diff options
author | Julius Goryavsky <julius.goryavsky@mariadb.com> | 2023-04-13 07:49:35 +0200 |
---|---|---|
committer | Julius Goryavsky <julius.goryavsky@mariadb.com> | 2023-04-13 07:49:35 +0200 |
commit | d1a4315f4cb096c2fd81c96bc4afc6bb618bae49 (patch) | |
tree | eb0a6f08e0a5a9ef37a7e2837b6234f08c137813 | |
parent | ef4d09948d5ff38f5dff8974005ba222a4b18462 (diff) | |
download | mariadb-git-d1a4315f4cb096c2fd81c96bc4afc6bb618bae49.tar.gz |
MDEV-30402: Encrypted mariabackup SST breaks on distributions with newer socat
This commit adds a new 'no-sni' option to socat which is required to
properly authenticate with newer socat versions (after version 1.7.4+).
This option is needed to disable the automatic use of the SNI feature
(Server Name Indication) since the SST script directly specifies the
commonname if necessary and automatic activation of the SNI feature
is unnecessary in such scenarios.
-rw-r--r-- | scripts/wsrep_sst_mariabackup.sh | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/scripts/wsrep_sst_mariabackup.sh b/scripts/wsrep_sst_mariabackup.sh index 7e26af83701..b46e64a9e8b 100644 --- a/scripts/wsrep_sst_mariabackup.sh +++ b/scripts/wsrep_sst_mariabackup.sh @@ -340,6 +340,9 @@ get_transfer() "Use workaround for socat $SOCAT_VERSION bug" fi fi + if check_for_version "$SOCAT_VERSION" '1.7.4'; then + tcmd="$tcmd,no-sni=1" + fi fi if [ "${sockopt#*,dhparam=}" = "$sockopt" ]; then |