-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
MDEV-31855 validate ssl certificates using client password in the int…
…ernal client port the client-side implementation from C/C to the internal client. add the test.
- Loading branch information
Showing
15 changed files
with
240 additions
and
60 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
# | ||
# MDEV-31855 validate ssl certificates using client password in the internal client | ||
# | ||
# socket ssl ssl-verify-server-cert |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
source include/not_windows.inc; | ||
let $targetdir=$MYSQLTEST_VARDIR/tmp/backup; | ||
|
||
echo #; | ||
echo # MDEV-31855 validate ssl certificates using client password in the internal client; | ||
echo #; | ||
# connects fine, unix socket is a secure transport | ||
echo # socket ssl ssl-verify-server-cert; | ||
exec $XTRABACKUP --protocol=socket --user=root --socket=$MASTER_MYSOCK --backup --target-dir=$targetdir; | ||
rmdir $targetdir; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -75,14 +75,42 @@ Master_SSL_Cert = 'MYSQL_TEST_DIR/std_data/client-cert.pem' | |
Master_SSL_Key = 'MYSQL_TEST_DIR/std_data/client-key.pem' | ||
include/check_slave_is_running.inc | ||
connection master; | ||
create user [email protected] identified by "sslrepl"; | ||
grant replication slave on *.* to [email protected] require ssl; | ||
connection slave; | ||
stop slave; | ||
include/wait_for_slave_to_stop.inc | ||
change master to | ||
master_host="127.0.0.1", | ||
master_user='replssl', | ||
master_password="sslrepl", | ||
master_ssl=1, | ||
master_ssl_verify_server_cert=1, | ||
master_ssl_ca ='', | ||
master_ssl_cert='', | ||
master_ssl_key=''; | ||
start slave; | ||
include/wait_for_slave_to_start.inc | ||
show tables; | ||
Tables_in_test | ||
t1 | ||
connection master; | ||
drop table t1; | ||
connection slave; | ||
show tables; | ||
Tables_in_test | ||
include/stop_slave.inc | ||
CHANGE MASTER TO | ||
master_host="127.0.0.1", | ||
master_user='root', | ||
master_password='', | ||
master_ssl_ca ='', | ||
master_ssl_cert='', | ||
master_ssl_key='', | ||
master_ssl_verify_server_cert=0, | ||
master_ssl=0; | ||
connection master; | ||
drop user [email protected]; | ||
connection slave; | ||
drop user [email protected]; | ||
include/rpl_end.inc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -95,19 +95,47 @@ select * from t1; | |
source include/show_slave_status.inc; | ||
--source include/check_slave_is_running.inc | ||
|
||
# ==== Clean up ==== | ||
# MDEV-31855 validate with master_password | ||
connection master; | ||
create user [email protected] identified by "sslrepl"; | ||
grant replication slave on *.* to [email protected] require ssl; | ||
|
||
connection slave; | ||
stop slave; | ||
--source include/wait_for_slave_to_stop.inc | ||
eval change master to | ||
master_host="127.0.0.1", | ||
master_user='replssl', | ||
master_password="sslrepl", | ||
master_ssl=1, | ||
master_ssl_verify_server_cert=1, | ||
master_ssl_ca ='', | ||
master_ssl_cert='', | ||
master_ssl_key=''; | ||
start slave; | ||
--source include/wait_for_slave_to_start.inc | ||
|
||
show tables; | ||
connection master; | ||
drop table t1; | ||
sync_slave_with_master; | ||
show tables; | ||
|
||
# ==== Clean up ==== | ||
--source include/stop_slave.inc | ||
CHANGE MASTER TO | ||
master_host="127.0.0.1", | ||
master_user='root', | ||
master_password='', | ||
master_ssl_ca ='', | ||
master_ssl_cert='', | ||
master_ssl_key='', | ||
master_ssl_verify_server_cert=0, | ||
master_ssl=0; | ||
connection master; | ||
drop user [email protected]; | ||
connection slave; | ||
drop user [email protected]; | ||
|
||
--let $rpl_only_running_threads= 1 | ||
--source include/rpl_end.inc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.