Skip to content

SET command to disable mapping #267

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 14 commits into from
Jun 26, 2025
Merged

SET command to disable mapping #267

merged 14 commits into from
Jun 26, 2025

Conversation

@freshtonic
Copy link
Contributor

@freshtonic freshtonic commented Jun 19, 2025
edited by tobyhede
Loading

Adds ability to disable and re-enable mapping for a connection

Disable mapping

SET CIPHERSTASH.UNSAFE_DISABLE_MAPPING = true;

Enable mapping

SET CIPHERSTASH.UNSAFE_DISABLE_MAPPING = false;

The SET command is always scoped to the connection SESSION - mapping is only ever disabled for the client connection the SET command was issued on.

This also adds a prometheus metric called STATEMENTS_PASSTHROUGH_MAPPING_DISABLED_TOTAL that tracks the count of statements passed through while mapping was disabled using this command.

@freshtonic freshtonic requested a review from tobyhede June 19, 2025 06:52
@freshtonic freshtonic marked this pull request as draft June 19, 2025 06:53
@tobyhede tobyhede force-pushed the fix/prevent-unsupported-sql-syntax-from-breaking-migrations branch from 25c7ef7 to 5d3569a Compare June 23, 2025 02:04
freshtonic and others added 3 commits June 23, 2025 13:23
@freshtonic @tobyhede
feat: config setting to skip mapping of next statement only
b4d0dab 
When the proxy sees the following command from a client:

```sql
SET LOCAL UNSAFE_SKIP_MAPPING_NEXT_STATEMENT = t;
```

Parsing & mapping of the next statement ONLY will be skipped.

This is useful for working around `sqlparser` SQL grammar coverage
issues for database migrations in particular.

This command is not yet documented. It's possible that its full
implications may not be fully understood re: security and therefore it's
probably best to reveal its existence to customers on an as-needed
basis.

We should also consider a Proxy configuration option for completely
disabling this command.

NOT YET IMPLEMENTED:

- Setting this variable should also disable decryption of any results
  returned from the query, closing off a potential exploit.

- Integration test
@tobyhede
feat: unsafe_disable_mapping
cb12549
@tobyhede
refactor: clearer test helper function naming
0d35884
@tobyhede tobyhede force-pushed the fix/prevent-unsupported-sql-syntax-from-breaking-migrations branch 3 times, most recently from d13b1f9 to 031cc69 Compare June 23, 2025 03:37
@tobyhede tobyhede marked this pull request as ready for review June 23, 2025 04:38
@tobyhede tobyhede changed the title feat: config setting to skip mapping of next statement only Disable mapping Jun 23, 2025
@tobyhede tobyhede changed the title Disable mapping SET commaned to disable mapping Jun 23, 2025
@tobyhede tobyhede changed the title SET commaned to disable mapping SET command to disable mapping Jun 23, 2025
@tobyhede tobyhede force-pushed the fix/prevent-unsupported-sql-syntax-from-breaking-migrations branch from 031cc69 to b5a6b5f Compare June 23, 2025 05:49
auxesis
auxesis requested changes Jun 24, 2025
View reviewed changes
Copy link
Contributor

@auxesis auxesis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Solid work @tobyhede.

I have included some small docs changes for clarity, and have requested one section at the end of the README be done differently.

tobyhede and others added 5 commits June 25, 2025 16:37
@tobyhede @auxesis
Update docs/reference.md
9149c29 
Co-authored-by: Lindsay Holmwood <lindsay@cipherstash.com>
Signed-off-by: Toby Hede <tobyhede@info-architects.net>
@tobyhede @auxesis
Update docs/reference.md
1a662e1 
Co-authored-by: Lindsay Holmwood <lindsay@cipherstash.com>
Signed-off-by: Toby Hede <tobyhede@info-architects.net>
@tobyhede @auxesis
Update docs/reference.md
628ed72 
Co-authored-by: Lindsay Holmwood <lindsay@cipherstash.com>
Signed-off-by: Toby Hede <tobyhede@info-architects.net>
@tobyhede @auxesis
Update docs/reference.md
c3ff662 
Co-authored-by: Lindsay Holmwood <lindsay@cipherstash.com>
Signed-off-by: Toby Hede <tobyhede@info-architects.net>
@tobyhede @auxesis
Update docs/reference.md
72dea21 
Co-authored-by: Lindsay Holmwood <lindsay@cipherstash.com>
Signed-off-by: Toby Hede <tobyhede@info-architects.net>
@tobyhede tobyhede requested a review from auxesis June 25, 2025 23:37
auxesis
auxesis approved these changes Jun 26, 2025
View reviewed changes
Copy link
Contributor

@auxesis auxesis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for these updates @tobyhede!

I added some more suggestions, will commit them and merge the PR.

@auxesis
docs: minor copy and formatting edits, and add a preamble
1c96542 
 - make title active
 - explain context of encrypted mapping
 - remove definite article, to remove diminuitive
 - line per sentence, to improve maintainability
 - explain that the section refers to mapping behaviour
@auxesis auxesis force-pushed the fix/prevent-unsupported-sql-syntax-from-breaking-migrations branch from a9550cc to 1c96542 Compare June 26, 2025 01:49
@auxesis auxesis merged commit 470d997 into main Jun 26, 2025
2 checks passed
@auxesis auxesis deleted the fix/prevent-unsupported-sql-syntax-from-breaking-migrations branch June 26, 2025 02:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@auxesis auxesis auxesis approved these changes

@tobyhede tobyhede tobyhede approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@freshtonic @auxesis @tobyhede