diff options
| author | Michael Widenius <monty@mariadb.org> | 2018-03-09 14:05:35 +0200 |
|---|---|---|
| committer | Monty <monty@mariadb.org> | 2018-03-29 13:59:44 +0300 |
| commit | a7abddeffa6a760ce948c2dfb007cdf3f1a369d5 (patch) | |
| tree | 70eb743fa965a17380bbc0ac88ae79ca1075b896 /mysql-test/main/openssl_6975.test | |
| parent | ab1941266c59a19703a74b5593cf3f508a5752d7 (diff) | |
| download | mariadb-git-a7abddeffa6a760ce948c2dfb007cdf3f1a369d5.tar.gz | |
Create 'main' test directory and move 't' and 'r' there
Diffstat (limited to 'mysql-test/main/openssl_6975.test')
| -rw-r--r-- | mysql-test/main/openssl_6975.test | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/mysql-test/main/openssl_6975.test b/mysql-test/main/openssl_6975.test new file mode 100644 index 00000000000..6a82d013fb6 --- /dev/null +++ b/mysql-test/main/openssl_6975.test @@ -0,0 +1,43 @@ +# +# MDEV-6975 Implement TLS protocol +# +# test SSLv3 and TLSv1.2 ciphers when OpenSSL is restricted to SSLv3 or TLSv1.2 +# +source include/have_ssl_communication.inc; +source include/require_openssl_client.inc; + +# this is OpenSSL test. + +create user ssl_sslv3@localhost; +# grant select on test.* to ssl_sslv3@localhost require cipher "AES128-SHA"; +grant select on test.* to ssl_sslv3@localhost require cipher "AES128-SHA"; +create user ssl_tls12@localhost; +grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256"; + +let $mysql=$MYSQL --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1; + +disable_abort_on_error; +echo TLS1.2 ciphers: user is ok with any cipher; +exec $mysql --ssl-cipher=AES128-SHA256; +--replace_result DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384 +exec $mysql --ssl-cipher=TLSv1.2; +echo TLS1.2 ciphers: user requires SSLv3 cipher AES128-SHA; +exec $mysql --user ssl_sslv3 --ssl-cipher=AES128-SHA256; +exec $mysql --user ssl_sslv3 --ssl-cipher=TLSv1.2; +echo TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256; +exec $mysql --user ssl_tls12 --ssl-cipher=AES128-SHA256; +exec $mysql --user ssl_tls12 --ssl-cipher=TLSv1.2; + +echo SSLv3 ciphers: user is ok with any cipher; +exec $mysql --ssl-cipher=AES256-SHA; +exec $mysql --ssl-cipher=SSLv3; +echo SSLv3 ciphers: user requires SSLv3 cipher AES128-SHA; +exec $mysql --user ssl_sslv3 --ssl-cipher=AES128-SHA; +exec $mysql --user ssl_sslv3 --ssl-cipher=SSLv3; +echo SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256; +exec $mysql --user ssl_tls12 --ssl-cipher=AES128-SHA; +exec $mysql --user ssl_tls12 --ssl-cipher=SSLv3; + +drop user ssl_sslv3@localhost; +drop user ssl_tls12@localhost; + |