File: gr_ssl_mode.test

package info (click to toggle)
mysql-8.0 8.0.43-3
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 1,273,924 kB
  • sloc: cpp: 4,684,605; ansic: 412,450; pascal: 108,398; java: 83,641; perl: 30,221; cs: 27,067; sql: 26,594; sh: 24,181; python: 21,816; yacc: 17,169; php: 11,522; xml: 7,388; javascript: 7,076; makefile: 2,194; lex: 1,075; awk: 670; asm: 520; objc: 183; ruby: 97; lisp: 86
file content (132 lines) | stat: -rw-r--r-- 5,074 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
 
#
# Validate that Group Replication ssl mode works properly.
#
# Steps:
#   1. Start one member with GCS SSL enabled.
#   2. Start a second member with GCS SSL disabled, the member
#      will fail to join the group.
#   3. Start the second member with GCS SSL enabled, the member
#      will be able to join the group.
#   4. Start the second member with GCS SSL enabled and
#      validating server certificate against the CA, the
#      member will be able to join the group.
#   5. Start the second member with GCS SSL enabled and
#      validating server certificate against the CA plus
#      validating that server hostname matches server
#      certificate hostname, the member will be able to join
#      the group.
#   6. Clean up.
#
--source include/big_test.inc
--source include/have_group_replication_xcom_communication_stack.inc
--source include/have_group_replication_plugin.inc
--let $rpl_skip_group_replication_start= 1
--source include/group_replication.inc


--echo
--echo ############################################################
--echo # 1. Start one member with GCS SSL enabled.
--let $rpl_connection_name= server1
--source include/rpl_connection.inc
SET @group_replication_ssl_mode_save= @@GLOBAL.group_replication_ssl_mode;
SET GLOBAL group_replication_ssl_mode= REQUIRED;
--source include/start_and_bootstrap_group_replication.inc

--let $grep_file= $MYSQLTEST_VARDIR/tmp/group_replication_ssl_mode.1.err
--let $grep_pattern= Group communication SSL configuration: group_replication_ssl_mode: "REQUIRED"
--let $grep_output= print_count
--source include/grep_pattern.inc


--echo
--echo ############################################################
--echo # 2. Start a second member with GCS SSL disabled, the member
--echo #    will fail to join the group.
--let $rpl_connection_name= server2
--source include/rpl_connection.inc
--disable_query_log
--eval SET GLOBAL group_replication_group_name= '$group_replication_group_name'
--enable_query_log

SET @group_replication_ssl_mode_save= @@GLOBAL.group_replication_ssl_mode;
SET GLOBAL group_replication_ssl_mode= DISABLED;
--error ER_GROUP_REPLICATION_CONFIGURATION
START GROUP_REPLICATION;

--let $grep_file= $MYSQLTEST_VARDIR/tmp/group_replication_ssl_mode.2.err
--let $grep_pattern= Group communication SSL configuration: group_replication_ssl_mode: "DISABLED"
--let $grep_output= print_count
--source include/grep_pattern.inc


--echo
--echo ############################################################
--echo # 3. Start the second member with GCS SSL enabled, the member
--echo #    will be able to join the group.
SET GLOBAL group_replication_ssl_mode= REQUIRED;
--source include/start_group_replication.inc

--let $group_replication_number_of_members= 2
--source include/gr_wait_for_number_of_members.inc

--let $grep_file= $MYSQLTEST_VARDIR/tmp/group_replication_ssl_mode.2.err
--let $grep_pattern= Group communication SSL configuration: group_replication_ssl_mode: "REQUIRED"
--let $grep_output= print_count
--source include/grep_pattern.inc

--source include/stop_group_replication.inc


--echo
--echo ############################################################
--echo # 4. Start the second member with GCS SSL enabled and
--echo #    validating server certificate against the CA, the
--echo #    member will be able to join the group.
SET GLOBAL group_replication_ssl_mode= VERIFY_CA;
--source include/start_group_replication.inc

--let $group_replication_number_of_members= 2
--source include/gr_wait_for_number_of_members.inc

--let $grep_file= $MYSQLTEST_VARDIR/tmp/group_replication_ssl_mode.2.err
--let $grep_pattern= Group communication SSL configuration: group_replication_ssl_mode: "VERIFY_CA"
--let $grep_output= print_count
--source include/grep_pattern.inc

--source include/stop_group_replication.inc


--echo
--echo ############################################################
--echo # 5. Start the second member with GCS SSL enabled and
--echo #    validating server certificate against the CA plus
--echo #    validating that server hostname matches server
--echo #    certificate hostname, the member will be able to join
--echo #    the group.
SET GLOBAL group_replication_ssl_mode= VERIFY_IDENTITY;
--source include/start_group_replication.inc

--let $group_replication_number_of_members= 2
--source include/gr_wait_for_number_of_members.inc

--let $grep_file= $MYSQLTEST_VARDIR/tmp/group_replication_ssl_mode.2.err
--let $grep_pattern= Group communication SSL configuration: group_replication_ssl_mode: "VERIFY_IDENTITY"
--let $grep_output= print_count
--source include/grep_pattern.inc

--source include/stop_group_replication.inc


--echo
--echo ############################################################
--echo # 6. Clean up.
--let $rpl_connection_name= server1
--source include/rpl_connection.inc
SET GLOBAL group_replication_ssl_mode= @group_replication_ssl_mode_save;

--let $rpl_connection_name= server2
--source include/rpl_connection.inc
SET GLOBAL group_replication_ssl_mode= @group_replication_ssl_mode_save;

--source include/group_replication_end.inc