diff options
| -rw-r--r-- | storage/innobase/fil/fil0crypt.cc | 7 | ||||
| -rw-r--r-- | storage/xtradb/fil/fil0crypt.cc | 6 |
2 files changed, 13 insertions, 0 deletions
diff --git a/storage/innobase/fil/fil0crypt.cc b/storage/innobase/fil/fil0crypt.cc index 757c034d684..7c475e62ba0 100644 --- a/storage/innobase/fil/fil0crypt.cc +++ b/storage/innobase/fil/fil0crypt.cc @@ -982,6 +982,12 @@ fil_crypt_needs_rotation( return true; } + /** If the rotate_key_age is zero then innodb doesn't + re-encrypt the encrypted tablespace. */ + if (rotate_key_age == 0) { + return false; + } + /* this is rotation encrypted => encrypted, * only reencrypt if key is sufficiently old */ if (key_version + rotate_key_age < latest_key_version) { @@ -1267,6 +1273,7 @@ fil_crypt_space_needs_rotation( fil_crypt_get_key_state(key_state, crypt_data); } + bool need_key_rotation = fil_crypt_needs_rotation( crypt_data, crypt_data->min_key_version, diff --git a/storage/xtradb/fil/fil0crypt.cc b/storage/xtradb/fil/fil0crypt.cc index 3daa461445d..588f01b52f9 100644 --- a/storage/xtradb/fil/fil0crypt.cc +++ b/storage/xtradb/fil/fil0crypt.cc @@ -982,6 +982,12 @@ fil_crypt_needs_rotation( return true; } + /* If rotate_key_age is zero then don't re-encrypt + the encrypted tablespace. */ + if (rotate_key_age ==0) { + return false; + } + /* this is rotation encrypted => encrypted, * only reencrypt if key is sufficiently old */ if (key_version + rotate_key_age < latest_key_version) { |