Merge branch '2.3' into 2.4
This commit is contained in:
Markus Mäkelä
@ -2064,11 +2064,14 @@ larger than 0.
|
|||||||
|
|
||||||
### `ssl_verify_peer_certificate`
|
### `ssl_verify_peer_certificate`
|
||||||
|
|
||||||
Peer certificate verification. This functionality is enabled by default.
|
Peer certificate verification. This functionality is disabled by default. In
|
||||||
|
versions prior to 2.3.17 the feature was enabled by default.
|
||||||
|
|
||||||
When this feature is enabled, the certificate sent by the peer is verified
|
When this feature is enabled, the peer must send a certificate. The certificate
|
||||||
against the configured Certificate Authority. If you are using self-signed
|
sent by the peer is verified against the configured Certificate Authority to
|
||||||
certificates, set `ssl_verify_peer_certificate=false`.
|
make sure the peer is who they claim to be. For listeners, this behaves as if
|
||||||
|
`REQUIRE X509` was defined for all users. For servers, this behaves like the
|
||||||
|
`--ssl-verify-server-cert` command line option for the `mysql` client.
|
||||||
|
|
||||||
#### Example SSL enabled server configuration
|
#### Example SSL enabled server configuration
|
||||||
|
|
||||||
|
|||||||
@ -170,7 +170,7 @@ void Closer<int>::close(int fd)
|
|||||||
namespace CDC
|
namespace CDC
|
||||||
{
|
{
|
||||||
|
|
||||||
const char* const TIMEOUT = "Request timed out";
|
const char* const TIMEOUT = "Request timed out";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Public functions
|
* Public functions
|
||||||
@ -449,21 +449,36 @@ SRow Connection::read()
|
|||||||
SRow rval;
|
SRow rval;
|
||||||
std::string row;
|
std::string row;
|
||||||
|
|
||||||
if (read_row(row))
|
while (true)
|
||||||
{
|
{
|
||||||
json_error_t err;
|
if (read_row(row))
|
||||||
json_t* js = json_loads(row.c_str(), JSON_ALLOW_NUL, &err);
|
{
|
||||||
|
json_error_t err;
|
||||||
|
json_t* js = json_loads(row.c_str(), JSON_ALLOW_NUL, &err);
|
||||||
|
|
||||||
if (js)
|
if (js)
|
||||||
{
|
{
|
||||||
rval = process_row(js);
|
if (is_schema(js))
|
||||||
json_decref(js);
|
{
|
||||||
}
|
m_schema = row;
|
||||||
else
|
process_schema(js);
|
||||||
{
|
json_decref(js);
|
||||||
m_error = "Failed to parse JSON: ";
|
continue;
|
||||||
m_error += err.text;
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
rval = process_row(js);
|
||||||
|
json_decref(js);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
m_error = "Failed to parse JSON: ";
|
||||||
|
m_error += err.text;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
return rval;
|
return rval;
|
||||||
|
|||||||
@ -488,7 +488,7 @@ const MXS_MODULE_PARAM config_listener_params[] =
|
|||||||
{
|
{
|
||||||
CN_SSL_VERIFY_PEER_CERTIFICATE,
|
CN_SSL_VERIFY_PEER_CERTIFICATE,
|
||||||
MXS_MODULE_PARAM_BOOL,
|
MXS_MODULE_PARAM_BOOL,
|
||||||
"true"
|
"false"
|
||||||
},
|
},
|
||||||
{NULL}
|
{NULL}
|
||||||
};
|
};
|
||||||
@ -702,7 +702,7 @@ const MXS_MODULE_PARAM config_server_params[] =
|
|||||||
{
|
{
|
||||||
CN_SSL_VERIFY_PEER_CERTIFICATE,
|
CN_SSL_VERIFY_PEER_CERTIFICATE,
|
||||||
MXS_MODULE_PARAM_BOOL,
|
MXS_MODULE_PARAM_BOOL,
|
||||||
"true"
|
"false"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
CN_DISK_SPACE_THRESHOLD,
|
CN_DISK_SPACE_THRESHOLD,
|
||||||
|
|||||||
Reference in New Issue
Block a user