Prepare release of wxSQLite3 4.7.2

utelle · utelle · commit 9c0ccfee7743 · 2021-05-14T22:21:15.000+02:00
Upgrade to SQLite3 Multiple Ciphers version 1.3.2 (SQLite version 3.35.5)
diff --git a/configure.ac b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (C) 2017-2021 Ulrich Telle <ulrich@telle-online.de>, Vadim Zeitlin
 dnl
 dnl This file is covered by the same licence as the entire wxSQLite3 package.
 
-AC_INIT([wxsqlite3], [4.7.1], [ulrich@telle-online.de])
+AC_INIT([wxsqlite3], [4.7.2], [ulrich@telle-online.de])
 
 dnl This is the version tested with, might work with earlier ones.
 AC_PREREQ([2.69])
diff --git a/docs/Doxyfile b/docs/Doxyfile
@@ -38,7 +38,7 @@ PROJECT_NAME           = wxSQLite3
 # could be handy for archiving the generated documentation or if some version
 # control system is used.
 
-PROJECT_NUMBER         = 4.7.1
+PROJECT_NUMBER         = 4.7.2
 
 # Using the PROJECT_BRIEF tag one can provide an optional one line description
 # for a project that appears at the top of each page and should give viewer a
diff --git a/include/wx/wxsqlite3_version.h b/include/wx/wxsqlite3_version.h
@@ -14,8 +14,8 @@
 
 #define WXSQLITE3_MAJOR_VERSION      4
 #define WXSQLITE3_MINOR_VERSION      7
-#define WXSQLITE3_RELEASE_NUMBER     0
+#define WXSQLITE3_RELEASE_NUMBER     2
 #define WXSQLITE3_SUBRELEASE_NUMBER  0
-#define WXSQLITE3_VERSION_STRING     "wxSQLite3 4.7.0"
+#define WXSQLITE3_VERSION_STRING     "wxSQLite3 4.7.2"
 
 #endif // WXSQLITE3_VERSION_H_
diff --git a/include/wx/wxsqlite3def.h b/include/wx/wxsqlite3def.h
@@ -46,6 +46,16 @@
 
 <dl>
 
+<dt><b>4.7.2</b> - <i>May 2021</i></dt>
+<dd>
+Upgrade to <i>SQLite3 Multiple Ciphers version 1.3.2 (SQLite version 3.35.5)</i><br>
+
+</dd>
+<dt><b>4.7.1</b> - <i>April 2021</i></dt>
+<dd>
+Upgrade to <i>SQLite3 Multiple Ciphers version 1.3.1 (SQLite version 3.35.5)</i><br>
+
+</dd>
 <dt><b>4.7.0</b> - <i>April 2021</i></dt>
 <dd>
 Upgrade to <i>SQLite3 Multiple Ciphers version 1.3.0 (SQLite version 3.35.5)</i><br>
diff --git a/readme.md b/readme.md
@@ -48,6 +48,8 @@ Since August 2020 a new implementation of an encryption extension, capable of su
 
 ## <a name="history"></a>Version history
 
+* 4.7.2 - *May 2021*
+  - Upgrade to SQLite3 Multiple Ciphers version 1.3.2 (SQLite version 3.35.5)
 * 4.7.1 - *April 2021*
   - Upgrade to SQLite3 Multiple Ciphers version 1.3.1 (SQLite version 3.35.5)
 * 4.7.0 - *April 2021*
diff --git a/src/sqlite3mc_amalgamation.c b/src/sqlite3mc_amalgamation.c
@@ -246940,9 +246940,9 @@ SQLITE_API void sqlite3mc_vfs_shutdown();
 
 #define SQLITE3MC_VERSION_MAJOR      1
 #define SQLITE3MC_VERSION_MINOR      3
-#define SQLITE3MC_VERSION_RELEASE    1
+#define SQLITE3MC_VERSION_RELEASE    2
 #define SQLITE3MC_VERSION_SUBRELEASE 0
-#define SQLITE3MC_VERSION_STRING     "SQLite3 Multiple Ciphers 1.3.1"
+#define SQLITE3MC_VERSION_STRING     "SQLite3 Multiple Ciphers 1.3.2"
 
 #endif /* SQLITE3MC_VERSION_H_ */
 /*** End of #include "sqlite3mc_version.h" ***/
@@ -252951,7 +252951,7 @@ void RijndaelInvalidate(Rijndael* rijndael)
 ** Purpose:     Header for the ciphers of SQLite3 Multiple Ciphers
 ** Author:      Ulrich Telle
 ** Created:     2020-02-02
-** Copyright:   (c) 2006-2020 Ulrich Telle
+** Copyright:   (c) 2006-2021 Ulrich Telle
 ** License:     MIT
 */
 
@@ -252988,6 +252988,7 @@ typedef struct _Codec
 {
   int           m_isEncrypted;
   int           m_hmacCheck;
+  int           m_walLegacy;
   /* Read cipher */
   int           m_hasReadCipher;
   int           m_readCipherType;
@@ -253188,6 +253189,33 @@ SQLITE_PRIVATE void sqlite3mcCodecGetKey(sqlite3* db, int nDb, void** zKey, int*
 #define SQLITE3MC_DEBUG_HEX(DESC,BUFFER,LEN)
 #endif
 
+/*
+** If encryption was enabled and WAL journal mode was used,
+** SQLite3 Multiple Ciphers encrypted the WAL journal frames up to version 1.2.5
+** within the VFS implementation. As a consequence the WAL journal file was not
+** compatible with legacy encryption implementations (for example, System.Data.SQLite
+** or SQLCipher). Additionally, the implementation of the WAL journal encryption
+** was broken, because reading and writing of complete WAL frames was not handled
+** correctly. Usually, operating in WAL journal mode worked nevertheless, but after
+** crashes the WAL journal file could be corrupted leading to data loss.
+**
+** Version 1.3.0 introduced a new way to handle WAL journal encryption. The advantage
+** is that the WAL journal file is now compatible with legacy encryption implementations.
+** Unfortunately the new implementation is not compatible with that used up to version
+** 1.2.5. To be able to access WAL journals created by prior versions, the configuration
+** parameter 'mc_legacy_wal' was introduced. If the parameter is set to 1, then the
+** prior WAL journal encryption mode is used. The default of this parameter can be set
+** at compile time by setting the symbol SQLITE3MC_LEGACY_WAL accordingly, but the actual
+** value can also be set at runtime using the pragma or the URI parameter 'mc_legacy_wal'.
+**
+** In principle, operating generally in WAL legacy mode is possible, but it is strongly
+** recommended to use the WAL legacy mode only to recover WAL journals left behind by
+** prior versions without data loss.
+*/
+#ifndef SQLITE3MC_LEGACY_WAL
+#define SQLITE3MC_LEGACY_WAL 0
+#endif
+
 #endif
 /*** End of #include "cipher_common.h" ***/
 
@@ -255040,7 +255068,7 @@ SQLITE_PRIVATE const CipherDescriptor mcRC4Descriptor =
 ** Purpose:     Implementation of SQLite codecs
 ** Author:      Ulrich Telle
 ** Created:     2020-02-02
-** Copyright:   (c) 2006-2020 Ulrich Telle
+** Copyright:   (c) 2006-2021 Ulrich Telle
 ** License:     MIT
 */
 
@@ -255061,8 +255089,9 @@ static unsigned char padding[] =
 
 static CipherParams commonParams[] =
 {
-  { "cipher",     CODEC_TYPE, CODEC_TYPE, 1, CODEC_TYPE_MAX },
-  { "hmac_check",          1,          1, 0,              1 },
+  { "cipher",                  CODEC_TYPE,           CODEC_TYPE, 1, CODEC_TYPE_MAX },
+  { "hmac_check",                       1,                    1, 0,              1 },
+  { "mc_legacy_wal", SQLITE3MC_LEGACY_WAL, SQLITE3MC_LEGACY_WAL, 0,              1 },
   CIPHER_PARAMS_SENTINEL
 };
 
@@ -255243,6 +255272,7 @@ sqlite3mcCodecInit(Codec* codec)
   {
     codec->m_isEncrypted = 0;
     codec->m_hmacCheck = 1;
+    codec->m_walLegacy = 0;
 
     codec->m_hasReadCipher = 0;
     codec->m_readCipherType = CODEC_TYPE_UNKNOWN;
@@ -255302,6 +255332,7 @@ sqlite3mcCodecSetup(Codec* codec, int cipherType, char* userPassword, int passwo
   CipherParams* globalParams = sqlite3mcGetCipherParams(codec->m_db, 0);
   codec->m_isEncrypted = 1;
   codec->m_hmacCheck = sqlite3mcGetCipherParameter(globalParams, "hmac_check");
+  codec->m_walLegacy = sqlite3mcGetCipherParameter(globalParams, "mc_legacy_wal");
   codec->m_hasReadCipher = 1;
   codec->m_hasWriteCipher = 1;
   codec->m_readCipherType = cipherType;
@@ -255330,6 +255361,7 @@ sqlite3mcSetupWriteCipher(Codec* codec, int cipherType, char* userPassword, int
   }
   codec->m_isEncrypted = 1;
   codec->m_hmacCheck = sqlite3mcGetCipherParameter(globalParams, "hmac_check");
+  codec->m_walLegacy = sqlite3mcGetCipherParameter(globalParams, "mc_legacy_wal");
   codec->m_hasWriteCipher = 1;
   codec->m_writeCipherType = cipherType;
   codec->m_writeCipher = codecDescriptorTable[codec->m_writeCipherType-1]->m_allocateCipher(codec->m_db);
@@ -255513,6 +255545,7 @@ sqlite3mcCodecCopy(Codec* codec, Codec* other)
   int rc = SQLITE_OK;
   codec->m_isEncrypted = other->m_isEncrypted;
   codec->m_hmacCheck = other->m_hmacCheck;
+  codec->m_walLegacy = other->m_walLegacy;
   codec->m_hasReadCipher = other->m_hasReadCipher;
   codec->m_hasWriteCipher = other->m_hasWriteCipher;
   codec->m_readCipherType = other->m_readCipherType;
@@ -256377,6 +256410,7 @@ sqlite3mcConfigureFromUri(sqlite3* db, const char *zDbName, int configDefault)
         int skipLegacy = 0;
         /* Set global parameters (cipher and hmac_check) */
         int hmacCheck = sqlite3_uri_boolean(dbFileName, "hmac_check", 1);
+        int walLegacy = sqlite3_uri_boolean(dbFileName, "mc_legacy_wal", 0);
         if (configDefault)
         {
           sqlite3mc_config(db, "default:cipher", globalCodecParameterTable[j].m_id);
@@ -256389,6 +256423,7 @@ sqlite3mcConfigureFromUri(sqlite3* db, const char *zDbName, int configDefault)
         {
           sqlite3mc_config(db, "hmac_check", hmacCheck);
         }
+        sqlite3mc_config(db, "mc_legacy_wal", walLegacy);
 
 #if HAVE_CIPHER_SQLCIPHER
         /* Special handling for SQLCipher */
@@ -256515,6 +256550,13 @@ sqlite3mcFileControlPragma(sqlite3* db, const char* zDbName, int op, void* pArg)
       ((char**)pArg)[0] = sqlite3_mprintf("%d", value);
       rc = SQLITE_OK;
     }
+    else if (sqlite3StrICmp(pragmaName, "mc_legacy_wal") == 0)
+    {
+      int walLegacy = (pragmaValue != NULL) ? sqlite3GetBoolean(pragmaValue, 0) : -1;
+      int value = sqlite3mc_config(db, "mc_legacy_wal", walLegacy);
+      ((char**)pArg)[0] = sqlite3_mprintf("%d", value);
+      rc = SQLITE_OK;
+    }
     else if (sqlite3StrICmp(pragmaName, "key") == 0)
     {
       rc = sqlite3_key_v2(db, zDbName, pragmaValue, -1);
@@ -267361,7 +267403,7 @@ int sqlite3_regexp_init(
 ** Purpose:     Implementation of SQLite VFS for Multiple Ciphers
 ** Author:      Ulrich Telle
 ** Created:     2020-02-28
-** Copyright:   (c) 2020 Ulrich Telle
+** Copyright:   (c) 2020-2021 Ulrich Telle
 ** License:     MIT
 */
 
@@ -267641,8 +267683,8 @@ SQLITE_PRIVATE void* sqlite3mcPagerCodec(PgHdr* pPg)
   if (pFile->pMethods == &mcIoMethodsGlobal)
   {
     sqlite3mc_file* mcFile = (sqlite3mc_file*) pFile;
-    Codec* codec = (mcFile->pMainDb) ? mcFile->pMainDb->codec : 0;
-    if (codec != 0 && sqlite3mcIsEncrypted(codec))
+    Codec* codec = mcFile->codec;
+    if (codec != 0 && codec->m_walLegacy == 0 && sqlite3mcIsEncrypted(codec))
     {
       aData = sqlite3mcCodec(codec, pPg->pData, pPg->pgno, 6);
     }
@@ -268037,7 +268079,19 @@ static int mcReadWal(sqlite3_file* pFile, const void* buffer, int count, sqlite3
       */
       if (pageNo != 0)
       {
-        void* bufferDecrypted = sqlite3mcCodec(codec, (char*) buffer, pageNo, 3);
+        void* bufferDecrypted = sqlite3mcCodec(codec, (char*)buffer, pageNo, 3);
+      }
+    }
+    else if (codec->m_walLegacy != 0 && count == pageSize + walFrameHeaderSize)
+    {
+      int pageNo = sqlite3Get4byte(buffer);
+
+      /*
+      ** Decrypt page content if page number is valid
+      */
+      if (pageNo != 0)
+      {
+        void* bufferDecrypted = sqlite3mcCodec(codec, (char*)buffer+walFrameHeaderSize, pageNo, 3);
       }
     }
   }
@@ -268266,7 +268320,7 @@ static int mcWriteWal(sqlite3_file* pFile, const void* buffer, int count, sqlite
   sqlite3mc_file* mcFile = (sqlite3mc_file*) pFile;
   Codec* codec = (mcFile->pMainDb) ? mcFile->pMainDb->codec : 0;
 
-  if (codec != 0 && sqlite3mcIsEncrypted(codec))
+  if (codec != 0 && codec->m_walLegacy != 0 && sqlite3mcIsEncrypted(codec))
   {
     const int pageSize = sqlite3mcGetPageSize(codec);
 
@@ -268282,7 +268336,7 @@ static int mcWriteWal(sqlite3_file* pFile, const void* buffer, int count, sqlite
       ** immediately before writing the corresponding page content.
       ** Page numbers and checksums are written to file independently.
       ** Therefore it is necessary to explicitly read the page number
-      ** on writing to file the contetn of a page.
+      ** on writing to file the content of a page.
       */
       rc = REALFILE(pFile)->pMethods->xRead(REALFILE(pFile), ac, 4, offset - walFrameHeaderSize);
       if (rc == SQLITE_OK)
@@ -268306,6 +268360,26 @@ static int mcWriteWal(sqlite3_file* pFile, const void* buffer, int count, sqlite
         rc = REALFILE(pFile)->pMethods->xWrite(REALFILE(pFile), buffer, count, offset);
       }
     }
+    else if (count == pageSize + walFrameHeaderSize)
+    {
+      int pageNo = sqlite3Get4byte(buffer);
+      if (pageNo != 0)
+      {
+        /*
+        ** Encrypt the page buffer, but only if the page number is valid
+        */
+        void* bufferEncrypted = sqlite3mcCodec(codec, (char*)buffer+walFrameHeaderSize, pageNo, 7);
+        rc = REALFILE(pFile)->pMethods->xWrite(REALFILE(pFile), buffer, walFrameHeaderSize, offset);
+        rc = REALFILE(pFile)->pMethods->xWrite(REALFILE(pFile), bufferEncrypted, pageSize, offset+walFrameHeaderSize);
+      }
+      else
+      {
+        /*
+        ** Write buffer without encryption if the page number could not be determined
+        */
+        rc = REALFILE(pFile)->pMethods->xWrite(REALFILE(pFile), buffer, count, offset);
+      }
+    }
     else
     {
       /*
@@ -268375,7 +268449,6 @@ static int mcIoWrite(sqlite3_file* pFile, const void* buffer, int count, sqlite3
     */
   }
 #endif
-#if 0
   /*
   ** The page content is encrypted in memory in the WAL journal handler.
   ** This provides for compatibility with legacy applications using the
@@ -268385,7 +268458,6 @@ static int mcIoWrite(sqlite3_file* pFile, const void* buffer, int count, sqlite3
   {
     rc = mcWriteWal(pFile, buffer, count, offset);
   }
-#endif
   else
   {
     rc = REALFILE(pFile)->pMethods->xWrite(REALFILE(pFile), buffer, count, offset);
