percona/percona-toolkit
1
0
Fork 0
mirror of https://github.com/percona/percona-toolkit.git synced 2025-09-17 17:27:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

PT-191 - add ssl options to DSN

Browse Source 
- Added test cases to ensure SSL is working in all tools
This commit is contained in:
Sveta Smirnova
2025-07-26 14:18:30 +03:00
parent 7a8fee3d86
commit b7094dfd09
25 changed files with 808 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
t/pt-table-sync/ssl.t
View File

@@ -30,7 +30,7 @@ elsif ( $sandbox_version lt '8.0' ) {
plan skip_all => "Requires MySQL 8.0 or newer";
}
else {
plan tests => 6;
plan tests => 10;
}
my ($output, $exit_code);
@@ -40,10 +40,14 @@ $sb->do_as_root(
'source',
q/CREATE USER IF NOT EXISTS sha256_user@'%' IDENTIFIED WITH caching_sha2_password BY 'sha256_user%password' REQUIRE SSL/,
q/GRANT ALL ON sakila.* TO sha256_user@'%'/,
q/GRANT ALL ON percona.* TO sha256_user@'%'/,
q/GRANT SELECT ON test_ssl.* TO sha256_user@'%'/,
q/GRANT REPLICATION CLIENT ON *.* TO sha256_user@'%'/,
q/GRANT PROCESS ON *.* TO sha256_user@'%'/,
);
$sb->load_file('source', "t/pt-online-schema-change/samples/ssl_dsns.sql");
($output, $exit_code) = full_output(
sub { pt_table_sync::main('h=127.1,P=12346,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=0', @args) },
stderr => 1,
@@ -84,6 +88,54 @@ like(
"Zero chunk"
);
# Prepare checksums table
diag(`$trunk/bin/pt-table-checksum F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1 -d sakila --recursion-method=dsn=F=t/pt-archiver/samples/pt-191.cnf,D=test_ssl,t=dsns,h=127.0.0.1,P=12345,u=sha256_user,p=sha256_user%password,s=1 2>&1 >/dev/null`);
@args = (qw(--recursion-method=dsn --replicate=percona.checksums -t sakila.actor -v -v --print --chunk-size 100));
($output, $exit_code) = full_output(
sub {
pt_table_sync::main(
'F=t/pt-archiver/samples/pt-191,h=127.1,P=12346,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=1',
@args,
"--recursion-method=dsn=F=t/pt-archiver/samples/pt-191-replica1.cnf,D=test_ssl,t=dsns,h=127.0.0.1,P=12345,u=sha256_user,p=sha256_user%password,s=1"
) },
stderr => 1,
);
is(
$exit_code,
0,
"No error for SSL options in the configuration file"
) or diag($output);
unlike(
$output,
qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./,
'No secure connection error with correct SSL options in the configuration file'
) or diag($output);
($output, $exit_code) = full_output(
sub {
pt_table_sync::main(
'F=t/pt-archiver/samples/pt-191-error.cnf,h=127.1,P=12345,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=1',
@args,
"--recursion-method=dsn=F=t/pt-archiver/samples/pt-191.cnf,D=test_ssl,t=dsns,h=127.0.0.1,P=12345,u=sha256_user,p=sha256_user%password,s=1"
) },
stderr => 1,
);
isnt(
$exit_code,
0,
"Error for invalid SSL options in the configuration file"
) or diag($output);
like(
$output,
qr/SSL connection error: Unable to get private key at/,
'SSL connection error with incorrect SSL options in the configuration file'
) or diag($output);
# #############################################################################
# Done.
# #############################################################################