From 5100e9b1aad9c494e3a7e237c8563cec30c1136b Mon Sep 17 00:00:00 2001 From: Sveta Smirnova Date: Wed, 30 Jul 2025 17:18:38 +0300 Subject: [PATCH] PT-191 - add ssl options to DSN - Updated ssl tests, so they test option --mysql_ssl and DSN --- t/pt-archiver/ssl.t | 29 ++++++++++++++++++++++ t/pt-config-diff/ssl.t | 27 +++++++++++++++++++++ t/pt-deadlock-logger/ssl.t | 27 +++++++++++++++++++++ t/pt-duplicate-key-checker/ssl.t | 27 +++++++++++++++++++++ t/pt-find/ssl.t | 30 +++++++++++++++++++++-- t/pt-fk-error-logger/ssl.t | 27 +++++++++++++++++++++ t/pt-heartbeat/ssl.t | 27 +++++++++++++++++++++ t/pt-index-usage/ssl.t | 41 ++++++++++++++++++++++++++++++++ t/pt-kill/ssl.t | 36 +++++++++++++++++++++++++++- t/pt-online-schema-change/ssl.t | 30 +++++++++++++++++++++++ t/pt-query-digest/ssl.t | 27 +++++++++++++++++++++ t/pt-replica-find/ssl.t | 26 ++++++++++++++++++++ t/pt-replica-restart/ssl.t | 20 ++++++++++++++++ t/pt-show-grants/ssl.t | 28 ++++++++++++++++++++++ t/pt-table-checksum/ssl.t | 35 ++++++++++++++++++++++++++- t/pt-table-sync/ssl.t | 27 ++++++++++++++++++++- t/pt-table-usage/ssl.t | 28 +++++++++++++++++++++- t/pt-upgrade/ssl.t | 29 ++++++++++++++++++++++ t/pt-variable-advisor/ssl.t | 24 +++++++++++++++++++ 19 files changed, 539 insertions(+), 6 deletions(-) diff --git a/t/pt-archiver/ssl.t b/t/pt-archiver/ssl.t index 939ee92a..54de6e2b 100644 --- a/t/pt-archiver/ssl.t +++ b/t/pt-archiver/ssl.t @@ -83,6 +83,35 @@ like( 'Queries printed' ) or diag($output); +($output, $exit_code) = full_output( + sub { + pt_archiver::main('--source=t=film', + qw(--host 127.1 --port 12345 -D sakila), + qw(--user sha256_user --password sha256_user%password --mysql_ssl 1), + qw(--no-check-charset --purge --dry-run --port 12345), + "--where", "film_id < 100") + }, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password and option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +like( + $output, + qr/DELETE FROM `sakila`.`film` WHERE/, + 'Queries printed with option --mysql_ssl' +) or diag($output); + ($output, $exit_code) = full_output( sub { pt_archiver::main('--source', "F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=1", diff --git a/t/pt-config-diff/ssl.t b/t/pt-config-diff/ssl.t index 27f20ea1..46c47224 100644 --- a/t/pt-config-diff/ssl.t +++ b/t/pt-config-diff/ssl.t @@ -80,6 +80,33 @@ is( "No output when no diff" ) or diag($output); +($output, $exit_code) = full_output( + sub { pt_config_diff::main( + qw(--host 127.1 --port 12345 --user sha256_user), + qw(--password sha256_user%password --mysql_ssl 1), + 'h=127.1') + }, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password and option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +is( + $output, + "", + "No output when no diff and option --mysql_ssl" +) or diag($output); + ($output, $exit_code) = full_output( sub { pt_config_diff::main("F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1", 'h=127.1') diff --git a/t/pt-deadlock-logger/ssl.t b/t/pt-deadlock-logger/ssl.t index 679cbe46..58198567 100644 --- a/t/pt-deadlock-logger/ssl.t +++ b/t/pt-deadlock-logger/ssl.t @@ -165,6 +165,33 @@ like( 'Deadlock logger prints the output' ) or diag($output); +($output, $exit_code) = full_output( + sub { + pt_deadlock_logger::main( + qw(--host 127.1 --port 12345 --user sha256_user), + qw(--password sha256_user%password --mysql_ssl 1), + qw(--iterations 1)); + }, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +like( + $output, + qr/127\.1.+msandbox.+GEN_CLUST_INDEX/, + 'Deadlock logger prints the output with option --mysql_ssl' +) or diag($output); ($output, $exit_code) = full_output( sub { pt_deadlock_logger::main("F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=1", diff --git a/t/pt-duplicate-key-checker/ssl.t b/t/pt-duplicate-key-checker/ssl.t index 7d244576..d79d9abe 100644 --- a/t/pt-duplicate-key-checker/ssl.t +++ b/t/pt-duplicate-key-checker/ssl.t @@ -93,6 +93,33 @@ if ($sandbox_version ge '8.0') { ); } +$output = `$cmd -d mysql -t columns_priv -v --host 127.1 --port 12345 --user sha256_user --password=sha256_user%password --mysql_ssl=1`; + +is( + $?, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl=1" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl=1' +) or diag($output); + +# In version 8.0 order of columns in the index changed +if ($sandbox_version ge '8.0') { + like($output, + qr/PRIMARY \(`Host`,`User`,`Db`,`Table_name`,`Column_name`\)/, + 'Finds mysql.columns_priv PK with option --mysql_ssl=1' + ); +} else { + like($output, + qr/PRIMARY \(`Host`,`Db`,`User`,`Table_name`,`Column_name`\)/, + 'Finds mysql.columns_priv PKi with option --mysql_ssl=1' + ); +} + $output = `$cmd -d mysql -t columns_priv -v F=t/pt-archiver/samples/pt-191.cnf,P=12345,u=sha256_user,p=sha256_user%password,s=1 2>&1`; is( diff --git a/t/pt-find/ssl.t b/t/pt-find/ssl.t index dadd3fcb..eee18d4f 100644 --- a/t/pt-find/ssl.t +++ b/t/pt-find/ssl.t @@ -48,7 +48,7 @@ isnt( like( $output, qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, - 'Secure connection error raised when no SSL connection used' + 'No secure connection error raised when SSL connection used' ) or diag($output); $output = `$cmd -F $cnf --host=127.0.0.1 --port=12345 mysql --tblregex column --user=sha256_user --password=sha256_user%password --mysql_ssl=1 2>&1`; @@ -56,7 +56,7 @@ $output = `$cmd -F $cnf --host=127.0.0.1 --port=12345 mysql --tblregex column -- is( $?, 0, - "Error raised when SSL connection is not used" + "Error not raised when SSL connection is used" ) or diag($output); unlike( @@ -67,6 +67,32 @@ unlike( like($output, qr/`mysql`.`columns_priv`/, 'Found mysql.columns_priv'); +$dbh->do('CREATE DATABASE IF NOT EXISTS test'); +$dbh->do('CREATE TABLE test.pt_find_ssl(cnt INT)'); + +$output = `$cmd -F $cnf --host=127.0.0.1 --port=12345 mysql --tblregex column --user=sha256_user --password=sha256_user%password --mysql_ssl=1 --exec-dsn=h=127.1,P=12346,u=sha256_user,p=sha256_user%password,s=1 --exec-plus "INSERT INTO test.pt_find_ssl() SELECT COUNT(*) FROM %s" 2>&1`; + +is( + $?, + 0, + "Error not raised when SSL connection is used with DSN" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error raised when SSL connection used with DSN' +) or diag($output); + +$output = `/tmp/12346/use -N -e "SELECT COUNT(*) FROM test.pt_find_ssl"`; +chomp($output); + +is( + $output, + 1, + 'DSN option s works with pt-find' +) or diag($output); + $output = `$cmd -F t/pt-archiver/samples/pt-191.cnf --host=127.0.0.1 --port=12345 mysql --tblregex column --user=sha256_user --password=sha256_user%password --mysql_ssl=1 2>&1`; is( diff --git a/t/pt-fk-error-logger/ssl.t b/t/pt-fk-error-logger/ssl.t index fea0291a..c7b23443 100644 --- a/t/pt-fk-error-logger/ssl.t +++ b/t/pt-fk-error-logger/ssl.t @@ -95,6 +95,33 @@ like( "Prints fk error by default" ); +($output, $exit_code) = full_output( + sub { + pt_fk_error_logger::main(@args, 'h=127.1', + qw(--port 12345 --user sha256_user), + qw(--password sha256_user%password --mysql_ssl 1)) + }, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password with option mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option mysql_ssl' +) or diag($output); + +like( + $output, + qr/Foreign key constraint fails/, + "Prints fk error by default with option mysql_ssl" +); + ($output, $exit_code) = full_output( sub { pt_fk_error_logger::main(@args, 'F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1'), diff --git a/t/pt-heartbeat/ssl.t b/t/pt-heartbeat/ssl.t index 7149d3b2..22582f57 100644 --- a/t/pt-heartbeat/ssl.t +++ b/t/pt-heartbeat/ssl.t @@ -89,6 +89,33 @@ is( "Automatically inserts heartbeat row (issue 1292)" ); +($output, $exit_code) = full_output( + sub { pt_heartbeat::main( + qw(--host 127.1 --port 12345 --user sha256_user), + qw(--password sha256_user%password --mysql_ssl=1), + qw(-D test --check)) }, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +$row = $dbh->selectall_hashref('select * from test.heartbeat', 'id'); +is( + $row->{1}->{id}, + 1, + "Automatically inserts heartbeat row (issue 1292) with option --mysql_ssl" +); + ($output, $exit_code) = full_output( sub { pt_heartbeat::main("F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1", qw(-D test --check)) }, diff --git a/t/pt-index-usage/ssl.t b/t/pt-index-usage/ssl.t index a880b2ce..9db86c48 100644 --- a/t/pt-index-usage/ssl.t +++ b/t/pt-index-usage/ssl.t @@ -39,6 +39,7 @@ $sb->do_as_root( 'source', q/CREATE USER IF NOT EXISTS sha256_user@'%' IDENTIFIED WITH caching_sha2_password BY 'sha256_user%password' REQUIRE SSL/, q/GRANT ALL ON sakila.* TO sha256_user@'%'/, + q/GRANT ALL ON test.* TO sha256_user@'%'/, ); # This query doesn't use indexes so there's an unused PK and @@ -95,6 +96,46 @@ like( 'A simple query that does not use any indexes', ) or diag($output); +($output, $exit_code) = full_output( + sub { + pt_index_usage::main( + @args, + qw(--host=127.1 --port=12345 --user=sha256_user --password=sha256_user%password --mysql_ssl=1), + qw(--create-save-results-database), + '--save-results-database=h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1,D=test', + "$trunk/$samples/slow001.txt") + }, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password via DSN" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with DSN' +) or diag($output); + +$output = `/tmp/12345/use -N -e "SHOW TABLES FROM test"`; + +my $expected = < "Requires MySQL 8.0 or newer"; } else { - plan tests => 10; + plan tests => 13; } my ($output, $exit_code); @@ -91,6 +91,40 @@ ok( "There were 2 to 5 captures" ) or diag($output); +# Shell out to a sleep(10) query and try to capture the query. +# Backticks don't work here. +system("/tmp/12345/use -e 'select sleep(5)' >/dev/null &"); + +$output = `$cmd --host 127.1 --port 12345 --user sha256_user --password=sha256_user%password --mysql_ssl 1 --busy-time 1s --print --run-time 10 2>&1`; + +is( + $?, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +# $output ought to be something like +# 2009-05-27T22:19:40 KILL 5 (Query 1 sec) select sleep(10) +# 2009-05-27T22:19:41 KILL 5 (Query 2 sec) select sleep(10) +# 2009-05-27T22:19:42 KILL 5 (Query 3 sec) select sleep(10) +# 2009-05-27T22:19:43 KILL 5 (Query 4 sec) select sleep(10) +# 2009-05-27T22:19:44 KILL 5 (Query 5 sec) select sleep(10) +# 2009-05-27T22:19:45 KILL 5 (Query 6 sec) select sleep(10) +# 2009-05-27T22:19:46 KILL 5 (Query 7 sec) select sleep(10) +# 2009-05-27T22:19:47 KILL 5 (Query 8 sec) select sleep(10) +# 2009-05-27T22:19:48 KILL 5 (Query 9 sec) select sleep(10) +@times = $output =~ m/\(Query (\d+) sec\)/g; +ok( + @times > 2 && @times < 7, + "There were 2 to 5 captures with option --mysql_ssl" +) or diag($output); + $output = `$cmd F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1 --busy-time 1s --print --run-time 10 2>&1`; is( diff --git a/t/pt-online-schema-change/ssl.t b/t/pt-online-schema-change/ssl.t index 20b5008a..584d0a42 100644 --- a/t/pt-online-schema-change/ssl.t +++ b/t/pt-online-schema-change/ssl.t @@ -106,6 +106,36 @@ like( # Restoring environment for the new test $sb->load_file('source', "$sample/del-trg-bug-1103672.sql"); +($output, $exit_code) = full_output( + sub { pt_online_schema_change::main(@args, + "$source_dsn,D=test,t=t1", + qw(--user sha256_user --password sha256_user%password --mysql_ssl 1), + "--alter", "drop primary key, add column _id int unsigned not null primary key auto_increment FIRST", + qw(--execute --no-check-alter)), + }, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +like( + $output, + qr/Successfully altered `test`.`t1`/, + "DROP PRIMARY KEY with option --mysql_ssl" +); + +# Restoring environment for the new test +$sb->load_file('source', "$sample/del-trg-bug-1103672.sql"); + ($output, $exit_code) = full_output( sub { pt_online_schema_change::main(@args, "$source_dsn,F=t/pt-archiver/samples/pt-191.cnf,D=test,t=t1,u=sha256_user,p=sha256_user%password,s=1", diff --git a/t/pt-query-digest/ssl.t b/t/pt-query-digest/ssl.t index 5ed8868b..4654974c 100644 --- a/t/pt-query-digest/ssl.t +++ b/t/pt-query-digest/ssl.t @@ -84,6 +84,33 @@ like( 'Analysis printed' ) or diag($output); +($output, $exit_code) = full_output( + sub { + pt_query_digest::main("--explain=h=127.1,P=12345,u=sha256_user,p=sha256_user%password", + qw(--mysql_ssl 1), + "$samples/slow028.txt") + }, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +like( + $output, + qr/Query size 24 24 24 24 24 0 24/, + 'Analysis printed with option --mysql_ssl' +) or diag($output); + ($output, $exit_code) = full_output( sub { pt_query_digest::main("--explain=F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1", diff --git a/t/pt-replica-find/ssl.t b/t/pt-replica-find/ssl.t index dc6492ff..b9e92cbb 100644 --- a/t/pt-replica-find/ssl.t +++ b/t/pt-replica-find/ssl.t @@ -89,6 +89,32 @@ EOF is($output, $expected, 'Source with replica and replica of replica'); +$output = `$trunk/bin/pt-replica-find --host=127.1 --port=12345 --user=sha256_user --password=sha256_user%password --mysql_ssl=1 --report-format hostname 2>&1`; + +is( + $?, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +$expected = <&1`; is( diff --git a/t/pt-replica-restart/ssl.t b/t/pt-replica-restart/ssl.t index 53c99c68..cda32f44 100644 --- a/t/pt-replica-restart/ssl.t +++ b/t/pt-replica-restart/ssl.t @@ -95,6 +95,26 @@ unlike( '--error-text works (issue 459)' ); +$output = `$trunk/bin/pt-replica-restart --max-sleep 0.25 --host=127.1 --port=12346 --user=sha256_user --password=sha256_user%password --mysql_ssl=1 --error-text "doesn't exist" --run-time 1s 2>&1`; + +is( + $?, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +unlike( + $output, + qr/Error does not match/, + '--error-text works (issue 459) with option --mysql_ssl' +); + $output = `$trunk/bin/pt-replica-restart --max-sleep 0.25 F=t/pt-archiver/samples/pt-191-replica1.cnf,h=127.1,P=12346,u=sha256_user,p=sha256_user%password,s=1 --error-text "doesn't exist" --run-time 1s 2>&1`; is( diff --git a/t/pt-show-grants/ssl.t b/t/pt-show-grants/ssl.t index d42d32de..a9b0fe81 100644 --- a/t/pt-show-grants/ssl.t +++ b/t/pt-show-grants/ssl.t @@ -88,6 +88,34 @@ like( 'It lives', ); +($output, $exit_code) = full_output( + sub { pt_show_grants::main( + '-F', $cnf, + qw(--host 127.1 --port 12345 --user sha256_user), + qw(--password sha256_user%password --mysql_ssl 1), + qw(--drop --flush --revoke --separate) + ); }, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +like( + $output, + qr/Grants dumped by/, + 'It lives with option --mysql_ssl', +) or diag($output); + ($output, $exit_code) = full_output( sub { pt_show_grants::main( '-F', 't/pt-archiver/samples/pt-191.cnf', diff --git a/t/pt-table-checksum/ssl.t b/t/pt-table-checksum/ssl.t index c56256b9..76e46fd2 100644 --- a/t/pt-table-checksum/ssl.t +++ b/t/pt-table-checksum/ssl.t @@ -26,7 +26,7 @@ elsif ( $sandbox_version lt '8.0' ) { plan skip_all => "Requires MySQL 8.0 or newer"; } else { - plan tests => 11; + plan tests => 15; } # The sandbox servers run with lock_wait_timeout=3 and it's not dynamic @@ -102,6 +102,39 @@ like( 'Checksums the table (issue 388)' ); +($output, $exit_code) = full_output( + sub { pt_table_checksum::main( + @args, + qw(--host 127.1 --port 12345 --user sha256_user), + qw(--password sha256_user%password --mysql_ssl 1), + qw(-d test)) }, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +unlike( + $output, + qr/Use of uninitialized value/, + 'No error (issue 388) with option --mysql_ssl' +); + +like( + $output, + qr/^\S+\s+0\s+0\s+1\s+0\s+1\s+/m, + 'Checksums the table (issue 388) with option --mysql_ssl' +); + ($output, $exit_code) = full_output( sub { pt_table_checksum::main( diff --git a/t/pt-table-sync/ssl.t b/t/pt-table-sync/ssl.t index 92ca2dff..fa1a4aab 100644 --- a/t/pt-table-sync/ssl.t +++ b/t/pt-table-sync/ssl.t @@ -30,7 +30,7 @@ elsif ( $sandbox_version lt '8.0' ) { plan skip_all => "Requires MySQL 8.0 or newer"; } else { - plan tests => 10; + plan tests => 13; } my ($output, $exit_code); @@ -88,6 +88,31 @@ like( "Zero chunk" ); +($output, $exit_code) = full_output( + sub { pt_table_sync::main('D=sakila,t=film', + qw(--host 127.1 --port 12346 --user sha256_user), + qw(--password sha256_user%password --mysql_ssl 1), @args) }, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +like( + $output, + qr/WHERE \(`film_id` = 0\)/, + "Zero chunk with option --mysql_ssl" +); + # Prepare checksums table diag(`$trunk/bin/pt-table-checksum F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1 -d sakila --recursion-method=dsn=F=t/pt-archiver/samples/pt-191.cnf,D=test_ssl,t=dsns,h=127.0.0.1,P=12345,u=sha256_user,p=sha256_user%password,s=1 2>&1 >/dev/null`); diff --git a/t/pt-table-usage/ssl.t b/t/pt-table-usage/ssl.t index 94af9c86..387296ff 100644 --- a/t/pt-table-usage/ssl.t +++ b/t/pt-table-usage/ssl.t @@ -26,7 +26,7 @@ elsif ( $sandbox_version lt '8.0' ) { plan skip_all => "Requires MySQL 8.0 or newer"; } else { - plan tests => 10; + plan tests => 13; } my ($output, $exit_code); @@ -83,6 +83,32 @@ is( "No error if table doesn't exist" ); +($output, $exit_code) = full_output( + sub { pt_table_usage::main('--explain-extended', + qw(127.1 --port 12345 --database sakila --user sha256_user), + qw(--password sha256_user%password --mysql_ssl 1), + '--query', 'select * from foo, bar where id=1') }, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +is( + $output, + "", + "No error if table doesn't exist with option --mysql_ssl" +); + ($output, $exit_code) = full_output( sub { pt_table_usage::main('--explain-extended', "F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,D=sakila,u=sha256_user,p=sha256_user%password,s=1", '--query', 'select * from foo, bar where id=1') }, diff --git a/t/pt-upgrade/ssl.t b/t/pt-upgrade/ssl.t index 273088d2..95499ad5 100644 --- a/t/pt-upgrade/ssl.t +++ b/t/pt-upgrade/ssl.t @@ -98,6 +98,35 @@ is( "Does not fail on SELECT...INTO statements" ); +($output, $exit_code) = full_output( + sub { + pt_upgrade::main("${host1_dsn}", + qw(--user sha256_user --password sha256_user%password --mysql_ssl 1), + '--save-results', $tmpdir, + qw(--type rawlog), + "$samples/select_into.log", + )}, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +is( + $exit_code, + 0, + "Does not fail on SELECT...INTO statements with option --mysql_ssl" +); + ($output, $exit_code) = full_output( sub { pt_upgrade::main("F=t/pt-archiver/samples/pt-191.cnf,${host1_dsn},u=sha256_user,p=sha256_user%password,s=1", '--save-results', $tmpdir, diff --git a/t/pt-variable-advisor/ssl.t b/t/pt-variable-advisor/ssl.t index 01476b6a..e0a6d8f1 100644 --- a/t/pt-variable-advisor/ssl.t +++ b/t/pt-variable-advisor/ssl.t @@ -81,6 +81,30 @@ unlike( "No innodb_max_dirty_pages_pct warning (bug 1168106)" ); +($output, $exit_code) = full_output( + sub { pt_variable_advisor::main("${dsn}", + qw(--user sha256_user --password sha256_user%password --mysql_ssl 1)) }, + stderr => 1, +); + +is( + $exit_code, + 0, + "No error for user, identified with caching_sha2_password with option --mysql_ssl" +) or diag($output); + +unlike( + $output, + qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, + 'No secure connection error with option --mysql_ssl' +) or diag($output); + +unlike( + $output, + qr/innodb_max_dirty_pages_pct/, + "No innodb_max_dirty_pages_pct warning (bug 1168106) with option --mysql_ssl" +); + ($output, $exit_code) = full_output( sub { pt_variable_advisor::main("F=t/pt-archiver/samples/pt-191.cnf,${dsn},u=sha256_user,p=sha256_user%password,s=1") }, stderr => 1,