| Current Path : /home/usr.opt/mysql57/mysql-test/suite/rpl/t/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
| Current File : //home/usr.opt/mysql57/mysql-test/suite/rpl/t/rpl_ssl1.test |
--source include/not_group_replication_plugin.inc source include/have_ssl_communication.inc; source include/master-slave.inc; # We don't test all types of ssl auth params here since it's a bit hard # until problems with OpenSSL 0.9.7 are unresolved # creating replication user for whom ssl auth is required # preparing playground connection master; SET SQL_LOG_BIN= 0; set @orig_sql_mode= @@sql_mode; set sql_mode= (select replace(@@sql_mode,'NO_AUTO_CREATE_USER','')); grant replication slave on *.* to replssl@localhost require ssl; set sql_mode= @orig_sql_mode; SET SQL_LOG_BIN= 1; create table t1 (t int); --source include/sync_slave_sql_with_master.inc #trying to use this user without ssl stop slave; --source include/wait_for_slave_to_stop.inc --replace_column 2 #### change master to master_user='replssl',master_password=''; start slave; #showing that replication don't work --let $slave_io_errno= convert_error(ER_ACCESS_DENIED_ERROR) --source include/wait_for_slave_io_error.inc --source include/stop_slave_sql.inc #showing that replication could work with ssl params --replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR --replace_column 2 #### eval change master to master_ssl=1 , master_ssl_ca ='$MYSQL_TEST_DIR/std_data/cacert.pem', master_ssl_cert='$MYSQL_TEST_DIR/std_data/client-cert.pem', master_ssl_key='$MYSQL_TEST_DIR/std_data/client-key.pem', master_tls_version='TLSv1.1'; start slave; --source include/wait_for_slave_to_start.inc #avoiding unneeded sleeps connection master; insert into t1 values (1); --source include/sync_slave_sql_with_master.inc #checking that replication is ok select * from t1; #checking show slave status let $status_items= Master_SSL_Allowed, Master_SSL_CA_Path, Master_SSL_CA_File, Master_SSL_Cert, Master_SSL_Key, Master_TLS_Version; source include/show_slave_status.inc; source include/check_slave_is_running.inc; #checking if replication works without ssl also performing clean up stop slave; --source include/wait_for_slave_to_stop.inc --replace_column 2 #### change master to master_user='root',master_password='', master_ssl=0; start slave; --source include/wait_for_slave_to_start.inc connection master; SET SQL_LOG_BIN= 0; drop user replssl@localhost; SET SQL_LOG_BIN= 1; drop table t1; --source include/sync_slave_sql_with_master.inc source include/show_slave_status.inc; source include/check_slave_is_running.inc; # End of 4.1 tests # Start replication with ssl_verify_server_cert turned on connection slave; stop slave; --source include/wait_for_slave_to_stop.inc --replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR --replace_column 2 #### eval change master to master_host="localhost", master_ssl=1 , master_ssl_ca ='$MYSQL_TEST_DIR/std_data/cacert.pem', master_ssl_cert='$MYSQL_TEST_DIR/std_data/client-cert.pem', master_ssl_key='$MYSQL_TEST_DIR/std_data/client-key.pem', master_ssl_verify_server_cert=1; start slave; --source include/wait_for_slave_to_start.inc connection master; create table t1 (t int); insert into t1 values (1); --source include/sync_slave_sql_with_master.inc echo on slave; #checking that replication is ok select * from t1; #checking show slave status source include/show_slave_status.inc; --source include/check_slave_is_running.inc # ==== Clean up ==== connection master; drop table t1; --source include/sync_slave_sql_with_master.inc ############################################################################### # BUG#18778485 SSL_VERIFY_SERVER_CERT AUTOMATICALLY SETS TO NO POST RESET SLAVE # COMMAND # # Due to the buggy behaviour, a RESET SLAVE command on the slave server # reset ssl_verify_server_cert= 0. RESET SLAVE is generally expected to # delete slave logs and forget the replicaiton positions. This erroneous # behavior was therefore counterintuitive. # # We test the following: # - The behaviour of ssl_verify_server_cert with RESET SLAVE. # - Test that neither of STOP SLAVE or START SLAVE affects the value of # ssl_verify_server_cert. # - Test that CHANGE MASTER with no ssl_verify_server_cert option doesnt # affect ssl_verify_server_cert value. ############################################################################## --source include/stop_slave.inc --let $assert_cond= "[SHOW SLAVE STATUS, Master_SSL_Verify_Server_Cert, 1]" = "Yes" --let $assert_text= Master_SSL_Verify_Server_Cert should NOT change on STOP SLAVE. --source include/assert.inc --let $log_file= query_get_value(SHOW SLAVE STATUS, Master_Log_File, 1) --let $log_pos= query_get_value(SHOW SLAVE STATUS, Read_Master_Log_Pos, 1) RESET SLAVE; --let $assert_cond= "[SHOW SLAVE STATUS, Master_SSL_Verify_Server_Cert, 1]" = "Yes" --let $assert_text= Master_SSL_Verify_Server_Cert should NOT change on RESET SLAVE. --source include/assert.inc --replace_result $MASTER_MYPORT MASTER_MYPORT --eval CHANGE MASTER TO MASTER_PORT= $MASTER_MYPORT --let $assert_cond= "[SHOW SLAVE STATUS, Master_SSL_Verify_Server_Cert, 1]" = "Yes" --let $assert_text= Master_SSL_Verify_Server_Cert should NOT change on CHANGE MASTER. --source include/assert.inc --source include/start_slave.inc --let $assert_cond= "[SHOW SLAVE STATUS, Master_SSL_Verify_Server_Cert, 1]" = "Yes" --let $assert_text= Master_SSL_Verify_Server_Cert should NOT change on START SLAVE. --source include/assert.inc --connection master --disable_warnings DROP TABLE IF EXISTS t1; --source include/sync_slave_sql_with_master.inc --enable_warnings --source include/stop_slave.inc # Clean change master options. --replace_column 2 #### CHANGE MASTER TO master_host="127.0.0.1", master_ssl_ca ='', master_ssl_cert='', master_ssl_key='', master_ssl_verify_server_cert=0, master_ssl=0, master_tls_version=''; --let $rpl_only_running_threads= 1 --source include/rpl_end.inc