mirror of
				https://github.com/percona/percona-toolkit.git
				synced 2025-10-21 18:24:38 +00:00 
			
		
		
		
	PT-191 - add ssl options to DSN
- Added test cases to ensure SSL is working in all tools
This commit is contained in:
		
							
								
								
									
										5
									
								
								t/pt-archiver/samples/pt-191-error.cnf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								t/pt-archiver/samples/pt-191-error.cnf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,5 @@ | |||||||
|  | [client] | ||||||
|  | user=msandbox | ||||||
|  | ssl-ca=/tmp/12345/data/ca.pem | ||||||
|  | ssl-cert=/tmp/12345/data/server-cert.pem | ||||||
|  | ssl-key=/tmp/12345/data/client-key.pem | ||||||
							
								
								
									
										4
									
								
								t/pt-archiver/samples/pt-191-replica1.cnf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								t/pt-archiver/samples/pt-191-replica1.cnf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | |||||||
|  | [client] | ||||||
|  | ssl-ca=/tmp/12346/data/ca.pem | ||||||
|  | ssl-cert=/tmp/12346/data/client-cert.pem | ||||||
|  | ssl-key=/tmp/12346/data/client-key.pem | ||||||
							
								
								
									
										4
									
								
								t/pt-archiver/samples/pt-191-replica2.cnf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								t/pt-archiver/samples/pt-191-replica2.cnf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | |||||||
|  | [client] | ||||||
|  | ssl-ca=/tmp/12347/data/ca.pem | ||||||
|  | ssl-cert=/tmp/12347/data/client-cert.pem | ||||||
|  | ssl-key=/tmp/12347/data/client-key.pem | ||||||
							
								
								
									
										4
									
								
								t/pt-archiver/samples/pt-191.cnf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								t/pt-archiver/samples/pt-191.cnf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | |||||||
|  | [client] | ||||||
|  | ssl-ca=/tmp/12345/data/ca.pem | ||||||
|  | ssl-cert=/tmp/12345/data/client-cert.pem | ||||||
|  | ssl-key=/tmp/12345/data/client-key.pem | ||||||
| @@ -83,6 +83,48 @@ like( | |||||||
|    'Queries printed' |    'Queries printed' | ||||||
| ) or diag($output); | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_archiver::main('--source', "F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=1", | ||||||
|  |          qw(--no-check-charset --purge --dry-run --port 12345), | ||||||
|  |          "--where", "film_id < 100") | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_archiver::main('--source', "F=t/pt-archiver/samples/pt-191-error.cnf,h=127.1,P=12345,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=1", | ||||||
|  |          qw(--no-check-charset --purge --dry-run --port 12345), | ||||||
|  |          "--where", "film_id < 100") | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -80,6 +80,44 @@ is( | |||||||
|    "No output when no diff" |    "No output when no diff" | ||||||
| ) or diag($output); | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_config_diff::main("F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1", 'h=127.1') | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_config_diff::main("F=t/pt-archiver/samples/pt-191-error.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1", 'h=127.1') | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -165,6 +165,46 @@ like( | |||||||
|    'Deadlock logger prints the output' |    'Deadlock logger prints the output' | ||||||
| ) or diag($output); | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_deadlock_logger::main("F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=1", | ||||||
|  |       qw(--iterations 1)); | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_deadlock_logger::main("F=t/pt-archiver/samples/pt-191-error.cnf,h=127.1,P=12345,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=1", | ||||||
|  |       qw(--iterations 1)); | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -93,6 +93,34 @@ if ($sandbox_version ge '8.0') { | |||||||
|    ); |    ); | ||||||
| } | } | ||||||
|  |  | ||||||
|  | $output = `$cmd -d mysql -t columns_priv -v F=t/pt-archiver/samples/pt-191.cnf,P=12345,u=sha256_user,p=sha256_user%password,s=1 2>&1`; | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $?, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | $output = `$cmd -d mysql -t columns_priv -v F=t/pt-archiver/samples/pt-191-error.cnf,P=12345,u=sha256_user,p=sha256_user%password,s=1 2>&1`; | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $?, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -29,7 +29,7 @@ elsif ( $sandbox_version lt '8.0' ) { | |||||||
|  |  | ||||||
| my $output; | my $output; | ||||||
| my $cnf = '/tmp/12345/my.sandbox.cnf'; | my $cnf = '/tmp/12345/my.sandbox.cnf'; | ||||||
| my $cmd = "$trunk/bin/pt-find -F $cnf "; | my $cmd = "$trunk/bin/pt-find"; | ||||||
|  |  | ||||||
| $sb->do_as_root( | $sb->do_as_root( | ||||||
|    'source', |    'source', | ||||||
| @@ -37,7 +37,7 @@ $sb->do_as_root( | |||||||
|    q/GRANT ALL ON *.* TO sha256_user@'%'/, |    q/GRANT ALL ON *.* TO sha256_user@'%'/, | ||||||
| ); | ); | ||||||
|  |  | ||||||
| $output = `$cmd mysql --tblregex column --user=sha256_user --password=sha256_user%password --mysql_ssl=0 2>&1`;  | $output = `$cmd -F $cnf --host=127.0.0.1 --port=12345 mysql --tblregex column --user=sha256_user --password=sha256_user%password --mysql_ssl=0 2>&1`;  | ||||||
|  |  | ||||||
| isnt( | isnt( | ||||||
|    $?, |    $?, | ||||||
| @@ -47,11 +47,11 @@ isnt( | |||||||
|  |  | ||||||
| like( | like( | ||||||
|    $output, |    $output, | ||||||
|    qr/Access denied/, |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|    'Secure connection error raised when no SSL connection used' |    'Secure connection error raised when no SSL connection used' | ||||||
| ) or diag($output); | ) or diag($output); | ||||||
|  |  | ||||||
| $output = `$cmd mysql --tblregex column --user=sha256_user --password=sha256_user%password --mysql_ssl=1 2>&1`;  | $output = `$cmd -F $cnf --host=127.0.0.1 --port=12345 mysql --tblregex column --user=sha256_user --password=sha256_user%password --mysql_ssl=1 2>&1`;  | ||||||
|  |  | ||||||
| is( | is( | ||||||
|    $?, |    $?, | ||||||
| @@ -61,12 +61,40 @@ is( | |||||||
|  |  | ||||||
| unlike( | unlike( | ||||||
|    $output, |    $output, | ||||||
|    qr/Access denied/, |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|    'Secure connection error raised when no SSL connection used' |    'Secure connection error raised when no SSL connection used' | ||||||
| ) or diag($output); | ) or diag($output); | ||||||
|  |  | ||||||
| like($output, qr/`mysql`.`columns_priv`/, 'Found mysql.columns_priv'); | like($output, qr/`mysql`.`columns_priv`/, 'Found mysql.columns_priv'); | ||||||
|  |  | ||||||
|  | $output = `$cmd -F t/pt-archiver/samples/pt-191.cnf --host=127.0.0.1 --port=12345 mysql --tblregex column --user=sha256_user --password=sha256_user%password --mysql_ssl=1 2>&1`;  | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $?, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | $output = `$cmd -F t/pt-archiver/samples/pt-191-error.cnf --host=127.0.0.1 --port=12345 mysql --tblregex column --user=sha256_user --password=sha256_user%password --mysql_ssl=1 2>&1`;  | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $?, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -95,6 +95,44 @@ like( | |||||||
|    "Prints fk error by default" |    "Prints fk error by default" | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_fk_error_logger::main(@args, 'F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1'), | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_fk_error_logger::main(@args, 'F=t/pt-archiver/samples/pt-191-error.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1'), | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -53,7 +53,7 @@ $sb->do_as_root( | |||||||
| ); | ); | ||||||
|  |  | ||||||
| isnt( | isnt( | ||||||
|    $?, |    $exit_code, | ||||||
|    0, |    0, | ||||||
|    "Error raised when SSL connection is not used" |    "Error raised when SSL connection is not used" | ||||||
| ) or diag($output); | ) or diag($output); | ||||||
| @@ -71,7 +71,7 @@ like( | |||||||
| ); | ); | ||||||
|  |  | ||||||
| is( | is( | ||||||
|    $?, |    $exit_code, | ||||||
|    0, |    0, | ||||||
|    "No error for user, identified with caching_sha2_password" |    "No error for user, identified with caching_sha2_password" | ||||||
| ) or diag($output); | ) or diag($output); | ||||||
| @@ -89,6 +89,42 @@ is( | |||||||
|    "Automatically inserts heartbeat row (issue 1292)" |    "Automatically inserts heartbeat row (issue 1292)" | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { pt_heartbeat::main("F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1", | ||||||
|  |       qw(-D test --check)) }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { pt_heartbeat::main("F=t/pt-archiver/samples/pt-191-error.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1", | ||||||
|  |       qw(-D test --check)) }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -95,6 +95,53 @@ like( | |||||||
|    'A simple query that does not use any indexes', |    'A simple query that does not use any indexes', | ||||||
| ) or diag($output); | ) or diag($output); | ||||||
|  |  | ||||||
|  | @args = ('-F', "$trunk/t/pt-archiver/samples/pt-191.cnf"); | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_index_usage::main( | ||||||
|  |          @args, | ||||||
|  |          qw(--host=127.1 --port=12345 --user=sha256_user --password=sha256_user%password --mysql_ssl=1), | ||||||
|  |          "$trunk/$samples/slow001.txt") | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | @args = ('-F', "$trunk/t/pt-archiver/samples/pt-191-error.cnf"); | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_index_usage::main( | ||||||
|  |          #"-F $trunk/t/pt-archiver/samples/pt-191-error.cnf", | ||||||
|  |          @args, | ||||||
|  |          qw(--host=127.1 --port=12345 --user=sha256_user --password=sha256_user%password --mysql_ssl=1), | ||||||
|  |          "$trunk/$samples/slow001.txt") | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -30,12 +30,12 @@ elsif ( $sandbox_version lt '8.0' ) { | |||||||
|    plan skip_all => "Requires MySQL 8.0 or newer"; |    plan skip_all => "Requires MySQL 8.0 or newer"; | ||||||
| } | } | ||||||
| else { | else { | ||||||
|    plan tests => 6; |    plan tests => 10; | ||||||
| } | } | ||||||
|  |  | ||||||
| my ($output, $exit_code); | my ($output, $exit_code); | ||||||
| my $cnf = '/tmp/12345/my.sandbox.cnf'; | my $cnf = '/tmp/12345/my.sandbox.cnf'; | ||||||
| my $cmd = "$trunk/bin/pt-kill -F $cnf"; | my $cmd = "$trunk/bin/pt-kill"; | ||||||
|  |  | ||||||
| $sb->do_as_root( | $sb->do_as_root( | ||||||
|    'source', |    'source', | ||||||
| @@ -43,7 +43,7 @@ $sb->do_as_root( | |||||||
|    q/GRANT PROCESS ON *.* TO sha256_user@'%'/, |    q/GRANT PROCESS ON *.* TO sha256_user@'%'/, | ||||||
| ); | ); | ||||||
|  |  | ||||||
| $output = `$cmd h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=0 --busy-time 1s --print --run-time 10 2>&1`; | $output = `$cmd F=$cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=0 --busy-time 1s --print --run-time 10 2>&1`; | ||||||
|  |  | ||||||
| isnt( | isnt( | ||||||
|    $?, |    $?, | ||||||
| @@ -61,7 +61,7 @@ like( | |||||||
| # Backticks don't work here. | # Backticks don't work here. | ||||||
| system("/tmp/12345/use -e 'select sleep(5)' >/dev/null &"); | system("/tmp/12345/use -e 'select sleep(5)' >/dev/null &"); | ||||||
|  |  | ||||||
| $output = `$cmd h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1 --busy-time 1s --print --run-time 10 2>&1`; | $output = `$cmd F=$cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1 --busy-time 1s --print --run-time 10 2>&1`; | ||||||
|  |  | ||||||
| is( | is( | ||||||
|    $?, |    $?, | ||||||
| @@ -91,6 +91,34 @@ ok( | |||||||
|    "There were 2 to 5 captures" |    "There were 2 to 5 captures" | ||||||
| ) or diag($output); | ) or diag($output); | ||||||
|  |  | ||||||
|  | $output = `$cmd F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1 --busy-time 1s --print --run-time 10 2>&1`; | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $?, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | $output = `$cmd F=t/pt-archiver/samples/pt-191-error.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1 --busy-time 1s --print --run-time 10 2>&1`; | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $?, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -29,7 +29,7 @@ elsif ( $sandbox_version lt '8.0' ) { | |||||||
|    plan skip_all => "Requires MySQL 8.0 or newer"; |    plan skip_all => "Requires MySQL 8.0 or newer"; | ||||||
| } | } | ||||||
| else { | else { | ||||||
|    plan tests => 6; |    plan tests => 10; | ||||||
| } | } | ||||||
|  |  | ||||||
| my ($tool) = 'pt-mysql-summary'; | my ($tool) = 'pt-mysql-summary'; | ||||||
| @@ -74,6 +74,34 @@ like( | |||||||
|    "Authentication with caching_sha2_password works" |    "Authentication with caching_sha2_password works" | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | $output = `$trunk/bin/$tool --host=127.1 --port=12345 --user=sha256_user --password=sha256_user%password 2>&1 -- --defaults-file=t/pt-archiver/samples/pt-191.cnf --ssl-mode=required`; | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $?, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | $output = `$trunk/bin/$tool --host=127.1 --port=12345 --user=sha256_user --password=sha256_user%password 2>&1 -- --defaults-file=t/pt-archiver/samples/pt-191-error.cnf --ssl-mode=required`; | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $?, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL error: Unable to get private key from/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
							
								
								
									
										13
									
								
								t/pt-online-schema-change/samples/ssl_dsns.sql
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										13
									
								
								t/pt-online-schema-change/samples/ssl_dsns.sql
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,13 @@ | |||||||
|  | CREATE DATABASE IF NOT EXISTS test_ssl; | ||||||
|  | USE test_ssl; | ||||||
|  | DROP TABLE IF EXISTS `dsns`; | ||||||
|  | CREATE TABLE `dsns` ( | ||||||
|  |   `id` int(11) NOT NULL AUTO_INCREMENT, | ||||||
|  |   `parent_id` int(11) DEFAULT NULL, | ||||||
|  |   `dsn` varchar(255) NOT NULL, | ||||||
|  |   PRIMARY KEY (`id`) | ||||||
|  | ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=latin1; | ||||||
|  |  | ||||||
|  | INSERT INTO `dsns` VALUES (1, NULL, "F=/home/sveta/src/percona/percona-toolkit/t/pt-archiver/samples/pt-191-replica1.cnf,P=12346,h=127.0.0.1,u=root,p=msandbox,s=1"); | ||||||
|  | INSERT INTO `dsns` VALUES (2, NULL, "F=/home/sveta/src/percona/percona-toolkit/t/pt-archiver/samples/pt-191-replica2.cnf,P=12347,h=127.0.0.1,u=root,p=msandbox,s=1"); | ||||||
|  |  | ||||||
| @@ -45,6 +45,7 @@ $sb->do_as_root( | |||||||
|    'source', |    'source', | ||||||
|    q/CREATE USER IF NOT EXISTS sha256_user@'%' IDENTIFIED WITH caching_sha2_password BY 'sha256_user%password' REQUIRE SSL/, |    q/CREATE USER IF NOT EXISTS sha256_user@'%' IDENTIFIED WITH caching_sha2_password BY 'sha256_user%password' REQUIRE SSL/, | ||||||
|    q/GRANT ALL ON test.* TO sha256_user@'%'/, |    q/GRANT ALL ON test.* TO sha256_user@'%'/, | ||||||
|  |    q/GRANT SELECT ON test_ssl.* TO sha256_user@'%'/, | ||||||
|    q/GRANT REPLICATION SLAVE ON *.* TO sha256_user@'%'/, |    q/GRANT REPLICATION SLAVE ON *.* TO sha256_user@'%'/, | ||||||
|    q/GRANT SUPER ON *.* TO sha256_user@'%'/, |    q/GRANT SUPER ON *.* TO sha256_user@'%'/, | ||||||
| ); | ); | ||||||
| @@ -54,6 +55,7 @@ $sb->do_as_root( | |||||||
| # ############################################################################# | # ############################################################################# | ||||||
|  |  | ||||||
| $sb->load_file('source', "$sample/del-trg-bug-1103672.sql"); | $sb->load_file('source', "$sample/del-trg-bug-1103672.sql"); | ||||||
|  | $sb->load_file('source', "$sample/ssl_dsns.sql"); | ||||||
|  |  | ||||||
| ($output, $exit_code) = full_output( | ($output, $exit_code) = full_output( | ||||||
|    sub { pt_online_schema_change::main(@args, |    sub { pt_online_schema_change::main(@args, | ||||||
| @@ -101,6 +103,52 @@ like( | |||||||
|    "DROP PRIMARY KEY" |    "DROP PRIMARY KEY" | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | # Restoring environment for the new test | ||||||
|  | $sb->load_file('source', "$sample/del-trg-bug-1103672.sql"); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { pt_online_schema_change::main(@args, | ||||||
|  |       "$source_dsn,F=t/pt-archiver/samples/pt-191.cnf,D=test,t=t1,u=sha256_user,p=sha256_user%password,s=1", | ||||||
|  |       "--alter", "drop primary key, add column _id int unsigned not null primary key auto_increment FIRST", | ||||||
|  |       qw(--execute --no-check-alter), | ||||||
|  |       "--recursion-method=dsn=F=t/pt-archiver/samples/pt-191.cnf,D=test_ssl,t=dsns,h=127.0.0.1,P=12345,u=sha256_user,p=sha256_user%password,s=1"), | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { pt_online_schema_change::main(@args, | ||||||
|  |       "F=$trunk/t/pt-archiver/samples/pt-191-error.cnf,$source_dsn,D=test,t=t1,u=sha256_user,p=sha256_user%password,s=1", | ||||||
|  |       "--alter", "drop primary key, add column _id int unsigned not null primary key auto_increment FIRST", | ||||||
|  |       qw(--execute --no-check-alter)), | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -95,6 +95,34 @@ unlike( | |||||||
|    '--error-text works (issue 459)' |    '--error-text works (issue 459)' | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | $output = `$trunk/bin/pt-replica-restart --max-sleep 0.25 F=t/pt-archiver/samples/pt-191-replica1.cnf,h=127.1,P=12346,u=sha256_user,p=sha256_user%password,s=1 --error-text "doesn't exist" --run-time 1s 2>&1`; | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $?, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | $output = `$trunk/bin/pt-replica-restart --max-sleep 0.25 F=t/pt-archiver/samples/pt-191-error.cnf,h=127.1,P=12346,u=sha256_user,p=sha256_user%password,s=1 --error-text "doesn't exist" --run-time 1s 2>&1`; | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $?, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -88,6 +88,48 @@ like( | |||||||
|    'It lives', |    'It lives', | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { pt_show_grants::main( | ||||||
|  |          '-F', 't/pt-archiver/samples/pt-191.cnf', | ||||||
|  |          'h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1', | ||||||
|  |          qw(--drop --flush --revoke --separate) | ||||||
|  |       ); }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { pt_show_grants::main( | ||||||
|  |          '-F', 't/pt-archiver/samples/pt-191-error.cnf', | ||||||
|  |          'h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1', | ||||||
|  |          qw(--drop --flush --revoke --separate) | ||||||
|  |       ); }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -112,6 +112,46 @@ or diag( | |||||||
|    'collector', `cat $dest/*-output 2>/dev/null`, |    'collector', `cat $dest/*-output 2>/dev/null`, | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | cleanup(); | ||||||
|  |  | ||||||
|  | $exit_code = system("$trunk/bin/pt-stalk --host=127.1 --port=12345 --no-stalk --run-time 2 --dest $dest --prefix nostalk --pid $pid_file --iterations 1 --user=sha256_user --password=sha256_user%password -- --defaults-file=t/pt-archiver/samples/pt-191.cnf --ssl-mode=required >$log_file 2>&1"); | ||||||
|  |  | ||||||
|  | PerconaTest::wait_until(sub { !-f $pid_file }); | ||||||
|  |  | ||||||
|  | $output = `cat $log_file 2>/dev/null`; | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | cleanup(); | ||||||
|  |  | ||||||
|  | $exit_code = system("$trunk/bin/pt-stalk --host=127.1 --port=12345 --no-stalk --run-time 2 --dest $dest --prefix nostalk --pid $pid_file --iterations 1 --user=sha256_user --password=sha256_user%password -- --defaults-file=t/pt-archiver/samples/pt-191-error.cnf --ssl-mode=required >$log_file 2>&1"); | ||||||
|  |  | ||||||
|  | PerconaTest::wait_until(sub { !-f $pid_file }); | ||||||
|  |  | ||||||
|  | $output = `cat $log_file 2>/dev/null`; | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL error: Unable to get private key from/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ elsif ( $sandbox_version lt '8.0' ) { | |||||||
|    plan skip_all => "Requires MySQL 8.0 or newer"; |    plan skip_all => "Requires MySQL 8.0 or newer"; | ||||||
| } | } | ||||||
| else { | else { | ||||||
|    plan tests => 7; |    plan tests => 11; | ||||||
| } | } | ||||||
|  |  | ||||||
| # The sandbox servers run with lock_wait_timeout=3 and it's not dynamic | # The sandbox servers run with lock_wait_timeout=3 and it's not dynamic | ||||||
| @@ -47,11 +47,13 @@ $sb->do_as_root( | |||||||
|    'source', |    'source', | ||||||
|    q/CREATE USER IF NOT EXISTS sha256_user@'%' IDENTIFIED WITH caching_sha2_password BY 'sha256_user%password' REQUIRE SSL/, |    q/CREATE USER IF NOT EXISTS sha256_user@'%' IDENTIFIED WITH caching_sha2_password BY 'sha256_user%password' REQUIRE SSL/, | ||||||
|    q/GRANT ALL ON test.* TO sha256_user@'%'/, |    q/GRANT ALL ON test.* TO sha256_user@'%'/, | ||||||
|  |    q/GRANT SELECT ON test_ssl.* TO sha256_user@'%'/, | ||||||
|    q/GRANT ALL ON percona.* TO sha256_user@'%'/, |    q/GRANT ALL ON percona.* TO sha256_user@'%'/, | ||||||
|    q/GRANT REPLICATION SLAVE ON *.* TO sha256_user@'%'/, |    q/GRANT REPLICATION SLAVE ON *.* TO sha256_user@'%'/, | ||||||
|    q/GRANT REPLICATION CLIENT ON *.* TO sha256_user@'%'/, |    q/GRANT REPLICATION CLIENT ON *.* TO sha256_user@'%'/, | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | $sb->load_file('source', "t/pt-online-schema-change/samples/ssl_dsns.sql"); | ||||||
| $dbh->do("insert into test.foo values (null, 'john, smith')"); | $dbh->do("insert into test.foo values (null, 'john, smith')"); | ||||||
|  |  | ||||||
| ($output, $exit_code) = full_output( | ($output, $exit_code) = full_output( | ||||||
| @@ -100,6 +102,46 @@ like( | |||||||
|    'Checksums the table (issue 388)' |    'Checksums the table (issue 388)' | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub {  | ||||||
|  |       pt_table_checksum::main( | ||||||
|  |          @args,  | ||||||
|  |          'F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1',  | ||||||
|  |          qw(-d test), | ||||||
|  |          "--recursion-method=dsn=F=t/pt-archiver/samples/pt-191.cnf,D=test_ssl,t=dsns,h=127.0.0.1,P=12345,u=sha256_user,p=sha256_user%password,s=1") | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { pt_table_checksum::main(@args, 'F=t/pt-archiver/samples/pt-191-error.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1', qw(-d test)) }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -30,7 +30,7 @@ elsif ( $sandbox_version lt '8.0' ) { | |||||||
|    plan skip_all => "Requires MySQL 8.0 or newer"; |    plan skip_all => "Requires MySQL 8.0 or newer"; | ||||||
| } | } | ||||||
| else { | else { | ||||||
|    plan tests => 6; |    plan tests => 10; | ||||||
| } | } | ||||||
|  |  | ||||||
| my ($output, $exit_code); | my ($output, $exit_code); | ||||||
| @@ -40,10 +40,14 @@ $sb->do_as_root( | |||||||
|    'source', |    'source', | ||||||
|    q/CREATE USER IF NOT EXISTS sha256_user@'%' IDENTIFIED WITH caching_sha2_password BY 'sha256_user%password' REQUIRE SSL/, |    q/CREATE USER IF NOT EXISTS sha256_user@'%' IDENTIFIED WITH caching_sha2_password BY 'sha256_user%password' REQUIRE SSL/, | ||||||
|    q/GRANT ALL ON sakila.* TO sha256_user@'%'/, |    q/GRANT ALL ON sakila.* TO sha256_user@'%'/, | ||||||
|  |    q/GRANT ALL ON percona.* TO sha256_user@'%'/, | ||||||
|  |    q/GRANT SELECT ON test_ssl.* TO sha256_user@'%'/, | ||||||
|    q/GRANT REPLICATION CLIENT ON *.* TO sha256_user@'%'/, |    q/GRANT REPLICATION CLIENT ON *.* TO sha256_user@'%'/, | ||||||
|    q/GRANT PROCESS ON *.* TO sha256_user@'%'/, |    q/GRANT PROCESS ON *.* TO sha256_user@'%'/, | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | $sb->load_file('source', "t/pt-online-schema-change/samples/ssl_dsns.sql"); | ||||||
|  |  | ||||||
| ($output, $exit_code) = full_output( | ($output, $exit_code) = full_output( | ||||||
|    sub { pt_table_sync::main('h=127.1,P=12346,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=0', @args) }, |    sub { pt_table_sync::main('h=127.1,P=12346,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=0', @args) }, | ||||||
|    stderr => 1, |    stderr => 1, | ||||||
| @@ -84,6 +88,54 @@ like( | |||||||
|    "Zero chunk" |    "Zero chunk" | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | # Prepare checksums table | ||||||
|  | diag(`$trunk/bin/pt-table-checksum F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,u=sha256_user,p=sha256_user%password,s=1 -d sakila --recursion-method=dsn=F=t/pt-archiver/samples/pt-191.cnf,D=test_ssl,t=dsns,h=127.0.0.1,P=12345,u=sha256_user,p=sha256_user%password,s=1 2>&1 >/dev/null`); | ||||||
|  |  | ||||||
|  | @args = (qw(--recursion-method=dsn --replicate=percona.checksums -t sakila.actor -v -v --print --chunk-size 100)); | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_table_sync::main( | ||||||
|  |          'F=t/pt-archiver/samples/pt-191,h=127.1,P=12346,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=1', | ||||||
|  |          @args, | ||||||
|  |          "--recursion-method=dsn=F=t/pt-archiver/samples/pt-191-replica1.cnf,D=test_ssl,t=dsns,h=127.0.0.1,P=12345,u=sha256_user,p=sha256_user%password,s=1" | ||||||
|  |       ) }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_table_sync::main( | ||||||
|  |          'F=t/pt-archiver/samples/pt-191-error.cnf,h=127.1,P=12345,D=sakila,t=film,u=sha256_user,p=sha256_user%password,s=1', | ||||||
|  |          @args, | ||||||
|  |          "--recursion-method=dsn=F=t/pt-archiver/samples/pt-191.cnf,D=test_ssl,t=dsns,h=127.0.0.1,P=12345,u=sha256_user,p=sha256_user%password,s=1" | ||||||
|  |       ) }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ elsif ( $sandbox_version lt '8.0' ) { | |||||||
|    plan skip_all => "Requires MySQL 8.0 or newer"; |    plan skip_all => "Requires MySQL 8.0 or newer"; | ||||||
| } | } | ||||||
| else { | else { | ||||||
|    plan tests => 6; |    plan tests => 10; | ||||||
| } | } | ||||||
|  |  | ||||||
| my ($output, $exit_code); | my ($output, $exit_code); | ||||||
| @@ -82,6 +82,43 @@ is( | |||||||
|    "", |    "", | ||||||
|    "No error if table doesn't exist" |    "No error if table doesn't exist" | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { pt_table_usage::main('--explain-extended', "F=t/pt-archiver/samples/pt-191.cnf,h=127.1,P=12345,D=sakila,u=sha256_user,p=sha256_user%password,s=1",  | ||||||
|  |       '--query', 'select * from foo, bar where id=1') }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { pt_table_usage::main('--explain-extended', "F=t/pt-archiver/samples/pt-191-error.cnf,h=127.1,P=12345,D=sakila,u=sha256_user,p=sha256_user%password,s=1",  | ||||||
|  |       '--query', 'select * from foo, bar where id=1') }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -98,6 +98,48 @@ is( | |||||||
|    "Does not fail on SELECT...INTO statements" |    "Does not fail on SELECT...INTO statements" | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_upgrade::main("F=t/pt-archiver/samples/pt-191.cnf,${host1_dsn},u=sha256_user,p=sha256_user%password,s=1", '--save-results', $tmpdir, | ||||||
|  |          qw(--type rawlog), | ||||||
|  |          "$samples/select_into.log") | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_upgrade::main("F=t/pt-archiver/samples/pt-191-error.cnf,${host1_dsn},u=sha256_user,p=sha256_user%password,s=1", '--save-results', $tmpdir, | ||||||
|  |          qw(--type rawlog), | ||||||
|  |          "$samples/select_into.log") | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -81,6 +81,40 @@ unlike( | |||||||
|    "No innodb_max_dirty_pages_pct warning (bug 1168106)" |    "No innodb_max_dirty_pages_pct warning (bug 1168106)" | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { pt_variable_advisor::main("F=t/pt-archiver/samples/pt-191.cnf,${dsn},u=sha256_user,p=sha256_user%password,s=1") }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { pt_variable_advisor::main("F=t/pt-archiver/samples/pt-191-error.cnf,${dsn},u=sha256_user,p=sha256_user%password,s=1") }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
|   | |||||||
| @@ -80,6 +80,51 @@ unlike( | |||||||
|    'No secure connection error' |    'No secure connection error' | ||||||
| ) or diag($output); | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_visual_explain::main( | ||||||
|  |          '--connect', | ||||||
|  |          't/pt-visual-explain/samples/query.sql', | ||||||
|  |          qw(-F t/pt-archiver/samples/pt-191.cnf --host=127.1 --port=12345 --user=sha256_user --password=sha256_user%password --mysql_ssl=1) | ||||||
|  |       ) | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | is( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "No error for SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | unlike( | ||||||
|  |    $output, | ||||||
|  |    qr/Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection./, | ||||||
|  |    'No secure connection error with correct SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | ($output, $exit_code) = full_output( | ||||||
|  |    sub { | ||||||
|  |       pt_visual_explain::main( | ||||||
|  |          '--connect', | ||||||
|  |          't/pt-visual-explain/samples/query.sql', | ||||||
|  |          qw(-F t/pt-archiver/samples/pt-191-error.cnf --host=127.1 --port=12345 --user=sha256_user --password=sha256_user%password --mysql_ssl=1) | ||||||
|  |       ) | ||||||
|  |    }, | ||||||
|  |    stderr => 1, | ||||||
|  | ); | ||||||
|  |  | ||||||
|  | isnt( | ||||||
|  |    $exit_code, | ||||||
|  |    0, | ||||||
|  |    "Error for invalid SSL options in the configuration file" | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
|  | like( | ||||||
|  |    $output, | ||||||
|  |    qr/SSL connection error: Unable to get private key at/, | ||||||
|  |    'SSL connection error with incorrect SSL options in the configuration file' | ||||||
|  | ) or diag($output); | ||||||
|  |  | ||||||
| # ############################################################################# | # ############################################################################# | ||||||
| # Done. | # Done. | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user
	 Sveta Smirnova
					Sveta Smirnova