On Fri, 2003-03-07 at 17:56, Dan Geist wrote: > > If I understand the process, the act of replication is a simple connect > > via a dedicated and persistent thread on the slave which which registers
No, it is not simple. It is not very complicated also but bit unusual. Usually SSL layer stuff uses different port for SSL (remind HTTP port 443 instead of port 80). For MySQL it was requirement to stay compatible with all current stuff - port number and fallback to non-SSL connection. This is difference no 1 - MySQL client connects to server as every usual client with SSL mode off. Client sends handshake packet with special few bytes named "capabilities". If client capabilities have "HAVE_SSL" flag, server responds with own flags including HAVE_SSL. After that without loosing connection all handshake is made again but now with SSL turned on. This is not very common way to do things. There are tricks around ACL-s. Some places must check if cipher and certificates are good enough for some operation. Replication uses separate code and all things need to be incorporated there. MySQL server will act as client and even has special MySQL client library code (which is not equal to common libmysqlclient code) in mini_client.c file. If someone will hack it, replication over SSL becomes possible. Sorry, I do not remember all details about MySQL code. I can take a look and implement missing functionality within decent time if some interested party will pay for this job. > > Perhaps there's a particular issue involved, or perhaps developers just > > don't have the time to dedicate to the feature. I'm just wondering so I > > can adjust my plans accordingly. I do not know current plans of MySQL AB, but you can influence on them if you buy support. Other option to support community is to provide good quality patch to MySQL AB. Tõnu --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
