Skip to content

Commit 30bf0bc

Browse files
sysprgsysprg
committed
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory
1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
1 parent 660cfe4 commit 30bf0bc

19 files changed

+1172
-258
lines changed

mysql-test/std_data/capath/3106f582.0

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
cacert.pem

mysql-test/std_data/capath/cacert.pem

Lines changed: 79 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,79 @@
1+
Certificate:
2+
Data:
3+
Version: 3 (0x2)
4+
Serial Number:
5+
d0:4d:23:85:ee:59:b3:fa
6+
Signature Algorithm: sha256WithRSAEncryption
7+
Issuer: CN=cacert, C=FI, ST=Helsinki, L=Helsinki, O=MariaDB
8+
Validity
9+
Not Before: Jan 27 10:11:10 2019 GMT
10+
Not After : Jan 22 10:11:10 2039 GMT
11+
Subject: CN=cacert, C=FI, ST=Helsinki, L=Helsinki, O=MariaDB
12+
Subject Public Key Info:
13+
Public Key Algorithm: rsaEncryption
14+
Public-Key: (2048 bit)
15+
Modulus:
16+
00:e8:0e:a7:84:d3:75:30:06:30:b2:10:b9:d1:88:
17+
36:2b:5e:f8:c8:44:57:cb:67:72:ab:96:95:33:d5:
18+
88:d1:8f:23:50:98:ba:6d:20:00:80:bd:35:d5:c1:
19+
bf:98:49:c4:0a:15:4a:34:a6:21:9b:2e:8c:15:09:
20+
f0:63:81:02:c2:7c:e2:53:e0:f7:a1:1a:40:5e:8f:
21+
41:4a:4c:56:d4:20:f1:d5:a7:c1:53:2e:ff:7e:37:
22+
17:cc:7e:74:bd:e2:22:33:ce:8c:77:62:a4:c5:3f:
23+
44:35:7b:7e:b9:f5:7d:8c:7a:27:58:fd:2c:42:86:
24+
2e:e7:6b:01:99:7b:fe:7d:a7:a1:4f:3e:39:39:54:
25+
1f:61:de:74:66:d1:77:4f:43:1b:66:70:29:85:de:
26+
fc:8f:8e:1b:7b:a2:66:48:26:7f:9b:a6:fd:4a:e4:
27+
dc:eb:ed:bd:f8:e3:f1:57:98:13:6f:f1:a3:2a:e3:
28+
73:bd:8d:7c:6f:4b:59:35:bc:b5:42:3e:99:a7:13:
29+
8d:be:2e:5c:9a:c6:5b:ab:ae:bf:00:e9:c8:ee:05:
30+
22:8e:d5:67:1a:47:9a:6d:9c:f9:42:3e:15:34:f8:
31+
31:ec:b4:7e:d3:92:95:b0:b8:f9:66:f3:bd:1d:31:
32+
2c:b1:90:62:a1:f8:4e:a6:5d:26:22:f0:e1:fe:16:
33+
2b:69
34+
Exponent: 65537 (0x10001)
35+
X509v3 extensions:
36+
X509v3 Subject Key Identifier:
37+
CA:71:99:89:F0:72:AB:75:66:BB:65:6A:03:04:72:A5:7B:95:A6:93
38+
X509v3 Authority Key Identifier:
39+
keyid:CA:71:99:89:F0:72:AB:75:66:BB:65:6A:03:04:72:A5:7B:95:A6:93
40+
41+
X509v3 Basic Constraints:
42+
CA:TRUE
43+
Signature Algorithm: sha256WithRSAEncryption
44+
df:fd:74:29:5b:5e:9a:8b:09:02:40:59:73:cb:71:47:3f:97:
45+
3d:a9:fd:c4:8c:01:29:c9:86:b8:71:55:ff:72:0e:50:dc:c8:
46+
b5:e6:91:41:52:47:21:30:cc:4d:e7:3b:4b:db:55:ea:7d:46:
47+
eb:53:e0:b7:1b:80:7c:b1:0c:d3:d1:bc:a0:73:ae:96:1f:fd:
48+
05:52:7e:54:d5:03:52:69:7b:34:5f:27:d7:98:da:98:76:73:
49+
e6:bb:50:59:2a:94:90:67:03:1c:a4:76:2f:ee:ef:59:60:09:
50+
48:33:03:2b:52:ed:83:42:f8:71:19:7f:d8:be:40:ed:20:01:
51+
90:3c:7e:1c:8b:d2:9f:f3:2f:09:1f:50:c8:10:e1:8a:d9:a5:
52+
49:9c:0b:74:17:b9:2b:68:f6:1e:73:c2:73:10:38:b3:35:e2:
53+
87:91:1b:a1:d1:9b:81:9d:1b:32:cc:03:6e:4c:82:95:81:11:
54+
42:56:e2:16:2b:22:65:db:40:2c:ca:dc:03:f4:d5:07:cf:f5:
55+
13:b2:cf:51:5b:24:cd:c7:d1:9b:42:8e:f9:df:5d:1e:5a:09:
56+
a3:4f:a9:0b:f4:21:c5:bb:ff:02:93:67:e8:2d:ee:ab:d9:59:
57+
76:03:2c:a1:bd:fb:dc:af:b6:82:94:71:85:53:a8:18:0d:3a:
58+
9e:42:eb:59
59+
-----BEGIN CERTIFICATE-----
60+
MIIDfzCCAmegAwIBAgIJANBNI4XuWbP6MA0GCSqGSIb3DQEBCwUAMFYxDzANBgNV
61+
BAMMBmNhY2VydDELMAkGA1UEBhMCRkkxETAPBgNVBAgMCEhlbHNpbmtpMREwDwYD
62+
VQQHDAhIZWxzaW5raTEQMA4GA1UECgwHTWFyaWFEQjAeFw0xOTAxMjcxMDExMTBa
63+
Fw0zOTAxMjIxMDExMTBaMFYxDzANBgNVBAMMBmNhY2VydDELMAkGA1UEBhMCRkkx
64+
ETAPBgNVBAgMCEhlbHNpbmtpMREwDwYDVQQHDAhIZWxzaW5raTEQMA4GA1UECgwH
65+
TWFyaWFEQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOgOp4TTdTAG
66+
MLIQudGINite+MhEV8tncquWlTPViNGPI1CYum0gAIC9NdXBv5hJxAoVSjSmIZsu
67+
jBUJ8GOBAsJ84lPg96EaQF6PQUpMVtQg8dWnwVMu/343F8x+dL3iIjPOjHdipMU/
68+
RDV7frn1fYx6J1j9LEKGLudrAZl7/n2noU8+OTlUH2HedGbRd09DG2ZwKYXe/I+O
69+
G3uiZkgmf5um/Urk3Ovtvfjj8VeYE2/xoyrjc72NfG9LWTW8tUI+macTjb4uXJrG
70+
W6uuvwDpyO4FIo7VZxpHmm2c+UI+FTT4Mey0ftOSlbC4+WbzvR0xLLGQYqH4TqZd
71+
JiLw4f4WK2kCAwEAAaNQME4wHQYDVR0OBBYEFMpxmYnwcqt1ZrtlagMEcqV7laaT
72+
MB8GA1UdIwQYMBaAFMpxmYnwcqt1ZrtlagMEcqV7laaTMAwGA1UdEwQFMAMBAf8w
73+
DQYJKoZIhvcNAQELBQADggEBAN/9dClbXpqLCQJAWXPLcUc/lz2p/cSMASnJhrhx
74+
Vf9yDlDcyLXmkUFSRyEwzE3nO0vbVep9RutT4LcbgHyxDNPRvKBzrpYf/QVSflTV
75+
A1JpezRfJ9eY2ph2c+a7UFkqlJBnAxykdi/u71lgCUgzAytS7YNC+HEZf9i+QO0g
76+
AZA8fhyL0p/zLwkfUMgQ4YrZpUmcC3QXuSto9h5zwnMQOLM14oeRG6HRm4GdGzLM
77+
A25MgpWBEUJW4hYrImXbQCzK3AP01QfP9ROyz1FbJM3H0ZtCjvnfXR5aCaNPqQv0
78+
IcW7/wKTZ+gt7qvZWXYDLKG9+9yvtoKUcYVTqBgNOp5C61k=
79+
-----END CERTIFICATE-----

mysql-test/std_data/capath/ed1f42db.0

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
cacert.pem

mysql-test/suite/galera/r/galera_sst_rsync_encrypt_with_capath,debug.rdiff

Lines changed: 191 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,191 @@
1+
--- r/galera_sst_rsync_encrypt_with_server.result
2+
+++ r/galera_sst_rsync_encrypt_with_server,debug.reject
3+
@@ -519,4 +519,188 @@
4+
1
5+
DROP TABLE t1;
6+
COMMIT;
7+
+Performing State Transfer on a server that has been killed and restarted
8+
+while a DDL was in progress on it
9+
+connection node_1;
10+
+CREATE TABLE t1 (id int not null primary key,f1 CHAR(255)) ENGINE=InnoDB;
11+
+SET AUTOCOMMIT=OFF;
12+
+START TRANSACTION;
13+
+INSERT INTO t1 VALUES (1,'node1_committed_before');
14+
+INSERT INTO t1 VALUES (2,'node1_committed_before');
15+
+INSERT INTO t1 VALUES (3,'node1_committed_before');
16+
+INSERT INTO t1 VALUES (4,'node1_committed_before');
17+
+INSERT INTO t1 VALUES (5,'node1_committed_before');
18+
+connection node_2;
19+
+START TRANSACTION;
20+
+INSERT INTO t1 VALUES (6,'node2_committed_before');
21+
+INSERT INTO t1 VALUES (7,'node2_committed_before');
22+
+INSERT INTO t1 VALUES (8,'node2_committed_before');
23+
+INSERT INTO t1 VALUES (9,'node2_committed_before');
24+
+INSERT INTO t1 VALUES (10,'node2_committed_before');
25+
+COMMIT;
26+
+SET GLOBAL debug_dbug = 'd,sync.alter_opened_table';
27+
+connection node_1;
28+
+ALTER TABLE t1 ADD COLUMN f2 INTEGER;
29+
+connection node_2;
30+
+SET wsrep_sync_wait = 0;
31+
+Killing server ...
32+
+connection node_1;
33+
+SET AUTOCOMMIT=OFF;
34+
+START TRANSACTION;
35+
+INSERT INTO t1 (id,f1) VALUES (11,'node1_committed_during');
36+
+INSERT INTO t1 (id,f1) VALUES (12,'node1_committed_during');
37+
+INSERT INTO t1 (id,f1) VALUES (13,'node1_committed_during');
38+
+INSERT INTO t1 (id,f1) VALUES (14,'node1_committed_during');
39+
+INSERT INTO t1 (id,f1) VALUES (15,'node1_committed_during');
40+
+COMMIT;
41+
+START TRANSACTION;
42+
+INSERT INTO t1 (id,f1) VALUES (16,'node1_to_be_committed_after');
43+
+INSERT INTO t1 (id,f1) VALUES (17,'node1_to_be_committed_after');
44+
+INSERT INTO t1 (id,f1) VALUES (18,'node1_to_be_committed_after');
45+
+INSERT INTO t1 (id,f1) VALUES (19,'node1_to_be_committed_after');
46+
+INSERT INTO t1 (id,f1) VALUES (20,'node1_to_be_committed_after');
47+
+connect node_1a_galera_st_kill_slave_ddl, 127.0.0.1, root, , test, $NODE_MYPORT_1;
48+
+SET AUTOCOMMIT=OFF;
49+
+START TRANSACTION;
50+
+INSERT INTO t1 (id,f1) VALUES (21,'node1_to_be_rollbacked_after');
51+
+INSERT INTO t1 (id,f1) VALUES (22,'node1_to_be_rollbacked_after');
52+
+INSERT INTO t1 (id,f1) VALUES (23,'node1_to_be_rollbacked_after');
53+
+INSERT INTO t1 (id,f1) VALUES (24,'node1_to_be_rollbacked_after');
54+
+INSERT INTO t1 (id,f1) VALUES (25,'node1_to_be_rollbacked_after');
55+
+connection node_2;
56+
+Performing --wsrep-recover ...
57+
+connection node_2;
58+
+Starting server ...
59+
+Using --wsrep-start-position when starting mysqld ...
60+
+SET AUTOCOMMIT=OFF;
61+
+START TRANSACTION;
62+
+INSERT INTO t1 (id,f1) VALUES (26,'node2_committed_after');
63+
+INSERT INTO t1 (id,f1) VALUES (27,'node2_committed_after');
64+
+INSERT INTO t1 (id,f1) VALUES (28,'node2_committed_after');
65+
+INSERT INTO t1 (id,f1) VALUES (29,'node2_committed_after');
66+
+INSERT INTO t1 (id,f1) VALUES (30,'node2_committed_after');
67+
+COMMIT;
68+
+connection node_1;
69+
+INSERT INTO t1 (id,f1) VALUES (31,'node1_to_be_committed_after');
70+
+INSERT INTO t1 (id,f1) VALUES (32,'node1_to_be_committed_after');
71+
+INSERT INTO t1 (id,f1) VALUES (33,'node1_to_be_committed_after');
72+
+INSERT INTO t1 (id,f1) VALUES (34,'node1_to_be_committed_after');
73+
+INSERT INTO t1 (id,f1) VALUES (35,'node1_to_be_committed_after');
74+
+COMMIT;
75+
+SET AUTOCOMMIT=OFF;
76+
+START TRANSACTION;
77+
+INSERT INTO t1 (id,f1) VALUES (36,'node1_committed_after');
78+
+INSERT INTO t1 (id,f1) VALUES (37,'node1_committed_after');
79+
+INSERT INTO t1 (id,f1) VALUES (38,'node1_committed_after');
80+
+INSERT INTO t1 (id,f1) VALUES (39,'node1_committed_after');
81+
+INSERT INTO t1 (id,f1) VALUES (40,'node1_committed_after');
82+
+COMMIT;
83+
+connection node_1a_galera_st_kill_slave_ddl;
84+
+INSERT INTO t1 (id,f1) VALUES (41,'node1_to_be_rollbacked_after');
85+
+INSERT INTO t1 (id,f1) VALUES (42,'node1_to_be_rollbacked_after');
86+
+INSERT INTO t1 (id,f1) VALUES (43,'node1_to_be_rollbacked_after');
87+
+INSERT INTO t1 (id,f1) VALUES (44,'node1_to_be_rollbacked_after');
88+
+INSERT INTO t1 (id,f1) VALUES (45,'node1_to_be_rollbacked_after');
89+
+ROLLBACK;
90+
+SET AUTOCOMMIT=ON;
91+
+SET SESSION wsrep_sync_wait=15;
92+
+SELECT COUNT(*) AS EXPECT_3 FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = 't1';
93+
+EXPECT_3
94+
+3
95+
+SELECT COUNT(*) AS EXPECT_35 FROM t1;
96+
+EXPECT_35
97+
+35
98+
+SELECT * FROM t1;
99+
+id f1 f2
100+
+1 node1_committed_before NULL
101+
+2 node1_committed_before NULL
102+
+3 node1_committed_before NULL
103+
+4 node1_committed_before NULL
104+
+5 node1_committed_before NULL
105+
+6 node2_committed_before NULL
106+
+7 node2_committed_before NULL
107+
+8 node2_committed_before NULL
108+
+9 node2_committed_before NULL
109+
+10 node2_committed_before NULL
110+
+11 node1_committed_during NULL
111+
+12 node1_committed_during NULL
112+
+13 node1_committed_during NULL
113+
+14 node1_committed_during NULL
114+
+15 node1_committed_during NULL
115+
+16 node1_to_be_committed_after NULL
116+
+17 node1_to_be_committed_after NULL
117+
+18 node1_to_be_committed_after NULL
118+
+19 node1_to_be_committed_after NULL
119+
+20 node1_to_be_committed_after NULL
120+
+26 node2_committed_after NULL
121+
+27 node2_committed_after NULL
122+
+28 node2_committed_after NULL
123+
+29 node2_committed_after NULL
124+
+30 node2_committed_after NULL
125+
+31 node1_to_be_committed_after NULL
126+
+32 node1_to_be_committed_after NULL
127+
+33 node1_to_be_committed_after NULL
128+
+34 node1_to_be_committed_after NULL
129+
+35 node1_to_be_committed_after NULL
130+
+36 node1_committed_after NULL
131+
+37 node1_committed_after NULL
132+
+38 node1_committed_after NULL
133+
+39 node1_committed_after NULL
134+
+40 node1_committed_after NULL
135+
+SELECT COUNT(*) = 0 FROM (SELECT COUNT(*) AS c, f1 FROM t1 GROUP BY f1 HAVING c NOT IN (5, 10)) AS a1;
136+
+COUNT(*) = 0
137+
+1
138+
+COMMIT;
139+
+connection node_1;
140+
+SET AUTOCOMMIT=ON;
141+
+SET SESSION wsrep_sync_wait=15;
142+
+SELECT COUNT(*) AS EXPECT_3 FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = 't1';
143+
+EXPECT_3
144+
+3
145+
+SELECT COUNT(*) AS EXPECT_35 FROM t1;
146+
+EXPECT_35
147+
+35
148+
+SELECT * FROM t1;
149+
+id f1 f2
150+
+1 node1_committed_before NULL
151+
+2 node1_committed_before NULL
152+
+3 node1_committed_before NULL
153+
+4 node1_committed_before NULL
154+
+5 node1_committed_before NULL
155+
+6 node2_committed_before NULL
156+
+7 node2_committed_before NULL
157+
+8 node2_committed_before NULL
158+
+9 node2_committed_before NULL
159+
+10 node2_committed_before NULL
160+
+11 node1_committed_during NULL
161+
+12 node1_committed_during NULL
162+
+13 node1_committed_during NULL
163+
+14 node1_committed_during NULL
164+
+15 node1_committed_during NULL
165+
+16 node1_to_be_committed_after NULL
166+
+17 node1_to_be_committed_after NULL
167+
+18 node1_to_be_committed_after NULL
168+
+19 node1_to_be_committed_after NULL
169+
+20 node1_to_be_committed_after NULL
170+
+26 node2_committed_after NULL
171+
+27 node2_committed_after NULL
172+
+28 node2_committed_after NULL
173+
+29 node2_committed_after NULL
174+
+30 node2_committed_after NULL
175+
+31 node1_to_be_committed_after NULL
176+
+32 node1_to_be_committed_after NULL
177+
+33 node1_to_be_committed_after NULL
178+
+34 node1_to_be_committed_after NULL
179+
+35 node1_to_be_committed_after NULL
180+
+36 node1_committed_after NULL
181+
+37 node1_committed_after NULL
182+
+38 node1_committed_after NULL
183+
+39 node1_committed_after NULL
184+
+40 node1_committed_after NULL
185+
+SELECT COUNT(*) = 0 FROM (SELECT COUNT(*) AS c, f1 FROM t1 GROUP BY f1 HAVING c NOT IN (5, 10)) AS a1;
186+
+COUNT(*) = 0
187+
+1
188+
+DROP TABLE t1;
189+
+COMMIT;
190+
+SET GLOBAL debug_dbug = $debug_orig;
191+
include/assert_grep.inc [Using stunnel for SSL encryption]

0 commit comments

Comments
 (0)