Otherwise there is a plaintext leak in the very beginning of the writeset stream.
Currently src/server_state.cpp has
wsrep::server_state::set_encryption_key(std::vector<unsigned char>& key)
{
encryption_key_ = key;
if (state_ != s_disconnected)
{
...
i.e. setting the key is skipped if provider is not connected. This is clearly a mistake as we need the key to be set before provider starts to receive and cache any data.
Otherwise there is a plaintext leak in the very beginning of the writeset stream.
Currently
src/server_state.cpphasi.e. setting the key is skipped if provider is not connected. This is clearly a mistake as we need the key to be set before provider starts to receive and cache any data.