOT reproduce on:
1) LI-T4.0.0.238 (build on sources of 23-JUN-2016)
2) WI-V3.0.1.32539 (SNAPSHOT of 19-JUN-2016)
3) WI-T4.0.0.258 (SNAPSHOT of 19-JUN-2016), WI-T4.0.0.267 (SNAPSHOT of 23-JUN-2016)
(every of them use SS arch.)

In all cases name "CryptPluginName" was used (and there was no such file), but 'encrypted' flag always stay unchanged.

This is .sh for checking on Linux:

fbc=/root/downloads/chroot/64-gcc.4.8.2/opt/fb40hist/bin
host=localhost/3407
dbnm=/var/db/fb40/c5292.fdb
rm -f /var/db/fb40/c5292.fdb

echo "create database '$host:$dbnm';" | $fbc/isql -q -z

echo "set list on; show database; select * from mon\$database; commit; alter database encrypt with \"CryptPluginName\" key KeyName; commit; show database; select * from mon\$database;" \
| $fbc/isql $host:$dbnm \
| grep -i crypt

$fbc/gstat -h $host:$dbnm | grep -i attrib

Its output:

ISQL Version: LI-T4.0.0.238 Firebird 4.0 Unstable
Server version:
LI-T4.0.0.238 Firebird 4.0 Unstable
LI-T4.0.0.238 Firebird 4.0 Unstable/tcp (oel64)/P13
LI-T4.0.0.238 Firebird 4.0 Unstable/tcp (oel64)/P13
Database not encrypted
MON$CRYPT_PAGE 0
Statement failed, SQLSTATE = HY024
unsuccessful metadata update
-ALTER DATABASE failed
-Crypt plugin CryptPluginName failed to load
Database not encrypted
MON$CRYPT_PAGE 0
Attributes force write

This is batch for checking on Windows:

@echo off
setlocal
set fbc=C:\MIX\firebird\fb40tmp
set host=localhost/3401
set dbnm=C:\MIX\firebird\QA\fbt-repo\tmp\c5292-40.fdb

del %dbnm% 2>nul

echo create database '%host%:%dbnm%'; | %fbc%\isql -q -z

echo show version; alter database encrypt with "CryptPluginName" key KeyName; commit; show database; ^
| %fbc%\isql %host%:%dbnm% ^
| findstr /i /c:encrypt

gstat -z -h %host%:%dbnm% | findstr /i /c:attrib

Its output:

ISQL Version: WI-T4.0.0.267 Firebird 4.0 Unstable
Server version:
WI-T4.0.0.267 Firebird 4.0 Unstable
WI-T4.0.0.267 Firebird 4.0 Unstable/tcp (csprog)/P13
WI-T4.0.0.267 Firebird 4.0 Unstable/tcp (csprog)/P13
Statement failed, SQLSTATE = HY024
unsuccessful metadata update
-ALTER DATABASE failed
-Crypt plugin CryptPluginName failed to load
Database not encrypted
Attributes force write

Any idea how to implement this text properly ?

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Resolved [ 5 ]

Test Details: Could NOT reproduce on:
1) LI-T4.0.0.238 (build on sources of 23-JUN-2016)
2) WI-V3.0.1.32539 (SNAPSHOT of 19-JUN-2016)
3) WI-T4.0.0.258 (SNAPSHOT of 19-JUN-2016), WI-T4.0.0.267 (SNAPSHOT of 23-JUN-2016)
(every of them use SS arch.)

In all cases name "CryptPluginName" was used (and there was no such file), but 'encrypted' flag always stay unchanged.

This is .sh for checking on Linux:

fbc=/root/downloads/chroot/64-gcc.4.8.2/opt/fb40hist/bin
host=localhost/3407
dbnm=/var/db/fb40/c5292.fdb
rm -f /var/db/fb40/c5292.fdb

echo "create database '$host:$dbnm';" | $fbc/isql -q -z

echo "set list on; show database; select * from mon\$database; commit; alter database encrypt with \"CryptPluginName\" key KeyName; commit; show database; select * from mon\$database;" \
| $fbc/isql $host:$dbnm \
| grep -i crypt

$fbc/gstat -h $host:$dbnm | grep -i attrib

Its output:

ISQL Version: LI-T4.0.0.238 Firebird 4.0 Unstable
Server version:
LI-T4.0.0.238 Firebird 4.0 Unstable
LI-T4.0.0.238 Firebird 4.0 Unstable/tcp (oel64)/P13
LI-T4.0.0.238 Firebird 4.0 Unstable/tcp (oel64)/P13
Database not encrypted
MON$CRYPT_PAGE 0
Statement failed, SQLSTATE = HY024
unsuccessful metadata update
-ALTER DATABASE failed
-Crypt plugin CryptPluginName failed to load
Database not encrypted
MON$CRYPT_PAGE 0
Attributes force write

This is batch for checking on Windows:

@echo off
setlocal
set fbc=C:\MIX\firebird\fb40tmp
set host=localhost/3401
set dbnm=C:\MIX\firebird\QA\fbt-repo\tmp\c5292-40.fdb

del %dbnm% 2>nul

echo create database '%host%:%dbnm%'; | %fbc%\isql -q -z

echo show version; alter database encrypt with "CryptPluginName" key KeyName; commit; show database; ^
| %fbc%\isql %host%:%dbnm% ^
| findstr /i /c:encrypt

gstat -z -h %host%:%dbnm% | findstr /i /c:attrib

Its output:

ISQL Version: WI-T4.0.0.267 Firebird 4.0 Unstable
Server version:
WI-T4.0.0.267 Firebird 4.0 Unstable
WI-T4.0.0.267 Firebird 4.0 Unstable/tcp (csprog)/P13
WI-T4.0.0.267 Firebird 4.0 Unstable/tcp (csprog)/P13
Statement failed, SQLSTATE = HY024
unsuccessful metadata update
-ALTER DATABASE failed
-Crypt plugin CryptPluginName failed to load
Database not encrypted
Attributes force write

Any idea how to implement this text properly ?

=>

Could NOT reproduce on:
1) LI-T4.0.0.238 (build on sources of 23-JUN-2016)
2) WI-V3.0.1.32539 (SNAPSHOT of 19-JUN-2016)
3) WI-T4.0.0.258 (SNAPSHOT of 19-JUN-2016), WI-T4.0.0.267 (SNAPSHOT of 23-JUN-2016)
(every of them use SS arch.)

In all cases name "CryptPluginName" was used (and there was no such file), but 'encrypted' flag always stay unchanged.

This is .sh for checking on Linux:

fbc=/root/downloads/chroot/64-gcc.4.8.2/opt/fb40hist/bin
host=localhost/3407
dbnm=/var/db/fb40/c5292.fdb
rm -f /var/db/fb40/c5292.fdb

echo "create database '$host:$dbnm';" | $fbc/isql -q -z

echo "set list on; show database; select * from mon\$database; commit; alter database encrypt with \"CryptPluginName\" key KeyName; commit; show database; select * from mon\$database;" \
| $fbc/isql $host:$dbnm \
| grep -i crypt

$fbc/gstat -h $host:$dbnm | grep -i attrib

Its output:

ISQL Version: LI-T4.0.0.238 Firebird 4.0 Unstable
Server version:
LI-T4.0.0.238 Firebird 4.0 Unstable
LI-T4.0.0.238 Firebird 4.0 Unstable/tcp (oel64)/P13
LI-T4.0.0.238 Firebird 4.0 Unstable/tcp (oel64)/P13
Database not encrypted
MON$CRYPT_PAGE 0
Statement failed, SQLSTATE = HY024
unsuccessful metadata update
-ALTER DATABASE failed
-Crypt plugin CryptPluginName failed to load
Database not encrypted
MON$CRYPT_PAGE 0
Attributes force write

This is batch for checking on Windows:

@echo off
setlocal
set fbc=C:\MIX\firebird\fb40tmp
set host=localhost/3401
set dbnm=C:\MIX\firebird\QA\fbt-repo\tmp\c5292-40.fdb

del %dbnm% 2>nul

echo create database '%host%:%dbnm%'; | %fbc%\isql -q -z

echo show version; alter database encrypt with "CryptPluginName" key KeyName; commit; show database; ^
| %fbc%\isql %host%:%dbnm% ^
| findstr /i /c:encrypt

gstat -z -h %host%:%dbnm% | findstr /i /c:attrib

Its output:

ISQL Version: WI-T4.0.0.267 Firebird 4.0 Unstable
Server version:
WI-T4.0.0.267 Firebird 4.0 Unstable
WI-T4.0.0.267 Firebird 4.0 Unstable/tcp (csprog)/P13
WI-T4.0.0.267 Firebird 4.0 Unstable/tcp (csprog)/P13
Statement failed, SQLSTATE = HY024
unsuccessful metadata update
-ALTER DATABASE failed
-Crypt plugin CryptPluginName failed to load
Database not encrypted
Attributes force write

Any idea how to implement this test properly ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment