Percona XtraBackup moved to https://jira.percona.com/projects/PXB

Connection will fail if there is --ssl-mode=DISABLED under [xtrabackup]

Bug #1657088 reported by Shahriyar Rzayev on 2017-01-17

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Percona XtraBackup moved to https://jira.percona.com/projects/PXB	Status tracked in 2.4
	2.4	Invalid	Medium	Unassigned

Bug Description

Related to -> https://bugs.launchpad.net/percona-xtrabackup/+bug/1646480

Based on -> https://bugs.launchpad.net/percona-xtrabackup/+bug/1655283
We have concluded that, it pick the last one.

But for this scenario it differs:

[xtrabackup]
user=msandbox
password=msandbox
port = 5632
socket = /tmp/mysql_sandbox5632.sock
ssl-mode=DISABLED

[client]
user=jeffrey
password='Baku12345#'
port = 5632
socket = /tmp/mysql_sandbox5632.sock
ssl-cert=/home/sh/MySQLPakcages/newcerts/client-cert.pem
ssl-key=/home/sh/MySQLPakcages/newcerts/client-key.pem
ssl-ca=/home/sh/MySQLPakcages/newcerts/ca.pem

The result:

$ ./xtrabackup --version
./xtrabackup version 2.4.5 based on MySQL server 5.7.13 Linux (x86_64) (revision id: fd5bd0f)

$ sudo ./xtrabackup --defaults-file=/home/sh/sandboxes/msb_5_6_32/my.sandbox.cnf --backup --datadir=/home/sh/sandboxes/msb_5_6_32/data/ --target-dir=/home/backup_dir/full/ --no-version-check
[sudo] password for sh:
170117 15:14:32 Connecting to MySQL server host: localhost, user: jeffrey, password: set, port: 5632, socket: /tmp/mysql_sandbox5632.sock
WARNING: no verification of server certificate will be done. Use --ssl-mode=VERIFY_CA or VERIFY_IDENTITY.
Failed to connect to MySQL server: Access denied for user 'jeffrey'@'localhost' (using password: YES)

Result:
It will pick up user and pass from [client] but it will also be affected by --ssl-mode=DISABLED under [xtrabackup]

The same is not true for

$ ./xtrabackup --version
./xtrabackup version 2.3.6 based on MySQL server 5.6.24 Linux (x86_64) (revision id: 21bdc87)

$ sudo ./xtrabackup --defaults-file=/home/sh/sandboxes/msb_5_6_32/my.sandbox.cnf --backup --datadir=/home/sh/sandboxes/msb_5_6_32/data/ --target-dir=/home/backup_dir/full/ --no-version-check
[sudo] password for sh:
170117 15:14:38 Connecting to MySQL server host: localhost, user: jeffrey, password: set, port: 5632, socket: /tmp/mysql_sandbox5632.sock
Using server version 5.6.32-debug
./xtrabackup version 2.3.6 based on MySQL server 5.6.24 Linux (x86_64) (revision id: 21bdc87)

Tags:

Revision history for this message

Sergei Glushchenko (sergei.glushchenko) wrote on 2017-01-23:

[client] section doesn't contain --ssl-mode, so it is taken from [xtrabackup]

Xtrabackup 2.4 handle ssl-mode and based on that is trying to connect without using SSL.
Xtrabackup 2.3 doesn't handle ssl-mode and thus is able to connect.

What is the bug here?

Revision history for this message

Sergei Glushchenko (sergei.glushchenko) wrote on 2017-02-13:

Based on Slack conversation marking as invalid

Revision history for this message

Shahriyar Rzayev (rzayev-sehriyar) wrote on 2018-01-20:

Percona now uses JIRA for bug reports so this bug report is migrated to: https://jira.percona.com/browse/PXB-781

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.