Merge remote-tracking branch 'mysql/5.5' into bb-5.5-merge @ mysql-5.5.42

author: Sergei Golubchik <serg@mariadb.org> 2015-02-11 23:50:40 +0100
committer: Sergei Golubchik <serg@mariadb.org> 2015-02-11 23:50:40 +0100
commit: 8e80f91fa3e584d6b681bfbb4664e80a255af866 (patch)
tree: af4f13f6f0290ee72b33a0642aa7c03e4e5fcd1c /extra/yassl/testsuite
parent: 63108dc9d2cc9f31ae9927817652be465a17f767 (diff)
parent: 3ee8aa216d55b858ba9e53874359dcac9a82933a (diff)
download: mariadb-git-8e80f91fa3e584d6b681bfbb4664e80a255af866.tar.gz
2 files changed, 167 insertions, 5 deletions
diff --git a/extra/yassl/testsuite/cipher-test.sh b/extra/yassl/testsuite/cipher-test.sh
new file mode 100644
index 00000000000..5ce29459d07
--- /dev/null
+++ b/extra/yassl/testsuite/cipher-test.sh
@@ -0,0 +1,130 @@
+#!/bin/bash
+
+# test all yassl cipher suties 
+# 
+
+
+server_pid=$no_pid
+
+
+do_cleanup() {
+    echo "in cleanup"
+
+    if [[ $server_pid != $no_pid ]]
+    then
+        echo "killing server"
+        kill -9 $server_pid
+    fi
+}
+
+do_trap() {
+    echo "got trap"
+    do_cleanup
+    exit -1
+}
+
+trap do_trap INT TERM
+
+
+# make sure example server and client are built
+if test ! -s ../examples/server/server; then
+    echo "Please build yaSSL first, example server missing"
+    exit -1
+fi
+
+if test ! -s ../examples/client/client; then
+    echo "Please build yaSSL first, example client missing"
+    exit -1
+fi
+
+
+# non DSA suites
+for suite in {"DHE-RSA-AES256-SHA","AES256-SHA","DHE-RSA-AES128-SHA","AES128-SHA","AES256-RMD","AES128-RMD","DES-CBC3-RMD","DHE-RSA-AES256-RMD","DHE-RSA-AES128-RMD","DHE-RSA-DES-CBC3-RMD","RC4-SHA","RC4-MD5","DES-CBC3-SHA","DES-CBC-SHA","EDH-RSA-DES-CBC3-SHA","EDH-RSA-DES-CBC-SHA"}
+do
+  for client_auth in {y,n}
+  do
+    echo "Trying $suite client auth = $client_auth ..."
+
+    if test -e server_ready; then
+        echo -e "removing exisitng server_ready file"
+        rm server_ready
+    fi
+    ../examples/server/server $client_auth &
+    server_pid=$!
+
+    while [ ! -s server_ready ]; do
+        echo -e "waiting for server_ready file..."
+        sleep 0.1
+    done
+
+    ../examples/client/client $suite
+    client_result=$?
+
+    wait $server_pid
+    server_result=$?
+
+    server_pid=$no_pid
+
+    if [[ $client_result != 0 ]]
+    then
+        echo "Client Error"
+        exit $client_result
+    fi
+
+    if [[ $server_result != 0 ]]
+    then
+        echo "Server Error"
+        exit $server_result
+    fi
+
+  done   # end client auth loop
+done  # end non dsa suite list
+echo -e "Non DSA Loop SUCCESS"
+
+
+
+# DSA suites
+for suite in {"DHE-DSS-AES256-SHA","DHE-DSS-AES128-SHA","DHE-DSS-AES256-RMD","DHE-DSS-AES128-RMD","DHE-DSS-DES-CBC3-RMD","EDH-DSS-DES-CBC3-SHA","EDH-DSS-DES-CBC-SHA"}
+do
+  for client_auth in {y,n}
+  do
+    echo "Trying $suite client auth = $client_auth ..."
+
+    if test -e server_ready; then
+        echo -e "removing exisitng server_ready file"
+        rm server_ready
+    fi
+    # d signifies DSA
+    ../examples/server/server $client_auth d &
+    server_pid=$!
+
+    while [ ! -s server_ready ]; do
+        echo -e "waiting for server_ready file..."
+        sleep 0.1
+    done
+
+    ../examples/client/client $suite
+    client_result=$?
+
+    wait $server_pid
+    server_result=$?
+
+    server_pid=$no_pid
+
+    if [[ $client_result != 0 ]]
+    then
+        echo "Client Error"
+        exit $client_result
+    fi
+
+    if [[ $server_result != 0 ]]
+    then
+        echo "Server Error"
+        exit $server_result
+    fi
+
+  done   # end client auth loop
+done  # end dsa suite list
+echo -e "DSA Loop SUCCESS"
+
+exit 0
diff --git a/extra/yassl/testsuite/test.hpp b/extra/yassl/testsuite/test.hpp
index 33f398ae269..52f6ed79526 100644
--- a/extra/yassl/testsuite/test.hpp
+++ b/extra/yassl/testsuite/test.hpp
@@ -131,9 +131,10 @@ struct func_args {
     int    argc;
     char** argv;
     int    return_code;
+    const char* file_ready;
     tcp_ready* signal_;
 
-    func_args(int c = 0, char** v = 0) : argc(c), argv(v) {}
+    func_args(int c = 0, char** v = 0) : argc(c), argv(v), file_ready(0) {}
 
     void SetSignal(tcp_ready* p) { signal_ = p; }
 };
@@ -146,6 +147,7 @@ void join_thread(THREAD_TYPE);
 // yaSSL
 const char* const    yasslIP      = "127.0.0.1";
 const unsigned short yasslPort    =  11111;
+const unsigned short proxyPort    =  12345;
 
 
 // client
@@ -172,13 +174,13 @@ const char* const svrKey3  = "../../../certs/server-key.pem";
 
 // server dsa
 const char* const dsaCert = "../certs/dsa-cert.pem";
-const char* const dsaKey  = "../certs/dsa512.der";
+const char* const dsaKey  = "../certs/dsa1024.der";
 
 const char* const dsaCert2 = "../../certs/dsa-cert.pem";
-const char* const dsaKey2  = "../../certs/dsa512.der";
+const char* const dsaKey2  = "../../certs/dsa1024.der";
 
 const char* const dsaCert3 = "../../../certs/dsa-cert.pem";
-const char* const dsaKey3  = "../../../certs/dsa512.der";
+const char* const dsaKey3  = "../../../certs/dsa1024.der";
 
 
 // CA 
@@ -222,6 +224,13 @@ inline void store_ca(SSL_CTX* ctx)
         if (SSL_CTX_load_verify_locations(ctx, certSuite, 0) != SSL_SUCCESS)
             if (SSL_CTX_load_verify_locations(ctx, certDebug,0) != SSL_SUCCESS)
                 err_sys("failed to use certificate: certs/client-cert.pem");
+
+    // DSA cert 
+    if (SSL_CTX_load_verify_locations(ctx, dsaCert, 0) != SSL_SUCCESS)
+        if (SSL_CTX_load_verify_locations(ctx, dsaCert2, 0) != SSL_SUCCESS)
+            if (SSL_CTX_load_verify_locations(ctx, dsaCert3, 0) != SSL_SUCCESS)
+                err_sys("failed to use certificate: certs/dsa-cert.pem");
+
 }
 
 
@@ -298,7 +307,7 @@ inline void set_dsaServerCerts(SSL_CTX* ctx)
             != SSL_SUCCESS) 
                 if (SSL_CTX_use_PrivateKey_file(ctx, dsaKey3,SSL_FILETYPE_ASN1)
                     != SSL_SUCCESS) 
-                    err_sys("failed to use key file: certs/dsa512.der");
+                    err_sys("failed to use key file: certs/dsa1024.der");
 }
 
 
@@ -310,6 +319,12 @@ inline void set_args(int& argc, char**& argv, func_args& args)
 }
 
 
+inline void set_file_ready(const char* name, func_args& args)
+{
+    args.file_ready = name;
+}
+
+
 inline void tcp_set_nonblocking(SOCKET_T& sockfd)
 {
 #ifdef NON_BLOCKING
@@ -349,7 +364,11 @@ inline void tcp_socket(SOCKET_T& sockfd, SOCKADDR_IN_T& addr)
         */   // end external testing later
 #else
     addr.sin_family = AF_INET_V;
+#ifdef YASSL_PROXY_PORT
+    addr.sin_port = htons(proxyPort);
+#else
     addr.sin_port = htons(yasslPort);
+#endif
     addr.sin_addr.s_addr = inet_addr(yasslIP);
 #endif
 
@@ -401,6 +420,16 @@ inline void tcp_listen(SOCKET_T& sockfd)
 }
 
 
+inline void create_ready_file(func_args& args)
+{
+    FILE* f = fopen(args.file_ready, "w+");
+
+    if (f) {
+        fputs("ready", f);
+        fclose(f);
+    }
+}
+
 
 inline void tcp_accept(SOCKET_T& sockfd, SOCKET_T& clientfd, func_args& args)
 {
@@ -418,6 +447,9 @@ inline void tcp_accept(SOCKET_T& sockfd, SOCKET_T& clientfd, func_args& args)
     pthread_mutex_unlock(&ready.mutex_);
 #endif
 
+    if (args.file_ready)
+        create_ready_file(args);
+
     clientfd = accept(sockfd, (sockaddr*)&client, (ACCEPT_THIRD_T)&client_len);
 
     if (clientfd == (SOCKET_T) -1) {
author	Sergei Golubchik <serg@mariadb.org>	2015-02-11 23:50:40 +0100
committer	Sergei Golubchik <serg@mariadb.org>	2015-02-11 23:50:40 +0100
commit	8e80f91fa3e584d6b681bfbb4664e80a255af866 (patch)
tree	af4f13f6f0290ee72b33a0642aa7c03e4e5fcd1c /extra/yassl/testsuite
parent	63108dc9d2cc9f31ae9927817652be465a17f767 (diff)
parent	3ee8aa216d55b858ba9e53874359dcac9a82933a (diff)
download	mariadb-git-8e80f91fa3e584d6b681bfbb4664e80a255af866.tar.gz