1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
source include/have_ssl_communication.inc;
source include/master-slave.inc;
# We don't test all types of ssl auth params here since it's a bit hard
# until problems with OpenSSL 0.9.7 are unresolved
# creating replication user for whom ssl auth is required
# preparing playground
connection master;
grant replication slave on *.* to replssl@localhost require ssl;
create table t1 (t int);
save_master_pos;
#syncing with master
connection slave;
sync_with_master;
#trying to use this user without ssl
stop slave;
change master to master_user='replssl',master_password='';
start slave;
#showing that replication don't work
connection master;
insert into t1 values (1);
#reasonable timeout for changes to propagate to slave
let $wait_condition= SELECT COUNT(*) = 1 FROM t1;
source include/wait_condition.inc;
connection slave;
select * from t1;
#showing that replication could work with ssl params
stop slave;
--replace_result $DRIZZLE_TEST_DIR DRIZZLE_TEST_DIR
eval change master to master_ssl=1 , master_ssl_ca ='$DRIZZLE_TEST_DIR/std_data/cacert.pem', master_ssl_cert='$DRIZZLE_TEST_DIR/std_data/client-cert.pem', master_ssl_key='$DRIZZLE_TEST_DIR/std_data/client-key.pem';
start slave;
#avoiding unneeded sleeps
connection master;
save_master_pos;
connection slave;
sync_with_master;
#checking that replication is ok
select * from t1;
#checking show slave status
--replace_result $DRIZZLE_TEST_DIR DRIZZLE_TEST_DIR $MASTER_MYPORT MASTER_MYPORT
--replace_column 1 # 6 # 7 # 8 # 9 # 10 # 11 # 16 # 22 # 23 # 33 # 35 # 36 #
query_vertical show slave status;
#checking if replication works without ssl also performing clean up
stop slave;
change master to master_user='root',master_password='', master_ssl=0;
start slave;
connection master;
drop user replssl@localhost;
drop table t1;
save_master_pos;
connection slave;
sync_with_master;
--replace_result $DRIZZLE_TEST_DIR DRIZZLE_TEST_DIR $MASTER_MYPORT MASTER_MYPORT
--replace_column 1 # 6 # 7 # 8 # 9 # 10 # 11 # 16 # 22 # 23 # 33 # 35 # 36 #
query_vertical show slave status;
# End of 4.1 tests
# Start replication with ssl_verify_server_cert turned on
connection slave;
stop slave;
--replace_result $DRIZZLE_TEST_DIR DRIZZLE_TEST_DIR
eval change master to
master_host="localhost",
master_ssl=1 ,
master_ssl_ca ='$DRIZZLE_TEST_DIR/std_data/cacert.pem',
master_ssl_cert='$DRIZZLE_TEST_DIR/std_data/client-cert.pem',
master_ssl_key='$DRIZZLE_TEST_DIR/std_data/client-key.pem',
master_ssl_verify_server_cert=1;
start slave;
connection master;
create table t1 (t int);
insert into t1 values (1);
sync_slave_with_master;
echo on slave;
#checking that replication is ok
select * from t1;
#checking show slave status
--replace_result $DRIZZLE_TEST_DIR DRIZZLE_TEST_DIR $MASTER_MYPORT MASTER_MYPORT
--replace_column 1 # 6 # 7 # 8 # 9 # 10 # 11 # 16 # 22 # 23 # 33 # 35 # 36 #
query_vertical show slave status;
connection master;
drop table t1;
sync_slave_with_master;
|