[MDEV-25418] rsync SST does not work with stunnel encryption - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 10.5, 10.2(EOL), 10.3(EOL), 10.4(EOL)
Fix Version/s: 10.6.1, 10.2.39, 10.3.30, 10.4.20, 10.5.11, 10.7.1, 10.8.1
Component/s: Galera SST
Labels:
None

Description

Due to number of bugs in rsync SST script it fails to properly start stunnel on donor

[ ] Clients allowed=3984

[.] stunnel 5.56 on x86_64-pc-linux-gnu platform

[.] Compiled with OpenSSL 1.1.1c  28 May 2019

[.] Running  with OpenSSL 1.1.1f  31 Mar 2020

[.] Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP

[ ] errno: (*__errno_location ())

[!] Invalid configuration file name "127.0.0.2"

[!] realpath: No such file or directory (2)

[ ] Deallocating section defaults

and if started would fail to verify peer and abort connection

2021.04.14 17:45:08 LOG4[0]: CERT: Certificate not found in local repository

2021.04.14 17:45:08 LOG4[0]: Rejected by CERT at depth=0: C=SE, ST=Stockholm, L=Stockholm, O=Oracle, OU=MySQL, CN=localhost

2021.04.14 17:45:08 LOG3[0]: SSL_connect: ../ssl/statem/statem_clnt.c:1913: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

rsync: did not see server greeting

Attachments

Activity

People

Assignee:: Julius Goryavsky

Reporter:: Alexey

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 2021-04-14 14:46

Updated:: 2022-02-17 11:54

Resolved:: 2022-02-17 11:54

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.