Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-25418

rsync SST does not work with stunnel encryption

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: In Progress (View Workflow)
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 10.2, 10.3, 10.4, 10.5
    • Fix Version/s: 10.6
    • Component/s: Galera SST
    • Labels:
      None

      Description

      Due to number of bugs in rsync SST script it fails to properly start stunnel on donor

      [ ] Clients allowed=3984
      [.] stunnel 5.56 on x86_64-pc-linux-gnu platform
      [.] Compiled with OpenSSL 1.1.1c  28 May 2019
      [.] Running  with OpenSSL 1.1.1f  31 Mar 2020
      [.] Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP
      [ ] errno: (*__errno_location ())
      [!] Invalid configuration file name "127.0.0.2"
      [!] realpath: No such file or directory (2)
      [ ] Deallocating section defaults
      

      and if started would fail to verify peer and abort connection

      2021.04.14 17:45:08 LOG4[0]: CERT: Certificate not found in local repository
      2021.04.14 17:45:08 LOG4[0]: Rejected by CERT at depth=0: C=SE, ST=Stockholm, L=Stockholm, O=Oracle, OU=MySQL, CN=localhost
      2021.04.14 17:45:08 LOG3[0]: SSL_connect: ../ssl/statem/statem_clnt.c:1913: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
      rsync: did not see server greeting
      

        Attachments

          Activity

            People

            Assignee:
            jplindst Jan Lindström
            Reporter:
            Yurchenko Alexey
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: