MDEV-30402: Encrypted mariabackup SST breaks on distributions with newer socat

This commit adds a new 'no-sni' option to socat which is required to properly authenticate with newer socat versions (after version 1.7.4+). This option is needed to disable the automatic use of the SNI feature (Server Name Indication) since the SST script directly specifies the commonname if necessary and automatic activation of the SNI feature is unnecessary in such scenarios.

MDEV-30402: Encrypted mariabackup SST breaks on distributions with newer socat
This commit adds a new 'no-sni' option to socat which is required to properly authenticate with newer socat versions (after version 1.7.4+). This option is needed to disable the automatic use of the SNI feature (Server Name Indication) since the SST script directly specifies the commonname if necessary and automatic activation of the SNI feature is unnecessary in such scenarios.
d1a4315f · Julius Goryavsky · ef4d0994 · d1a4315f
Commit d1a4315f authored Apr 13, 2023 by Julius Goryavsky
Show whitespace changes
Inline Side-by-side

Showing with 3 additions and 0 deletions

scripts/wsrep_sst_mariabackup.sh scripts/wsrep_sst_mariabackup.sh +3 -0

No files found.
--- a/scripts/wsrep_sst_mariabackup.sh
+++ b/scripts/wsrep_sst_mariabackup.sh
@@ -340,6 +340,9 @@ get_transfer()
                        "Use workaround for socat $SOCAT_VERSION bug"
                fi
            fi
+            if check_for_version "$SOCAT_VERSION" '1.7.4'; then
+                tcmd="$tcmd,no-sni=1"
+            fi
        fi

        if [ "${sockopt#*,dhparam=}" = "$sockopt" ]; then