Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Various TLS related updates (#16982) #18022

Merged
merged 3 commits into from
Jul 18, 2024
Merged

Various TLS related updates (#16982) #18022

merged 3 commits into from
Jul 18, 2024

Conversation

ti-chi-bot
Copy link
Member

This is an automated cherry-pick of #16982

What is changed, added or deleted? (Required)

  1. The documentation of statements that have syntax like REQUIRE X509 didn't seem to be complete.
  2. TLS is not only encrypting the connection, but is also providing other security properties like authentication. I've replaced some mentions of "encryption" with either "secure" or "TLS".
  3. The startup messages no longer match the documentation. (related to server: fix tls setup and error log tidb#15287 and *: move config file option require_secure_transport to sysvar tidb#34261)
  4. The GRANT statement should not be used to create users and/or to modify users.
  5. Some places weren't consistently putting things like REQUIRE in uppercase.
  6. Add a note to tls-version about TLSv1.0 and TLSv1.1 deprecation.

Which TiDB version(s) do your changes apply to? (Required)

Tips for choosing the affected version(s):

By default, CHOOSE MASTER ONLY so your changes will be applied to the next TiDB major or minor releases. If your PR involves a product feature behavior change or a compatibility change, CHOOSE THE AFFECTED RELEASE BRANCH(ES) AND MASTER.

For details, see tips for choosing the affected versions.

  • master (the latest development version)
  • v7.6 (TiDB 7.6 versions)
  • v7.5 (TiDB 7.5 versions)
  • v7.4 (TiDB 7.4 versions)
  • v7.3 (TiDB 7.3 versions)
  • v7.1 (TiDB 7.1 versions)
  • v6.5 (TiDB 6.5 versions)
  • v6.1 (TiDB 6.1 versions)
  • v5.4 (TiDB 5.4 versions)
  • v5.3 (TiDB 5.3 versions)
  • v5.2 (TiDB 5.2 versions)
  • v5.1 (TiDB 5.1 versions)
  • v5.0 (TiDB 5.0 versions)

What is the related PR or file link(s)?

Do your changes match any of the following descriptions?

  • Delete files
  • Change aliases
  • Need modification after applied to another branch
  • Might cause conflicts after applied to another branch

@ti-chi-bot ti-chi-bot mentioned this pull request Jul 18, 2024
Merged
17 tasks
@ti-chi-bot ti-chi-bot added lgtm needs-1-more-lgtm Indicates a PR needs 1 more LGTM. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. type/cherry-pick-for-release-8.0 This PR is cherry-picked to release-8.0 from a source PR. labels Jul 18, 2024
@Oreoxmt
Copy link
Collaborator

Oreoxmt commented Jul 18, 2024

/approve

@ti-chi-bot ti-chi-bot
Copy link

ti-chi-bot bot commented Jul 18, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Oreoxmt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ti-chi-bot ti-chi-bot bot added the approved label Jul 18, 2024
@ti-chi-bot ti-chi-bot bot merged commit 262e596 into pingcap:release-8.0 Jul 18, 2024
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Oreoxmt Oreoxmt Oreoxmt approved these changes

Assignees

@Oreoxmt Oreoxmt

Labels
approved lgtm needs-1-more-lgtm Indicates a PR needs 1 more LGTM. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. type/cherry-pick-for-release-8.0 This PR is cherry-picked to release-8.0 from a source PR.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ti-chi-bot @Oreoxmt