summaryrefslogtreecommitdiff
path: root/mysql-test/t/openssl_1.test
diff options
context:
space:
mode:
Diffstat (limited to 'mysql-test/t/openssl_1.test')
-rw-r--r--mysql-test/t/openssl_1.test268
1 files changed, 0 insertions, 268 deletions
diff --git a/mysql-test/t/openssl_1.test b/mysql-test/t/openssl_1.test
deleted file mode 100644
index a3db700f787..00000000000
--- a/mysql-test/t/openssl_1.test
+++ /dev/null
@@ -1,268 +0,0 @@
-# Tests for SSL connections, only run if mysqld is compiled
-# with support for SSL.
-
--- source include/have_ssl_communication.inc
-
-# Save the initial number of concurrent sessions
---source include/count_sessions.inc
-
-set local sql_mode="";
-set global sql_mode="";
-
---disable_warnings
-drop table if exists t1;
---enable_warnings
-create table t1(f1 int);
-insert into t1 values (5);
-
-grant select on test.* to ssl_user1@localhost require SSL;
-grant select on test.* to ssl_user2@localhost require cipher "AES256-SHA";
-grant select on test.* to ssl_user3@localhost require cipher "AES256-SHA" AND SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client";
-grant select on test.* to ssl_user4@localhost require cipher "AES256-SHA" AND SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client" ISSUER "/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB";
-grant select on test.* to ssl_user5@localhost require cipher "AES256-SHA" AND SUBJECT "xxx";
-flush privileges;
-
-connect (con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA);
---replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
---error ER_ACCESS_DENIED_ERROR
-connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA);
-connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA);
-connect (con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA);
-connect (con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA);
---replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
---error ER_ACCESS_DENIED_ERROR
-connect (con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA);
-
-connection con1;
-# Check ssl turned on
-SHOW STATUS LIKE 'Ssl_cipher';
-select * from t1;
---error ER_TABLEACCESS_DENIED_ERROR
-delete from t1;
-
-connection con2;
-# Check ssl turned on
-SHOW STATUS LIKE 'Ssl_cipher';
-select * from t1;
---error ER_TABLEACCESS_DENIED_ERROR
-delete from t1;
-
-connection con3;
-# Check ssl turned on
-SHOW STATUS LIKE 'Ssl_cipher';
-select * from t1;
---error ER_TABLEACCESS_DENIED_ERROR
-delete from t1;
-
-connection con4;
-# Check ssl turned on
-SHOW STATUS LIKE 'Ssl_cipher';
-select * from t1;
---error ER_TABLEACCESS_DENIED_ERROR
-delete from t1;
-
-connection default;
-disconnect con1;
-disconnect con2;
-disconnect con3;
-disconnect con4;
-drop user ssl_user1@localhost, ssl_user2@localhost,
-ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost;
-
-drop table t1;
-
-# End of 4.1 tests
-
-#
-# Test that we can't open connection to server if we are using
-# a different cacert
-#
---exec echo "this query should not execute;" > $MYSQLTEST_VARDIR/tmp/test.sql
-# Handle that openssl gives different error messages from YaSSL.
---replace_regex /2026 SSL connection error.*/2026 SSL connection error: xxxx/
---error 1
---exec $MYSQL_TEST --ssl-ca=$MYSQL_TEST_DIR/std_data/untrusted-cacert.pem --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
---echo
-
-#
-# Test that we can't open connection to server if we are using
-# a blank ca
-#
---replace_regex /2026 SSL connection error.*/2026 SSL connection error: xxxx/
---error 1
---exec $MYSQL_TEST --ssl-ca= --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
---echo
-
-#
-# Test that we can't open connection to server if we are using
-# a nonexistent ca file
-#
---replace_regex /2026 SSL connection error.*/2026 SSL connection error: xxxx/
---error 1
---exec $MYSQL_TEST --ssl-ca=nonexisting_file.pem --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
---echo
-
-#
-# Test that we can't open connection to server if we are using
-# a blank client-key
-#
---replace_regex /2026 SSL connection error.*/2026 SSL connection error: xxxx/
---error 1
---exec $MYSQL_TEST --ssl-key= --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
---echo
-
-#
-# Test that we can't open connection to server if we are using
-# a blank client-cert
-#
---replace_regex /2026 SSL connection error.*/2026 SSL connection error: xxxx/
---error 1
---exec $MYSQL_TEST --ssl-cert= --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
---echo
-
-#
-# Bug#21611 Slave can't connect when master-ssl-cipher specified
-# - Apparently selecting a cipher doesn't work at all
-# - Use a cipher that both yaSSL and OpenSSL supports
-#
---exec echo "SHOW STATUS LIKE 'Ssl_cipher'; exit;" > $MYSQLTEST_VARDIR/tmp/test.sql
---exec $MYSQL_TEST --ssl-cipher=AES256-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
-
-#
-# Bug#25309 SSL connections without CA certificate broken since MySQL 5.0.23
-#
-# Test that we can open encrypted connection to server without
-# verification of servers certificate by setting both ca certificate
-# and ca path to NULL
-#
---exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'" 2>&1
---echo End of 5.0 tests
-
-#
-# Bug#26174 Server Crash: INSERT ... SELECT ... FROM I_S.GLOBAL_STATUS in
-# Event (see also information_schema.test for the other part of test for
-# this bug).
-#
---disable_warnings
-DROP TABLE IF EXISTS thread_status;
-DROP EVENT IF EXISTS event_status;
---enable_warnings
-
-SET GLOBAL event_scheduler=1;
-
-DELIMITER $$;
-
-CREATE EVENT event_status
- ON SCHEDULE AT NOW()
- ON COMPLETION NOT PRESERVE
- DO
-BEGIN
- CREATE TABLE thread_status
- SELECT variable_name, variable_value
- FROM information_schema.session_status
- WHERE variable_name LIKE 'SSL_ACCEPTS' OR
- variable_name LIKE 'SSL_CALLBACK_CACHE_HITS';
-END$$
-
-DELIMITER ;$$
-
-let $wait_condition=select count(*) = 0 from information_schema.events where event_name='event_status';
---source include/wait_condition.inc
-
-# The actual value doesn't matter and can vary based on test ordering and on ssl library.
---replace_column 2 #
-SELECT variable_name, variable_value FROM thread_status;
-
-DROP TABLE thread_status;
-SET GLOBAL event_scheduler=0;
-
-#
-# Test to connect using a list of ciphers
-#
---exec echo "SHOW STATUS LIKE 'Ssl_cipher'; exit;" > $MYSQLTEST_VARDIR/tmp/test.sql
---exec $MYSQL_TEST --ssl-cipher=UNKNOWN-CIPHER:AES128-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
-
-
-# Test to connect using a specifi cipher
-#
---exec echo "SHOW STATUS LIKE 'Ssl_cipher'; exit;" > $MYSQLTEST_VARDIR/tmp/test.sql
---exec $MYSQL_TEST --ssl-cipher=AES128-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
-
-# Test to connect using an unknown cipher
-#
---exec echo "SHOW STATUS LIKE 'Ssl_cipher'; exit" > $MYSQLTEST_VARDIR/tmp/test.sql
---replace_regex /2026 SSL connection error.*/2026 SSL connection error: xxxx/
---error 1
---exec $MYSQL_TEST --ssl-cipher=UNKNOWN-CIPHER < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
-
-#
-# Bug#27669 mysqldump: SSL connection error when trying to connect
-#
-
-CREATE TABLE t1(a int);
-INSERT INTO t1 VALUES (1), (2);
-
-# Run mysqldump
---exec $MYSQL_DUMP --skip-create-options --skip-comments --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test t1
-
---exec $MYSQL_DUMP --skip-create-options --skip-comments --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test
-
---exec $MYSQL_DUMP --skip-create-options --skip-comments --ssl --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test
-
-# With wrong parameters
---replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR mysqldump.exe mysqldump
---replace_regex /\"SSL connection error.*/SSL connection error: xxxx/
---error 2
---exec $MYSQL_DUMP --skip-create-options --skip-comments --ssl --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test 2>&1
---echo
-DROP TABLE t1;
---remove_file $MYSQLTEST_VARDIR/tmp/test.sql
-
-#
-# Bug#39172 Asking for DH+non-RSA key with server set to use other key caused
-# YaSSL to crash the server.
-#
-
-# Common ciphers to openssl and yassl
---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES256-SHA
---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES128-SHA
---disable_query_log
---disable_result_log
-
-# Below here caused crashes. ################
---error 1,0
---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl-cipher';" --ssl-cipher=NOT----EXIST
-# These probably exist but the server's keys can't be used to accept these kinds of connections.
---error 1,0
---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl-cipher';" --ssl-cipher=AES128-RMD
-
-# If this gives a result, then the bug is fixed.
---enable_result_log
---enable_query_log
-select 'is still running; no cipher request crashed the server' as result from dual;
-
-#
-# Bug#42158: leak: SSL_get_peer_certificate() doesn't have matching X509_free()
-#
-
-GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509;
-FLUSH PRIVILEGES;
-connect(con1,localhost,bug42158,,,,,SSL);
-SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
-disconnect con1;
-connection default;
-DROP USER bug42158@localhost;
-
-set global sql_mode=default;
---echo End of 5.1 tests
-
-#
-# MDEV-9605 mysqlbinlog does not accept ssl-ca option as expected.
-#
-
---replace_regex /SSL connection error:.*/SSL connection error/
---error 1
---exec $MYSQL_BINLOG --read-from-remote-server --ssl-ca --user=root --host=localhost nobinlog.111111 2>&1
-
-# Wait till we reached the initial number of concurrent sessions
---source include/wait_until_count_sessions.inc
View Lorry Controller Status