[#MDEV-25418] rsync SST does not work with stunnel encryption

[MDEV-25418] rsync SST does not work with stunnel encryption Created: 2021-04-14 Updated: 2022-02-17 Resolved: 2022-02-17
Status:	Closed
Project:	MariaDB Server
Component/s:	Galera SST
Affects Version/s:	10.2, 10.3, 10.4, 10.5
Fix Version/s:	10.6.1, 10.2.39, 10.3.30, 10.4.20, 10.5.11, 10.7.1, 10.8.1

Type:

Bug

Priority:

Major

Reporter:

Alexey

Assignee:

Julius Goryavsky

Resolution:

Fixed

Votes:

Labels:

None

Description

Due to number of bugs in rsync SST script it fails to properly start stunnel on donor

[ ] Clients allowed=3984

[.] stunnel 5.56 on x86_64-pc-linux-gnu platform

[.] Compiled with OpenSSL 1.1.1c  28 May 2019

[.] Running  with OpenSSL 1.1.1f  31 Mar 2020

[.] Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP

[ ] errno: (*__errno_location ())

[!] Invalid configuration file name "127.0.0.2"

[!] realpath: No such file or directory (2)

[ ] Deallocating section defaults

and if started would fail to verify peer and abort connection

2021.04.14 17:45:08 LOG4[0]: CERT: Certificate not found in local repository

2021.04.14 17:45:08 LOG4[0]: Rejected by CERT at depth=0: C=SE, ST=Stockholm, L=Stockholm, O=Oracle, OU=MySQL, CN=localhost

2021.04.14 17:45:08 LOG3[0]: SSL_connect: ../ssl/statem/statem_clnt.c:1913: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

rsync: did not see server greeting

Generated at Thu Feb 08 09:37:33 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-25418] rsync SST does not work with stunnel encryption Created: 2021-04-14 Updated: 2022-02-17 Resolved: 2022-02-17