diff options
author | Sergei Golubchik <serg@mariadb.org> | 2020-05-11 01:00:15 +0200 |
---|---|---|
committer | Sergei Golubchik <serg@mariadb.org> | 2020-05-11 13:47:02 +0200 |
commit | 15502e5e3334077590faa1be61dd418264be8e91 (patch) | |
tree | 8cb658c7ab4e3301bc44150b03bb4c19dcaf5fe6 | |
parent | 1b18cddaa23711776537ee98f16529a74ff861c2 (diff) | |
download | mariadb-git-15502e5e3334077590faa1be61dd418264be8e91.tar.gz |
MDEV-21965 main.tls_version and main.tls_version1 fail in buildbot on Ubuntu Focal
Not only Ubuntu Focal builds openssl with OPENSSL_TLS_SECURITY_LEVEL=2,
but for some unfathomable reason it patches openssl sources to disable
TLS < 1.2 at security level 2, even though openssl manual says it
should only happen at level 4:
https://www.openssl.org/docs/man1.1.0/man3/SSL_CTX_set_security_level.html
We test TLSv1.1 and TLSv1, so we have to override Focal defaults in mtr.
-rw-r--r-- | mysql-test/lib/openssl.cnf | 12 | ||||
-rwxr-xr-x | mysql-test/mysql-test-run.pl | 3 |
2 files changed, 14 insertions, 1 deletions
diff --git a/mysql-test/lib/openssl.cnf b/mysql-test/lib/openssl.cnf new file mode 100644 index 00000000000..b9ab37ac3a1 --- /dev/null +++ b/mysql-test/lib/openssl.cnf @@ -0,0 +1,12 @@ +# Toplevel section for openssl (including libssl) +openssl_conf = default_conf_section + +[default_conf_section] +# We only specify configuration for the "ssl module" +ssl_conf = ssl_section + +[ssl_section] +system_default = system_default_section + +[system_default_section] +CipherString = ALL:@SECLEVEL=1 diff --git a/mysql-test/mysql-test-run.pl b/mysql-test/mysql-test-run.pl index c524561edd9..6b6f0285100 100755 --- a/mysql-test/mysql-test-run.pl +++ b/mysql-test/mysql-test-run.pl @@ -2283,7 +2283,8 @@ sub environment_setup { $ENV{'LC_CTYPE'}= "C"; $ENV{'LC_COLLATE'}= "C"; - $ENV{'OPENSSL_CONF'}= "/dev/null"; + $ENV{'OPENSSL_CONF'}= $mysqld_variables{'version-ssl-library'} gt 'OpenSSL 1.1.1' + ? "$glob_mysql_test_dir/lib/openssl.cnf" : '/dev/null'; $ENV{'USE_RUNNING_SERVER'}= using_extern(); $ENV{'MYSQL_TEST_DIR'}= $glob_mysql_test_dir; |