diff --git a/SOURCES/bz1992661-mysql-use-ssl-mode.patch b/SOURCES/bz1992661-mysql-use-ssl-mode.patch new file mode 100644 index 0000000..c930c4e --- /dev/null +++ b/SOURCES/bz1992661-mysql-use-ssl-mode.patch @@ -0,0 +1,24 @@ +From ed5bc606a4db5108995df9297698cf9dc14cccb2 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 18 Jan 2022 11:32:05 +0100 +Subject: [PATCH] mysql-common: fix local SSL connection by using + --ssl-mode=REQUIRED which is available on 5.7+ (--ssl is not available in + 8.0) + +--- + heartbeat/mysql-common.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/heartbeat/mysql-common.sh b/heartbeat/mysql-common.sh +index 459948b10..de8763544 100755 +--- a/heartbeat/mysql-common.sh ++++ b/heartbeat/mysql-common.sh +@@ -97,7 +97,7 @@ MYSQL_BINDIR=`dirname ${OCF_RESKEY_binary}` + + MYSQL=$OCF_RESKEY_client_binary + if ocf_is_true "$OCF_RESKEY_replication_require_ssl"; then +- MYSQL_OPTIONS_LOCAL_SSL_OPTIONS="--ssl" ++ MYSQL_OPTIONS_LOCAL_SSL_OPTIONS="--ssl-mode=REQUIRED" + else + MYSQL_OPTIONS_LOCAL_SSL_OPTIONS="" + fi diff --git a/SPECS/resource-agents.spec b/SPECS/resource-agents.spec index 41f94a6..65873ef 100644 --- a/SPECS/resource-agents.spec +++ b/SPECS/resource-agents.spec @@ -66,7 +66,7 @@ Name: resource-agents Summary: Open Source HA Reusable Cluster Resource Scripts Version: 4.9.0 -Release: 12%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist} +Release: 13%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist} License: GPLv2+ and LGPLv2+ URL: https://github.com/ClusterLabs/resource-agents %if 0%{?fedora} || 0%{?centos_version} || 0%{?rhel} @@ -95,6 +95,7 @@ Patch8: bz2015789-gcp-ilb-3-use-bundled-gcloud.patch Patch9: bz2027591-nfsnotify-fix-notify_args-default.patch Patch10: bz2012057-Route-return-OCF_NOT_RUNNING-missing-route.patch Patch11: bz2029706-db2-crm_attribute-use-forever.patch +Patch12: bz1992661-mysql-use-ssl-mode.patch # bundle patches Patch1000: 7-gcp-bundled.patch @@ -280,6 +281,7 @@ exit 1 %patch9 -p1 %patch10 -p1 %patch11 -p1 +%patch12 -p1 chmod 755 heartbeat/nova-compute-wait chmod 755 heartbeat/NovaEvacuate @@ -860,6 +862,11 @@ ccs_update_schema > /dev/null 2>&1 ||: %{_usr}/lib/ocf/lib/heartbeat/OCF_*.pm %changelog +* Thu Jan 20 2022 Oyvind Albrigtsen - 4.9.0-13 +- mysql: add support for local SSL connection + + Resolves: rhbz#1992661 + * Tue Dec 7 2021 Oyvind Albrigtsen - 4.9.0-12 - Route: return OCF_NOT_RUNNING for probe action when interface or route doesnt exist