[MDEV-28239] rsync and mariabackup SST scripts handle sst ssl_mode option differently - Jira

XML

Word

Printable

Details

Type: Bug
Status: Stalled (View Workflow)
Priority: Minor
Resolution: Unresolved
Affects Version/s: 10.7.3, 10.8.2
Fix Version/s: 10.11
Component/s: Galera, Galera SST, SSL
Labels:
None

Description

The wsrep_sst_rsync script checks four different ssl_mode settings:

DISABLED (or unset) - do not use encryption
REQUIRED - make sure encryption is used
VERIFY_CA and VERIFY_IDENTITY set different certificate verification modes

A closer look at the SST scripts though shows that only the rsync scripts treats both VERIFY modes as different, while the mariabackup script just enables general verification when seeing a mode starting with VERIFY, not checking the rest of the string then and so not making a difference between VERIFY_CA and VERIFY_IDENTITY

Attachments

Activity

People

Assignee:: Julius Goryavsky

Reporter:: Hartmut Holzgraefe

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2022-04-04 11:46

Updated:: 2023-11-28 11:09

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.