Uploaded image for project: 'WiredTiger'
  1. WiredTiger
  2. WT-1999

Crypto API Calls customize when no Encryptors are provided

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Duplicate
    • Affects Version/s: WT2.6.1
    • Fix Version/s: None
    • Component/s: None
    • Labels:

      Description

      WT crypto API calls customize regardless if any encryptors have been provided in the wiredtiger_open call. That is when mongod is started without --enableEncryption.

      It would be nice to check if encryptors are provided and error out if necessary.

      commands used:
      ./mongod --enableEncryption --encryptionKeyFile key
      db.test.insert({a:1})
      ./mongod # crash
       
      LLDB log:
      ➜  dev.mongo git:(SERVER-19116) ✗ lldb -- ./mongod
      (lldb) target create "./mongod"
      Current executable set to './mongod' (x86_64).
      (lldb) r
      Process 2537 launched: './mongod' (x86_64)
      2015-07-06T18:24:55.737-0400 I -        [initandlisten] Detected data files in /data/db created by the 'wiredTiger' storage engine, so setting the active storage engine to 'wiredTiger'.
      2015-07-06T18:24:55.737-0400 I STORAGE  [initandlisten] wiredtiger_open config: create,cache_size=9G,session_max=20000,eviction=(threads_max=4),statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),file_manager=(close_idle_time=100000),checkpoint=(wait=60,log_size=2GB),statistics_log=(wait=0),
      Process 2537 stopped
      * thread #1: tid = 0x7b1b9, 0x000000010077dbbb mongod`mongo::EncryptionKeyManager::_acquireSystemKey() [inlined] std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >::__is_long(this=0x646e616d6d6f63ac) const + 28 at string:1716, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=EXC_I386_GPFLT)
          frame #0: 0x000000010077dbbb mongod`mongo::EncryptionKeyManager::_acquireSystemKey() [inlined] std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >::__is_long(this=0x646e616d6d6f63ac) const + 28 at string:1716
         1713	
         1714	    _LIBCPP_INLINE_VISIBILITY
         1715	    bool __is_long() const _NOEXCEPT
      -> 1716	        {return bool(__r_.first().__s.__size_ & __short_mask);}
         1717	
         1718	#if _LIBCPP_DEBUG_LEVEL >= 2
         1719	
      (lldb) bt
      * thread #1: tid = 0x7b1b9, 0x000000010077dbbb mongod`mongo::EncryptionKeyManager::_acquireSystemKey() [inlined] std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >::__is_long(this=0x646e616d6d6f63ac) const + 28 at string:1716, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=EXC_I386_GPFLT)
        * frame #0: 0x000000010077dbbb mongod`mongo::EncryptionKeyManager::_acquireSystemKey() [inlined] std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >::__is_long(this=0x646e616d6d6f63ac) const + 28 at string:1716
          frame #1: 0x000000010077db9f mongod`mongo::EncryptionKeyManager::_acquireSystemKey() [inlined] std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >::size(this=0x646e616d6d6f63ac) const + 14 at string:1483
          frame #2: 0x000000010077db91 mongod`mongo::EncryptionKeyManager::_acquireSystemKey() [inlined] std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >::empty(this=0x646e616d6d6f63ac) const + 14 at string:1497
          frame #3: 0x000000010077db83 mongod`mongo::EncryptionKeyManager::_acquireSystemKey(this=0x0000000104d005d0) + 67 at encryption_key_manager.cpp:192
          frame #4: 0x000000010077d6af mongod`mongo::EncryptionKeyManager::getKey(this=0x0000000104d005d0, keyID=0x00007fff5fbfc5d0) + 95 at encryption_key_manager.cpp:78
          frame #5: 0x00000001007a6bb4 mongod`mongo::(anonymous namespace)::customize(encryptor=0x0000000104d05290, session=0x0000000106800000, encryptConfig=0x00007fff5fbfcb80, customEncryptor=0x00007fff5fbfc938) + 788 at wiredtiger_encryption_callbacks.cpp:92
          frame #6: 0x0000000101b9a019 mongod`__wt_encryptor_config(session=0x0000000106800000, cval=0x00007fff5fbfcaa8, keyid=0x00007fff5fbfca88, cfg_arg=0x00007fff5fbfcb80, kencryptorp=0x00000001058345c0) + 665 at conn_api.c:443
          frame #7: 0x0000000101b9bcab mongod`wiredtiger_open(home=0x000000010218e229, event_handler=0x0000000104d041f0, config=0x0000000104d045a0, wt_connp=0x0000000104d041e8) + 3963 at conn_api.c:2006
          frame #8: 0x0000000100ef9e01 mongod`mongo::WiredTigerKVEngine::WiredTigerKVEngine(this=0x0000000104d041e0, path=0x000000010218e228, extraOpenOptions=0x000000010218e110, durable=true, repair=false) + 5201 at wiredtiger_kv_engine.cpp:121
          frame #9: 0x0000000100efaeac mongod`mongo::WiredTigerKVEngine::WiredTigerKVEngine(this=0x0000000104d041e0, path=0x000000010218e228, extraOpenOptions=0x000000010218e110, durable=true, repair=false) + 76 at wiredtiger_kv_engine.cpp:143
          frame #10: 0x0000000100ef7f77 mongod`mongo::(anonymous namespace)::WiredTigerFactory::create(this=0x0000000103e35350, params=0x000000010218e208, lockFile=0x0000000104d04190) const + 215 at wiredtiger_init.cpp:64
          frame #11: 0x0000000100d72d90 mongod`mongo::ServiceContextMongoD::initializeGlobalStorageEngine(this=0x0000000103e5e000) + 3936 at service_context_d.cpp:144
          frame #12: 0x0000000100001d0d mongod`mongo::_initAndListen(listenPort=27017) + 1021 at db.cpp:416
          frame #13: 0x00000001000014c3 mongod`mongo::initAndListen(listenPort=27017) + 19 at db.cpp:594
          frame #14: 0x0000000100004c03 mongod`mongoDbMain(argc=1, argv=0x00007fff5fbffac8, envp=0x00007fff5fbffad8) + 803 at db.cpp:823
          frame #15: 0x00000001000048ca mongod`main(argc=1, argv=0x00007fff5fbffac8, envp=0x00007fff5fbffad8) + 42 at db.cpp:639
          frame #16: 0x00007fff9c1615c9 libdyld.dylib`start + 1
          frame #17: 0x00007fff9c1615c9 libdyld.dylib`start + 1
      (lldb) 
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                robert.guo Robert Guo
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: