At 10:56 -0500 3/7/03, Dan Geist wrote:
> I read the thread by R. Weiss, P. DuBios, and J. Zawodny regarding theincomplete implementation of replication over SSL. I had been fighting the same problem for about a week, thinking it was something I was doing wrong. Didn't think to look for un-implemented stubs...
If I understand the process, the act of replication is a simple connect via a dedicated and persistent thread on the slave which which registers to listen for updates to particular dbs/tables and which is fed updates as they come in. Since the c-client and commandline SSL functions seem to be working just fine (after the inclusion of the CA-neuter-patch in 4.0.12), why is replication implementation any different? Would it not be trivial to complete this section of the code so people don't have to use stunnel and native SSL on the same box?
It's always easy when someone else is doing the work. :-)
It's not necessarily so trivial. Replication connections don't use the same client library that regular client programs do. It was not an easy thing to get SSL integrated into the regular client library and working properly; I would expect that might be true for replication connections as well.
There's also the time issue, and you note below. I have no authority to speak on the matter of timetable, but if you want my best guess: don't hold your breath. Continue to tunnel.
>Perhaps there's a particular issue involved, or perhaps developers just don't have the time to dedicate to the feature. I'm just wondering so I can adjust my plans accordingly.
Thanks. Dan-- Dan Geist | [EMAIL PROTECTED] | (404)269-6822 Network Security Engineer | Cox Communications Inc.
--------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php