mirror of
https://github.com/MariaDB/server.git
synced 2025-02-11 16:05:34 +01:00
04bd6ed44c
Just like in CONC-712, disable hostname checks for connections over unix socket. Even for not self-signed certificates.
30 lines
1.1 KiB
Text
30 lines
1.1 KiB
Text
source include/not_embedded.inc;
|
|
source include/not_windows.inc;
|
|
if (`select @@version_ssl_library not like 'OpenSSL%'`) {
|
|
skip Needs OpenSSL;
|
|
}
|
|
|
|
|
|
--echo #
|
|
--echo # MDEV-35368 Validation of SSL certificate fails for mariadb-backup
|
|
--echo #
|
|
GRANT ALL PRIVILEGES on *.* TO backup_user IDENTIFIED by 'x' REQUIRE SSL;
|
|
let $targetdir=$MYSQLTEST_VARDIR/tmp/backup;
|
|
|
|
let SSL_CERT_DIR=$MYSQL_TMP_DIR;
|
|
copy_file $MYSQL_TEST_DIR/std_data/cacert.pem $MYSQL_TMP_DIR/ed1f42db.0;
|
|
|
|
echo # localhost, not self-signed cert with a wrong hostname: ok;
|
|
exec $XTRABACKUP --user=root --socket=$MASTER_MYSOCK --backup --target-dir=$targetdir;
|
|
rmdir $targetdir;
|
|
|
|
echo # tcp, not self-signed cert with a wrong hostname: fails;
|
|
error 1;
|
|
exec $XTRABACKUP --protocol=tcp --user=root --port=$MASTER_MYPORT --backup --target-dir=$targetdir;
|
|
|
|
echo # tcp, not self-signed cert with a wrong hostname: fails even with a password (no auto-verification);
|
|
error 1;
|
|
exec $XTRABACKUP --protocol=tcp --user=backup_user --password=x --port=$MASTER_MYPORT --backup --target-dir=$targetdir;
|
|
|
|
remove_file $MYSQL_TMP_DIR/ed1f42db.0;
|
|
DROP USER backup_user;
|