4493d40a-92aa-4162-9dfc-bfc4ec0996e6
/
polardbxengine
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
polardbxengine/mysql-test/suite/xengine_rpl_basic/t/rpl_ssl1.test

171 lines
5.5 KiB
Plaintext
Raw Permalink Blame History

--source include/not_group_replication_plugin.inc
source include/master-slave.inc;
# We don't test all types of ssl auth params here since it's a bit hard
# until problems with OpenSSL 0.9.7 are unresolved
# creating replication user for whom ssl auth is required
# preparing playground
connection master;
SET SQL_LOG_BIN= 0;
create user replssl@localhost require ssl;
grant replication slave on *.* to replssl@localhost;
SET SQL_LOG_BIN= 1;
create table t1 (t int);
--source include/sync_slave_sql_with_master.inc
#trying to use this user without ssl
stop slave;
--source include/wait_for_slave_to_stop.inc
--replace_column 2 ####
change master to master_user='replssl',master_password='';
start slave;
#showing that replication don't work
--let $slave_io_errno= convert_error(ER_ACCESS_DENIED_ERROR)
--source include/wait_for_slave_io_error.inc
--source include/stop_slave_sql.inc
#showing that replication could work with ssl params
--replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR
--replace_column 2 ####
eval change master to master_ssl=1 , master_ssl_ca ='$MYSQL_TEST_DIR/std_data/cacert.pem', master_ssl_cert='$MYSQL_TEST_DIR/std_data/client-cert.pem', master_ssl_key='$MYSQL_TEST_DIR/std_data/client-key.pem', master_tls_version='TLSv1.2';
start slave;
--source include/wait_for_slave_to_start.inc
#avoiding unneeded sleeps
connection master;
insert into t1 values (1);
--source include/sync_slave_sql_with_master.inc
#checking that replication is ok
select * from t1;
#checking show slave status
let $status_items= Master_SSL_Allowed, Master_SSL_CA_Path, Master_SSL_CA_File, Master_SSL_Cert, Master_SSL_Key, Master_TLS_Version;
source include/show_slave_status.inc;
source include/check_slave_is_running.inc;
#checking if replication works without ssl also performing clean up
stop slave;
--source include/wait_for_slave_to_stop.inc
--replace_column 2 ####
change master to master_user='root',master_password='', master_ssl=0;
start slave;
--source include/wait_for_slave_to_start.inc
connection master;
SET SQL_LOG_BIN= 0;
drop user replssl@localhost;
SET SQL_LOG_BIN= 1;
drop table t1;
--source include/sync_slave_sql_with_master.inc
source include/show_slave_status.inc;
source include/check_slave_is_running.inc;
# End of 4.1 tests
# Start replication with ssl_verify_server_cert turned on
connection slave;
stop slave;
--source include/wait_for_slave_to_stop.inc
--replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR
--replace_column 2 ####
eval change master to
master_host="localhost",
master_ssl=1 ,
master_ssl_ca ='$MYSQL_TEST_DIR/std_data/cacert.pem',
master_ssl_cert='$MYSQL_TEST_DIR/std_data/client-cert.pem',
master_ssl_key='$MYSQL_TEST_DIR/std_data/client-key.pem',
master_ssl_verify_server_cert=1;
start slave;
--source include/wait_for_slave_to_start.inc
connection master;
create table t1 (t int);
insert into t1 values (1);
--source include/sync_slave_sql_with_master.inc
echo on slave;
#checking that replication is ok
select * from t1;
#checking show slave status
source include/show_slave_status.inc;
--source include/check_slave_is_running.inc
# ==== Clean up ====
connection master;
drop table t1;
--source include/sync_slave_sql_with_master.inc
###############################################################################
# BUG#18778485 SSL_VERIFY_SERVER_CERT AUTOMATICALLY SETS TO NO POST RESET SLAVE
# COMMAND
#
# Due to the buggy behaviour, a RESET SLAVE command on the slave server
# reset ssl_verify_server_cert= 0. RESET SLAVE is generally expected to
# delete slave logs and forget the replicaiton positions. This erroneous
# behavior was therefore counterintuitive.
#
# We test the following:
# - The behaviour of ssl_verify_server_cert with RESET SLAVE.
# - Test that neither of STOP SLAVE or START SLAVE affects the value of
# ssl_verify_server_cert.
# - Test that CHANGE MASTER with no ssl_verify_server_cert option doesnt
# affect ssl_verify_server_cert value.
##############################################################################
--source include/stop_slave.inc
--let $assert_cond= "[SHOW SLAVE STATUS, Master_SSL_Verify_Server_Cert, 1]" = "Yes"
--let $assert_text= Master_SSL_Verify_Server_Cert should NOT change on STOP SLAVE.
--source include/assert.inc
--let $log_file= query_get_value(SHOW SLAVE STATUS, Master_Log_File, 1)
--let $log_pos= query_get_value(SHOW SLAVE STATUS, Read_Master_Log_Pos, 1)
RESET SLAVE;
--let $assert_cond= "[SHOW SLAVE STATUS, Master_SSL_Verify_Server_Cert, 1]" = "Yes"
--let $assert_text= Master_SSL_Verify_Server_Cert should NOT change on RESET SLAVE.
--source include/assert.inc
--replace_result $MASTER_MYPORT MASTER_MYPORT
--eval CHANGE MASTER TO MASTER_PORT= $MASTER_MYPORT
--let $assert_cond= "[SHOW SLAVE STATUS, Master_SSL_Verify_Server_Cert, 1]" = "Yes"
--let $assert_text= Master_SSL_Verify_Server_Cert should NOT change on CHANGE MASTER.
--source include/assert.inc
--source include/start_slave.inc
--let $assert_cond= "[SHOW SLAVE STATUS, Master_SSL_Verify_Server_Cert, 1]" = "Yes"
--let $assert_text= Master_SSL_Verify_Server_Cert should NOT change on START SLAVE.
--source include/assert.inc
--connection master
--disable_warnings
DROP TABLE IF EXISTS t1;
--source include/sync_slave_sql_with_master.inc
--enable_warnings
--source include/stop_slave.inc
# Clean change master options.
--replace_column 2 ####
CHANGE MASTER TO
master_host="127.0.0.1",
master_ssl_ca ='',
master_ssl_cert='',
master_ssl_key='',
master_ssl_verify_server_cert=0,
master_ssl=0,
master_tls_version='';
--let $rpl_only_running_threads= 1
--source include/rpl_end.inc
--connection master
--source suite/xengine/include/check_xengine_log_error.inc
Reference in New Issue View Git Blame Copy Permalink