Skip to content

M
mariadb
Commit 31e763dd authored by Vladislav Vaintroub's avatar Vladislav Vaintroub
Browse files
Options

MDEV-10211 : fix ssl test not to use specific value of ssl_cipher, as it can... 

MDEV-10211 : fix ssl test not to use specific value of ssl_cipher, as it can change between different openssl/yassl version
parent 7d4a7d8c
Hide whitespace changes
Inline Side-by-side
Showing with 41 additions and 48 deletions
mysql-test/r/openssl_1.result
View file @ 31e763dd
...@@ -56,8 +56,8 @@ mysqltest: Could not open connection 'default': 2026 SSL connection error: Unabl ...@@ -56,8 +56,8 @@ mysqltest: Could not open connection 'default': 2026 SSL connection error: Unabl
SHOW STATUS LIKE 'Ssl_cipher'; SHOW STATUS LIKE 'Ssl_cipher';
Variable_name Value Variable_name Value
Ssl_cipher DHE-RSA-AES256-SHA Ssl_cipher DHE-RSA-AES256-SHA
Variable_name Value have_ssl
Ssl_cipher DHE-RSA-AES256-SHA 1
End of 5.0 tests End of 5.0 tests
DROP TABLE IF EXISTS thread_status; DROP TABLE IF EXISTS thread_status;
DROP EVENT IF EXISTS event_status; DROP EVENT IF EXISTS event_status;
...@@ -202,9 +202,9 @@ result ...@@ -202,9 +202,9 @@ result
is still running; no cipher request crashed the server is still running; no cipher request crashed the server
GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509; GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509;
FLUSH PRIVILEGES; FLUSH PRIVILEGES;
SHOW STATUS LIKE 'Ssl_cipher'; SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
Variable_name Value have_ssl
Ssl_cipher DHE-RSA-AES256-SHA 1
DROP USER bug42158@localhost; DROP USER bug42158@localhost;
End of 5.1 tests End of 5.1 tests
/*!50530 SET @@SESSION.PSEUDO_SLAVE_MODE=1*/; /*!50530 SET @@SESSION.PSEUDO_SLAVE_MODE=1*/;
......
mysql-test/r/ssl.result
View file @ 31e763dd
SHOW STATUS LIKE 'Ssl_cipher'; SHOW STATUS LIKE 'Ssl_cipher';
Variable_name Value Variable_name Value
Ssl_cipher DHE-RSA-AES256-SHA Ssl_cipher AES128-GCM-SHA256
SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
have_ssl
1
SHOW STATUS LIKE 'Ssl_server_not_before'; SHOW STATUS LIKE 'Ssl_server_not_before';
Variable_name Value Variable_name Value
Ssl_server_not_before Apr 25 14:55:05 2015 GMT Ssl_server_not_before Apr 25 14:55:05 2015 GMT
...@@ -2163,9 +2166,9 @@ Privat (Private Nutzung) Mobilfunk ...@@ -2163,9 +2166,9 @@ Privat (Private Nutzung) Mobilfunk
Warnings: Warnings:
Warning 1052 Column 'kundentyp' in group statement is ambiguous Warning 1052 Column 'kundentyp' in group statement is ambiguous
drop table t1; drop table t1;
SHOW STATUS LIKE 'Ssl_cipher'; SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
Variable_name Value have_ssl
Ssl_cipher DHE-RSA-AES256-SHA 1
select aes_decrypt('MySQL','adf'); select aes_decrypt('MySQL','adf');
aes_decrypt('MySQL','adf') aes_decrypt('MySQL','adf')
NULL NULL
......
mysql-test/r/ssl_ca.result
View file @ 31e763dd
...@@ -4,21 +4,21 @@ ...@@ -4,21 +4,21 @@
# try to connect with wrong '--ssl-ca' path : should fail # try to connect with wrong '--ssl-ca' path : should fail
ERROR 2026 (HY000): SSL connection error: SSL_CTX_set_default_verify_paths failed ERROR 2026 (HY000): SSL connection error: SSL_CTX_set_default_verify_paths failed
# try to connect with correct '--ssl-ca' path : should connect # try to connect with correct '--ssl-ca' path : should connect
Variable_name Value have_ssl
Ssl_cipher DHE-RSA-AES256-SHA 1
# #
# Bug#21920678: SSL-CA DOES NOT ACCEPT ~USER TILDE HOME DIRECTORY # Bug#21920678: SSL-CA DOES NOT ACCEPT ~USER TILDE HOME DIRECTORY
# PATH SUBSTITUTION # PATH SUBSTITUTION
# #
# try to connect with '--ssl-ca' option using tilde home directoy # try to connect with '--ssl-ca' option using tilde home directoy
# path substitution : should connect # path substitution : should connect
Variable_name Value have_ssl
Ssl_cipher DHE-RSA-AES256-SHA 1
# try to connect with '--ssl-key' option using tilde home directoy # try to connect with '--ssl-key' option using tilde home directoy
# path substitution : should connect # path substitution : should connect
Variable_name Value have_ssl
Ssl_cipher DHE-RSA-AES256-SHA 1
# try to connect with '--ssl-cert' option using tilde home directoy # try to connect with '--ssl-cert' option using tilde home directoy
# path substitution : should connect # path substitution : should connect
Variable_name Value have_ssl
Ssl_cipher DHE-RSA-AES256-SHA 1
mysql-test/r/ssl_compress.result
View file @ 31e763dd
SHOW STATUS LIKE 'Ssl_cipher'; SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
Variable_name Value have_ssl
Ssl_cipher DHE-RSA-AES256-SHA 1
SHOW STATUS LIKE 'Compression'; SHOW STATUS LIKE 'Compression';
Variable_name Value Variable_name Value
Compression ON Compression ON
...@@ -2160,9 +2160,9 @@ Privat (Private Nutzung) Mobilfunk ...@@ -2160,9 +2160,9 @@ Privat (Private Nutzung) Mobilfunk
Warnings: Warnings:
Warning 1052 Column 'kundentyp' in group statement is ambiguous Warning 1052 Column 'kundentyp' in group statement is ambiguous
drop table t1; drop table t1;
SHOW STATUS LIKE 'Ssl_cipher'; SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
Variable_name Value have_ssl
Ssl_cipher DHE-RSA-AES256-SHA 1
SHOW STATUS LIKE 'Compression'; SHOW STATUS LIKE 'Compression';
Variable_name Value Variable_name Value
Compression ON Compression ON
mysql-test/r/ssl_timeout.result
View file @ 31e763dd
# connect with read timeout so SLEEP() should timeout # connect with read timeout so SLEEP() should timeout
# Check ssl turned on # Check ssl turned on
SHOW STATUS LIKE 'Ssl_cipher'; SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
Variable_name Value have_ssl
Ssl_cipher DHE-RSA-AES256-SHA 1
SELECT SLEEP(600); SELECT SLEEP(600);
ERROR HY000: Lost connection to MySQL server during query ERROR HY000: Lost connection to MySQL server during query
mysql-test/t/openssl_1.test
View file @ 31e763dd
...@@ -132,8 +132,7 @@ drop table t1; ...@@ -132,8 +132,7 @@ drop table t1;
# verification of servers certificate by setting both ca certificate # verification of servers certificate by setting both ca certificate
# and ca path to NULL # and ca path to NULL
# #
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-SHA --exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'" 2>&1
--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
--echo End of 5.0 tests --echo End of 5.0 tests
# #
...@@ -257,8 +256,7 @@ select 'is still running; no cipher request crashed the server' as result from d ...@@ -257,8 +256,7 @@ select 'is still running; no cipher request crashed the server' as result from d
GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509; GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509;
FLUSH PRIVILEGES; FLUSH PRIVILEGES;
connect(con1,localhost,bug42158,,,,,SSL); connect(con1,localhost,bug42158,,,,,SSL);
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-SHA SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
SHOW STATUS LIKE 'Ssl_cipher';
disconnect con1; disconnect con1;
connection default; connection default;
DROP USER bug42158@localhost; DROP USER bug42158@localhost;
......
mysql-test/t/ssl.test
View file @ 31e763dd
...@@ -11,8 +11,8 @@ ...@@ -11,8 +11,8 @@
connect (ssl_con,localhost,root,,,,,SSL); connect (ssl_con,localhost,root,,,,,SSL);
# Check ssl turned on # Check ssl turned on
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-SHA
SHOW STATUS LIKE 'Ssl_cipher'; SHOW STATUS LIKE 'Ssl_cipher';
SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
# Check ssl expiration # Check ssl expiration
SHOW STATUS LIKE 'Ssl_server_not_before'; SHOW STATUS LIKE 'Ssl_server_not_before';
...@@ -22,8 +22,7 @@ SHOW STATUS LIKE 'Ssl_server_not_after'; ...@@ -22,8 +22,7 @@ SHOW STATUS LIKE 'Ssl_server_not_after';
-- source include/common-tests.inc -- source include/common-tests.inc
# Check ssl turned on # Check ssl turned on
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-SHA SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
SHOW STATUS LIKE 'Ssl_cipher';
# #
# MDEV-7697 Client reports ERROR 2006 (MySQL server has gone away) or ERROR 2013 (Lost connection to MySQL server during query) while executing AES* functions under SSL # MDEV-7697 Client reports ERROR 2006 (MySQL server has gone away) or ERROR 2013 (Lost connection to MySQL server during query) while executing AES* functions under SSL
......
mysql-test/t/ssl_ca.test
View file @ 31e763dd
...@@ -7,11 +7,10 @@ ...@@ -7,11 +7,10 @@
--echo # try to connect with wrong '--ssl-ca' path : should fail --echo # try to connect with wrong '--ssl-ca' path : should fail
--error 1 --error 1
--exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/wrong-cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_cipher'" 2>&1 --exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/wrong-cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'" 2>&1
--echo # try to connect with correct '--ssl-ca' path : should connect --echo # try to connect with correct '--ssl-ca' path : should connect
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA --exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'"
--exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_cipher'"
--echo # --echo #
--echo # Bug#21920678: SSL-CA DOES NOT ACCEPT ~USER TILDE HOME DIRECTORY --echo # Bug#21920678: SSL-CA DOES NOT ACCEPT ~USER TILDE HOME DIRECTORY
...@@ -22,15 +21,12 @@ ...@@ -22,15 +21,12 @@
--echo # try to connect with '--ssl-ca' option using tilde home directoy --echo # try to connect with '--ssl-ca' option using tilde home directoy
--echo # path substitution : should connect --echo # path substitution : should connect
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA --exec $MYSQL --ssl-ca$mysql_test_dir_path/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'"
--exec $MYSQL --ssl-ca$mysql_test_dir_path/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_cipher'"
--echo # try to connect with '--ssl-key' option using tilde home directoy --echo # try to connect with '--ssl-key' option using tilde home directoy
--echo # path substitution : should connect --echo # path substitution : should connect
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA --exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key$mysql_test_dir_path/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'"
--exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key$mysql_test_dir_path/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_cipher'"
--echo # try to connect with '--ssl-cert' option using tilde home directoy --echo # try to connect with '--ssl-cert' option using tilde home directoy
--echo # path substitution : should connect --echo # path substitution : should connect
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA --exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert$mysql_test_dir_path/std_data/client-cert.pem test -e "SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'"
--exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert$mysql_test_dir_path/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_cipher'"
mysql-test/t/ssl_compress.test
View file @ 31e763dd
...@@ -11,8 +11,7 @@ ...@@ -11,8 +11,7 @@
connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS); connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS);
# Check ssl turned on # Check ssl turned on
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-SHA SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
SHOW STATUS LIKE 'Ssl_cipher';
# Check compression turned on # Check compression turned on
SHOW STATUS LIKE 'Compression'; SHOW STATUS LIKE 'Compression';
...@@ -21,8 +20,7 @@ SHOW STATUS LIKE 'Compression'; ...@@ -21,8 +20,7 @@ SHOW STATUS LIKE 'Compression';
-- source include/common-tests.inc -- source include/common-tests.inc
# Check ssl turned on # Check ssl turned on
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-SHA SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
SHOW STATUS LIKE 'Ssl_cipher';
# Check compression turned on # Check compression turned on
SHOW STATUS LIKE 'Compression'; SHOW STATUS LIKE 'Compression';
......
mysql-test/t/ssl_timeout.test
View file @ 31e763dd
...@@ -7,8 +7,7 @@ ...@@ -7,8 +7,7 @@
connect (ssl_con,localhost,root,,,,,SSL read_timeout=5); connect (ssl_con,localhost,root,,,,,SSL read_timeout=5);
--echo # Check ssl turned on --echo # Check ssl turned on
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-SHA SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
SHOW STATUS LIKE 'Ssl_cipher';
# --error CR_SERVER_LOST # --error CR_SERVER_LOST
--error 2013 --error 2013
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7