WL#15166 patch #2 Ndbinfo certificates table

Implement ndb$certificates base table and certificates view.
Update results for tests ndbinfo and ndbinfo plans.

Change-Id: Iab1b89f5eb82ac1b3e0c049dd55eb7d07394070a

Author: jdduncan

mysql-test/suite/ndb/r/ndbinfo.result

@@ -94,9 +94,10 @@ table_id	table_name	comment
 46	cpudata_50ms	Data about CPU usage per 50ms last second
 47	cpudata_1sec	Data about CPU usage per second last 20 seconds
 48	cpudata_20sec	Data about CPU usage per 20 sec last 400 seconds
+49	certificates	Certificates in current use for TLS connections
 SELECT COUNT(*) FROM ndb$tables;
 COUNT(*)
-49
+50
 SELECT * FROM ndb$tables WHERE table_id = 2;
 table_id	table_name	comment	rows_estimate
 2	test	for testing	8000
@@ -145,6 +146,7 @@ table_id	table_name	comment
 46	cpudata_50ms	Data about CPU usage per 50ms last second
 47	cpudata_1sec	Data about CPU usage per second last 20 seconds
 48	cpudata_20sec	Data about CPU usage per 20 sec last 400 seconds
+49	certificates	Certificates in current use for TLS connections
 SELECT * FROM ndb$tables WHERE table_name = 'LOGDESTINATION';
 table_id	table_name	comment	rows_estimate
 SELECT COUNT(*) FROM ndb$tables t, ndb$columns c
@@ -165,6 +167,7 @@ table_id
 SELECT table_id, table_name FROM ndb$tables ORDER BY table_name;
 table_id	table_name
 30	acc_operations
+49	certificates
 1	columns
 39	config_nodes
 23	config_values
@@ -297,6 +300,7 @@ table_id
 46
 47
 48
+49
 
 TRUNCATE ndb$tables;
 ERROR HY000: Table 'ndb$tables' is read only

mysql-test/suite/ndb/r/ndbinfo_plans.result

@@ -5,7 +5,7 @@ use ndbinfo;
 ##
 ## ndb$tables
 select count(*) from ndb$tables;
-count(*)	49
+count(*)	50
 explain select count(*) from ndb$tables;
 id	1
 select_type	SIMPLE
@@ -62,7 +62,8 @@ index_columns	20	80
 ndb$acc_operations	15	64
 ndb$backup_id	1	20
 ndb$blocks	29	20
-ndb$columns	530	44
+ndb$certificates	34	44
+ndb$columns	535	44
 ndb$config_nodes	34	28
 ndb$config_params	167	120
 ndb$config_values	330	24
@@ -99,7 +100,7 @@ ndb$table_fragments	344	60
 ndb$table_fragments_all	344	60
 ndb$table_replicas	344	64
 ndb$table_replicas_all	344	64
-ndb$tables	49	40
+ndb$tables	50	40
 ndb$tc_time_track_stats	384	104
 ndb$test	8000	24
 ndb$threadblocks	124	16

storage/ndb/include/debugger/Ndbinfo.hpp

@@ -96,7 +96,8 @@ class Ndbinfo {
     CPUDATA_TABLEID =            45,
     CPUDATA_50MS_TABLEID =       46,
     CPUDATA_1SEC_TABLEID =       47,
-    CPUDATA_20SEC_TABLEID =      48
+    CPUDATA_20SEC_TABLEID =      48,
+    CERTIFICATES_TABLEID =       49
   };
 
   enum BufferId {

storage/ndb/include/transporter/TransporterRegistry.hpp

@@ -717,6 +717,9 @@ class TransporterRegistry
                          Uint32 max_trp_ids);
 
   Uint32 get_num_trps();
+  TlsKeyManager * getTlsKeyManager()  { return & m_tls_keys; }
+  bool hasTlsCert() const             { return (bool) m_tls_keys.ctx(); }
+
 private:
   /**
    * Sum of max transporter memory for each transporter.

storage/ndb/plugin/ha_ndbinfo_sql.cc

@@ -86,6 +86,10 @@ static struct view {
     {"ndbinfo", "blocks",
      "SELECT block_number, block_name "
      "FROM `ndbinfo`.`ndb$blocks`"},
+    {"ndbinfo", "certificates",
+     "SELECT distinct node_id as Node_id, name as Name, "
+     "from_unixtime(expires, '%d-%b-%Y') as Expires, serial as Serial "
+     "FROM `ndbinfo`.ndb$certificates"},
     {"ndbinfo", "cluster_locks",
      "SELECT "
      "`ndbinfo`.`ndb$acc_operations`.`node_id` AS `node_id`,"

storage/ndb/src/common/debugger/NdbinfoTables.cpp

@@ -1283,6 +1283,19 @@ DECLARE_NDBINFO_TABLE(CPUDATA_20SEC, 10) =
   }
 };
 
+DECLARE_NDBINFO_TABLE(CERTIFICATES, 5) =
+{ { "certificates", 5, 0,
+    [] (const Ndbinfo::Counts &c) { return c.data_nodes * c.all_nodes; },
+    "Certificates in current use for TLS connections" },
+  {
+    { "reporting_node_id", Ndbinfo::Number, "Reporting node" },
+    { "node_id",           Ndbinfo::Number, "Peer node" },
+    { "name",              Ndbinfo::String, "Certificate subject common name" },
+    { "serial",            Ndbinfo::String, "Certificate serial number" },
+    { "expires",           Ndbinfo::Number, "Certificate expiration date" }
+  }
+};
+
 #define DBINFOTBL(x) { Ndbinfo::x##_TABLEID, (const Ndbinfo::Table*)&ndbinfo_##x }
 
 static
@@ -1340,7 +1353,8 @@ struct ndbinfo_table_list_entry {
   DBINFOTBL(CPUDATA),
   DBINFOTBL(CPUDATA_50MS),
   DBINFOTBL(CPUDATA_1SEC),
-  DBINFOTBL(CPUDATA_20SEC)
+  DBINFOTBL(CPUDATA_20SEC),
+  DBINFOTBL(CERTIFICATES)
 };
 
 static int no_ndbinfo_tables =

storage/ndb/src/kernel/blocks/trpman.cpp

@@ -585,6 +585,33 @@ Trpman::execDBINFO_SCANREQ(Signal *signal)
     break;
   }
 
+  case Ndbinfo::CERTIFICATES_TABLEID:
+  {
+    TlsKeyManager * keyMgr = globalTransporterRegistry.getTlsKeyManager();
+    int peer_node_id = cursor->data[0];
+    cert_table_entry entry;
+    while(keyMgr->iterate_cert_table(peer_node_id, & entry)) {
+
+      jam();
+      Ndbinfo::Row row(signal, req);
+
+      row.write_uint32(getOwnNodeId());
+      row.write_uint32(peer_node_id);
+      row.write_string(entry.name);
+      row.write_string(entry.serial);
+      row.write_uint32(entry.expires);
+
+      ndbinfo_send_row(signal, req, row, rl);
+
+      if (rl.need_break(req))
+      {
+        jam();
+        ndbinfo_send_scan_break(signal, req, rl, peer_node_id);
+        return;
+      }
+    }
+  }
+
   default:
     break;
   }