| Server IP : 104.21.38.3 / Your IP : 104.23.175.175 Web Server : Apache System : Linux krdc-ubuntu-s-2vcpu-4gb-amd-blr1-01.localdomain 5.15.0-142-generic #152-Ubuntu SMP Mon May 19 10:54:31 UTC 2025 x86_64 User : www ( 1000) PHP Version : 7.4.33 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /www/server/mysql/mysql-test/suite/group_replication/t/ |
Upload File : |
################################################################################ # Base test to verify the basic SSL options functioning and their manipulation # # Basically, it tests those options that require openssl. # # The rest of the tests are done in group_replication_ssl_options # test file. # # Test: # 0. The test requires two servers: M1 and M2. # 1. Set ssl related global variables and do initial setup. # 2. Setup the first member (M1) with a recovery user that requires SSL. # 3. Add some data and bootstrap start a group on M1. # 4. Configure joining member (M2) to use SSL options on recovery. Engage # recovery using the CRL options set. Start GR on M2. # 5. Check the data is there on M2. # 6. Clean up. ################################################################################ --source ../inc/have_group_replication_plugin.inc --let $rpl_skip_group_replication_start= 1 --source ../inc/group_replication.inc --source include/have_openssl.inc ## ## Global variables and initial setup ## --let $tmpdir_name=`SELECT UUID()` --let $tmpdir=$MYSQLTEST_VARDIR/tmp/$tmpdir_name --let $CERTDIR_LOCATION=$tmpdir/certs --let $CADIR_LOCATION=$tmpdir/certs/cacerts --let $CRLDIR_LOCATION=$tmpdir/certs/crldir --error 0, 1 --rmdir $CADIR_LOCATION --error 0, 1 --rmdir $CERTDIR_LOCATION --error 0, 1 --rmdir $CRLDIR_LOCATION --error 0, 1 --rmdir $tmpdir --mkdir $tmpdir --mkdir $CERTDIR_LOCATION --mkdir $CADIR_LOCATION --mkdir $CRLDIR_LOCATION --copy_file $MYSQL_TEST_DIR/std_data/crl-ca-cert.pem $CADIR_LOCATION/crl-ca-cert.pem --copy_file $MYSQL_TEST_DIR/std_data/crl-client-cert.pem $CERTDIR_LOCATION/crl-client-cert.pem --copy_file $MYSQL_TEST_DIR/std_data/crl-client-key.pem $CERTDIR_LOCATION/crl-client-key.pem --copy_file $MYSQL_TEST_DIR/std_data/crl-client-revoked.crl $CRLDIR_LOCATION/crl-client-revoked.crl ## ## End of setup ## --echo # --echo # Setup the first member with a recovery user that requires SSL --echo # --connection server1 --echo server1 # create a user for replication that requires ssl encryption set session sql_log_bin=0; CREATE USER 'rec_ssl_user'@'%' REQUIRE SSL; GRANT replication slave ON *.* TO 'rec_ssl_user'@'%'; set session sql_log_bin=1; --echo # --echo # Add some data and start the first member --echo # CREATE TABLE t1 (c1 INT NOT NULL PRIMARY KEY) ENGINE=InnoDB; INSERT INTO t1 VALUES (1); --source ../inc/start_and_bootstrap_group_replication.inc --connection server2 --echo server2 --let $conf_rec_use_ssl= `SELECT @@GLOBAL.group_replication_recovery_use_ssl;` --let $conf_rec_ssl_ca= `SELECT @@GLOBAL.group_replication_recovery_ssl_ca;` --let $conf_rec_ssl_capath= `SELECT @@GLOBAL.group_replication_recovery_ssl_capath;` --let $conf_rec_ssl_cert= `SELECT @@GLOBAL.group_replication_recovery_ssl_cert;` --let $conf_rec_ssl_key= `SELECT @@GLOBAL.group_replication_recovery_ssl_key;` --let $conf_rec_ssl_crl= `SELECT @@GLOBAL.group_replication_recovery_ssl_crl;` --let $conf_rec_ssl_crlpath= `SELECT @@GLOBAL.group_replication_recovery_ssl_crlpath;` ## ## Engage recovery using the CRL options set ## SET GLOBAL group_replication_recovery_use_ssl=1; --replace_result $tmpdir TMPDIR --eval SET GLOBAL group_replication_recovery_ssl_ca= '$CADIR_LOCATION/crl-ca-cert.pem' --replace_result $tmpdir TMPDIR --eval SET GLOBAL group_replication_recovery_ssl_capath= '' --replace_result $tmpdir TMPDIR --eval SET GLOBAL group_replication_recovery_ssl_cert= '$CERTDIR_LOCATION/crl-client-cert.pem' --replace_result $tmpdir TMPDIR --eval SET GLOBAL group_replication_recovery_ssl_key= '$CERTDIR_LOCATION/crl-client-key.pem' --replace_result $tmpdir TMPDIR --eval SET GLOBAL group_replication_recovery_ssl_crl= '$CRLDIR_LOCATION/crl-client-revoked.crl' --replace_result $tmpdir TMPDIR --eval SET GLOBAL group_replication_recovery_ssl_crlpath= '$CRLDIR_LOCATION' --source include/start_group_replication.inc --echo # --echo # Check the data is there --echo # --source include/rpl_sync.inc --let $assert_text= On the recovered member, the table should exist and have 1 elements; --let $assert_cond= [SELECT COUNT(*) FROM t1] = 1; --source include/assert.inc --echo # --echo # Clean up --echo # # No need to print this to the result file --disable_result_log --eval SET @@GLOBAL.group_replication_recovery_use_ssl= $conf_rec_use_ssl --eval SET @@GLOBAL.group_replication_recovery_ssl_ca= "$conf_rec_ssl_ca" --eval SET @@GLOBAL.group_replication_recovery_ssl_capath= "$conf_rec_ssl_ca" --eval SET @@GLOBAL.group_replication_recovery_ssl_cert= "$conf_rec_ssl_cert" --eval SET @@GLOBAL.group_replication_recovery_ssl_key= "$conf_rec_ssl_key" --eval SET @@GLOBAL.group_replication_recovery_ssl_crl= "$conf_rec_ssl_crl" --eval SET @@GLOBAL.group_replication_recovery_ssl_crlpath= "$conf_rec_ssl_crlpath" --enable_result_log --connection server1 --echo server1 set session sql_log_bin=0; DROP USER 'rec_ssl_user'; set session sql_log_bin=1; DROP TABLE t1; # # Finally remove the temporary directory # --error 0, 1 --rmdir $tmpdir --source ../inc/group_replication_end.inc