summaryrefslogtreecommitdiff
path: root/mysql-test
diff options
context:
space:
mode:
Diffstat (limited to 'mysql-test')
-rw-r--r--mysql-test/include/require_openssl_client.inc5
-rwxr-xr-xmysql-test/mysql-test-run.pl5
-rw-r--r--mysql-test/r/openssl_1.result2
-rw-r--r--mysql-test/r/openssl_6975,tlsv10.result10
-rw-r--r--mysql-test/r/openssl_6975,tlsv12.result6
-rw-r--r--mysql-test/t/openssl_1.test2
-rw-r--r--mysql-test/t/openssl_6975.test19
-rw-r--r--mysql-test/t/ssl_7937.test2
-rw-r--r--mysql-test/t/ssl_8k_key.test1
9 files changed, 33 insertions, 19 deletions
diff --git a/mysql-test/include/require_openssl_client.inc b/mysql-test/include/require_openssl_client.inc
new file mode 100644
index 00000000000..9b19960041b
--- /dev/null
+++ b/mysql-test/include/require_openssl_client.inc
@@ -0,0 +1,5 @@
+if ($CLIENT_TLS_LIBRARY != "OpenSSL") {
+ if ($CLIENT_TLS_LIBRARY != "LibreSSL") {
+ skip "Test requires Connector/C with OpenSSL library";
+ }
+}
diff --git a/mysql-test/mysql-test-run.pl b/mysql-test/mysql-test-run.pl
index 4fe0c253a78..60d18b177d7 100755
--- a/mysql-test/mysql-test-run.pl
+++ b/mysql-test/mysql-test-run.pl
@@ -2276,6 +2276,11 @@ sub environment_setup {
$ENV{'MYSQL_PLUGIN'}= $exe_mysql_plugin;
$ENV{'MYSQL_EMBEDDED'}= $exe_mysql_embedded;
+ my $client_config_exe=
+ native_path("$bindir/libmariadb/mariadb_config$opt_vs_config/mariadb_config");
+ my $tls_info= `$client_config_exe --tlsinfo`;
+ ($ENV{CLIENT_TLS_LIBRARY},$ENV{CLIENT_TLS_LIBRARY_VERSION})=
+ split(/ /, $tls_info, 2);
my $exe_mysqld= find_mysqld($basedir);
$ENV{'MYSQLD'}= $exe_mysqld;
my $extra_opts= join (" ", @opt_extra_mysqld_opt);
diff --git a/mysql-test/r/openssl_1.result b/mysql-test/r/openssl_1.result
index f28c399ce74..5495f8ffd34 100644
--- a/mysql-test/r/openssl_1.result
+++ b/mysql-test/r/openssl_1.result
@@ -209,7 +209,7 @@ DROP TABLE t1;
Variable_name Value
Ssl_cipher AES256-SHA
Variable_name Value
-Ssl_cipher DES-CBC3-SHA
+Ssl_cipher AES128-SHA
select 'is still running; no cipher request crashed the server' as result from dual;
result
is still running; no cipher request crashed the server
diff --git a/mysql-test/r/openssl_6975,tlsv10.result b/mysql-test/r/openssl_6975,tlsv10.result
index a65167ff427..b76a91bd134 100644
--- a/mysql-test/r/openssl_6975,tlsv10.result
+++ b/mysql-test/r/openssl_6975,tlsv10.result
@@ -1,11 +1,11 @@
create user ssl_sslv3@localhost;
-grant select on test.* to ssl_sslv3@localhost require cipher "RC4-SHA";
+grant select on test.* to ssl_sslv3@localhost require cipher "AES128-SHA";
create user ssl_tls12@localhost;
grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256";
TLS1.2 ciphers: user is ok with any cipher
ERROR 2026 (HY000): SSL connection error: sslv3 alert handshake failure
ERROR 2026 (HY000): SSL connection error: sslv3 alert handshake failure
-TLS1.2 ciphers: user requires SSLv3 cipher RC4-SHA
+TLS1.2 ciphers: user requires SSLv3 cipher AES128-SHA
ERROR 2026 (HY000): SSL connection error: sslv3 alert handshake failure
ERROR 2026 (HY000): SSL connection error: sslv3 alert handshake failure
TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256
@@ -13,12 +13,12 @@ ERROR 2026 (HY000): SSL connection error: sslv3 alert handshake failure
ERROR 2026 (HY000): SSL connection error: sslv3 alert handshake failure
SSLv3 ciphers: user is ok with any cipher
Variable_name Value
-Ssl_cipher RC4-SHA
+Ssl_cipher AES256-SHA
Variable_name Value
Ssl_cipher DHE-RSA-AES256-SHA
-SSLv3 ciphers: user requires SSLv3 cipher RC4-SHA
+SSLv3 ciphers: user requires SSLv3 cipher AES128-SHA
Variable_name Value
-Ssl_cipher RC4-SHA
+Ssl_cipher AES128-SHA
ERROR 1045 (28000): Access denied for user 'ssl_sslv3'@'localhost' (using password: NO)
SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256
ERROR 1045 (28000): Access denied for user 'ssl_tls12'@'localhost' (using password: NO)
diff --git a/mysql-test/r/openssl_6975,tlsv12.result b/mysql-test/r/openssl_6975,tlsv12.result
index 8758daa7011..c16e503c339 100644
--- a/mysql-test/r/openssl_6975,tlsv12.result
+++ b/mysql-test/r/openssl_6975,tlsv12.result
@@ -1,5 +1,5 @@
create user ssl_sslv3@localhost;
-grant select on test.* to ssl_sslv3@localhost require cipher "RC4-SHA";
+grant select on test.* to ssl_sslv3@localhost require cipher "AES128-SHA";
create user ssl_tls12@localhost;
grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256";
TLS1.2 ciphers: user is ok with any cipher
@@ -7,7 +7,7 @@ Variable_name Value
Ssl_cipher AES128-SHA256
Variable_name Value
Ssl_cipher DHE-RSA-AES256-GCM-SHA384
-TLS1.2 ciphers: user requires SSLv3 cipher RC4-SHA
+TLS1.2 ciphers: user requires SSLv3 cipher AES128-SHA
ERROR 1045 (28000): Access denied for user 'ssl_sslv3'@'localhost' (using password: NO)
ERROR 1045 (28000): Access denied for user 'ssl_sslv3'@'localhost' (using password: NO)
TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256
@@ -17,7 +17,7 @@ ERROR 1045 (28000): Access denied for user 'ssl_tls12'@'localhost' (using passwo
SSLv3 ciphers: user is ok with any cipher
ERROR 2026 (HY000): SSL connection error: sslv3 alert handshake failure
ERROR 2026 (HY000): SSL connection error: sslv3 alert handshake failure
-SSLv3 ciphers: user requires SSLv3 cipher RC4-SHA
+SSLv3 ciphers: user requires SSLv3 cipher AES128-SHA
ERROR 2026 (HY000): SSL connection error: sslv3 alert handshake failure
ERROR 2026 (HY000): SSL connection error: sslv3 alert handshake failure
SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256
diff --git a/mysql-test/t/openssl_1.test b/mysql-test/t/openssl_1.test
index 8e2d9133359..35bb7aca085 100644
--- a/mysql-test/t/openssl_1.test
+++ b/mysql-test/t/openssl_1.test
@@ -225,7 +225,7 @@ DROP TABLE t1;
# Common ciphers to openssl and yassl
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES256-SHA
---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=DES-CBC3-SHA
+--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES128-SHA
--disable_query_log
--disable_result_log
diff --git a/mysql-test/t/openssl_6975.test b/mysql-test/t/openssl_6975.test
index 6e8e03a0a89..6cf5d82cf54 100644
--- a/mysql-test/t/openssl_6975.test
+++ b/mysql-test/t/openssl_6975.test
@@ -4,11 +4,13 @@
# test SSLv3 and TLSv1.2 ciphers when OpenSSL is restricted to SSLv3 or TLSv1.2
#
source include/have_ssl_communication.inc;
+source include/require_openssl_client.inc;
# this is OpenSSL test.
create user ssl_sslv3@localhost;
-grant select on test.* to ssl_sslv3@localhost require cipher "RC4-SHA";
+# grant select on test.* to ssl_sslv3@localhost require cipher "AES128-SHA";
+grant select on test.* to ssl_sslv3@localhost require cipher "AES128-SHA";
create user ssl_tls12@localhost;
grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256";
@@ -18,8 +20,9 @@ disable_abort_on_error;
echo TLS1.2 ciphers: user is ok with any cipher;
exec $mysql --ssl-cipher=AES128-SHA256;
--replace_result DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-GCM-SHA384
-exec $mysql --ssl-cipher=TLSv1.2;
-echo TLS1.2 ciphers: user requires SSLv3 cipher RC4-SHA;
+--replace_result ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384
+exec $mysql --ssl-cipher=TLSv1.2
+echo TLS1.2 ciphers: user requires SSLv3 cipher AES128-SHA;
exec $mysql --user ssl_sslv3 --ssl-cipher=AES128-SHA256;
exec $mysql --user ssl_sslv3 --ssl-cipher=TLSv1.2;
echo TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256;
@@ -27,13 +30,13 @@ exec $mysql --user ssl_tls12 --ssl-cipher=AES128-SHA256;
exec $mysql --user ssl_tls12 --ssl-cipher=TLSv1.2;
echo SSLv3 ciphers: user is ok with any cipher;
-exec $mysql --ssl-cipher=RC4-SHA;
-exec $mysql --ssl-cipher=SSLv3;
-echo SSLv3 ciphers: user requires SSLv3 cipher RC4-SHA;
-exec $mysql --user ssl_sslv3 --ssl-cipher=RC4-SHA;
+exec $mysql --ssl-cipher=AES256-SHA;
+exec $mysql --ssl-cipher=DHE-RSA-AES256-SHA
+echo SSLv3 ciphers: user requires SSLv3 cipher AES128-SHA;
+exec $mysql --user ssl_sslv3 --ssl-cipher=AES128-SHA;
exec $mysql --user ssl_sslv3 --ssl-cipher=SSLv3;
echo SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256;
-exec $mysql --user ssl_tls12 --ssl-cipher=RC4-SHA;
+exec $mysql --user ssl_tls12 --ssl-cipher=AES128-SHA;
exec $mysql --user ssl_tls12 --ssl-cipher=SSLv3;
drop user ssl_sslv3@localhost;
diff --git a/mysql-test/t/ssl_7937.test b/mysql-test/t/ssl_7937.test
index 8e9d1901907..aa8cd225d7b 100644
--- a/mysql-test/t/ssl_7937.test
+++ b/mysql-test/t/ssl_7937.test
@@ -26,7 +26,7 @@ create procedure have_ssl()
# we fake the test result for yassl
let yassl=`select variable_value='Unknown' from information_schema.session_status where variable_name='Ssl_session_cache_mode'`;
if (!$yassl) {
- --replace_result "self signed certificate in certificate chain" "Failed to verify the server certificate"
+ --replace_result "self signed certificate in certificate chain" "Failed to verify the server certificate" "Error in the certificate." "Failed to verify the server certificate"
--exec $MYSQL --ssl --ssl-verify-server-cert -e "call test.have_ssl()" 2>&1
}
if ($yassl) {
diff --git a/mysql-test/t/ssl_8k_key.test b/mysql-test/t/ssl_8k_key.test
index 23267a3c611..299bfaf494d 100644
--- a/mysql-test/t/ssl_8k_key.test
+++ b/mysql-test/t/ssl_8k_key.test
@@ -1,4 +1,5 @@
# This test should work in embedded server after we fix mysqltest
+-- source include/require_openssl_client.inc
-- source include/not_embedded.inc
-- source include/have_ssl_communication.inc
View Lorry Controller Status