mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-09-19 08:10:48 +00:00
Fix
This commit is contained in:
parent
187a717872
commit
8cdcc431fe
@ -226,6 +226,13 @@ namespace Crypto
|
||||
error:
|
||||
if (pFile)
|
||||
fclose(pFile);
|
||||
if (*ppKey)
|
||||
{
|
||||
if constexpr (std::is_same_v<K, EVP_PKEY>)
|
||||
EVP_PKEY_free(*ppKey);
|
||||
else
|
||||
EC_KEY_free(*ppKey);
|
||||
}
|
||||
throw OpenSSLException("EVPKey::loadKey(string)");
|
||||
}
|
||||
|
||||
@ -287,6 +294,13 @@ namespace Crypto
|
||||
error:
|
||||
if (pBIO)
|
||||
BIO_free(pBIO);
|
||||
if (*ppKey)
|
||||
{
|
||||
if constexpr (std::is_same_v<K, EVP_PKEY>)
|
||||
EVP_PKEY_free(*ppKey);
|
||||
else
|
||||
EC_KEY_free(*ppKey);
|
||||
}
|
||||
throw OpenSSLException("EVPKey::loadKey(stream)");
|
||||
}
|
||||
|
||||
|
@ -125,9 +125,9 @@ void setSSLParams(nuraft::asio_service::options & asio_opts)
|
||||
disabled_protocols |= Poco::Net::Context::PROTO_TLSV1_2;
|
||||
}
|
||||
|
||||
asio_opts.ssl_context_provider_server_ = [ctx_params = params, certificate_data, disabled_protocols]
|
||||
asio_opts.ssl_context_provider_server_ = [params, certificate_data, disabled_protocols]
|
||||
{
|
||||
Poco::Net::Context context(Poco::Net::Context::Usage::TLSV1_2_SERVER_USE, ctx_params);
|
||||
Poco::Net::Context context(Poco::Net::Context::Usage::TLSV1_2_SERVER_USE, params);
|
||||
context.disableProtocols(disabled_protocols);
|
||||
SSL_CTX * ssl_ctx = context.takeSslContext();
|
||||
SSL_CTX_set_cert_cb(ssl_ctx, callSetCertificate, reinterpret_cast<void *>(certificate_data.get()));
|
||||
|
@ -4093,7 +4093,7 @@ class ClickHouseInstance:
|
||||
exclusion_substring="",
|
||||
):
|
||||
if from_host:
|
||||
# We check fist file exists but want to look for all rotated logs as well
|
||||
# We check first file exists but want to look for all rotated logs as well
|
||||
result = subprocess_check_call(
|
||||
[
|
||||
"bash",
|
||||
|
@ -161,21 +161,22 @@ def check_valid_configuration(filename, password):
|
||||
run_test()
|
||||
|
||||
|
||||
def test_secure_raft_works(started_cluster):
|
||||
check_valid_configuration("WithoutPassPhrase", None)
|
||||
|
||||
|
||||
def test_secure_raft_works_with_password(started_cluster):
|
||||
def check_invalid_configuration(filename, password):
|
||||
def check_invalid_configuration(filename, password):
|
||||
stop_all_clickhouse()
|
||||
for node in nodes:
|
||||
setupSsl(node, filename, password)
|
||||
|
||||
nodes[0].start_clickhouse(expected_to_fail=True)
|
||||
nodes[0].contains_in_log(
|
||||
"OpenSSLException: EVPKey::loadKey(string): error:0480006C:PEM routines::no start line"
|
||||
nodes[0].wait_for_log_line(
|
||||
"OpenSSLException: EVPKey::loadKey.*error:0480006C:PEM routines::no start line",
|
||||
)
|
||||
|
||||
|
||||
def test_secure_raft_works(started_cluster):
|
||||
check_valid_configuration("WithoutPassPhrase", None)
|
||||
|
||||
|
||||
def test_secure_raft_works_with_password(started_cluster):
|
||||
check_valid_configuration("WithoutPassPhrase", "unusedpassword")
|
||||
check_invalid_configuration("WithPassPhrase", "wrongpassword")
|
||||
check_invalid_configuration("WithPassPhrase", "")
|
||||
|
Loading…
Reference in New Issue
Block a user