From aec7927c8e688ecb42683714f095deb6e95f1384 Mon Sep 17 00:00:00 2001 From: "msvensson@pilot.blaudden" <> Date: Wed, 28 Mar 2007 12:23:55 +0200 Subject: Bug#25309 SSL connections without CA certificate broken since MySQL 5.0.23 - Turn off verification of peer if both ca_path and ca_file is null i.e from only passing --ssl-key= and --ssl-cert= to the mysql utility programs. The server will authenticate the client accoring to GRANT tables but the client won't authenticate the server --- mysql-test/r/openssl_1.result | 2 ++ mysql-test/t/openssl_1.test | 9 ++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) (limited to 'mysql-test') diff --git a/mysql-test/r/openssl_1.result b/mysql-test/r/openssl_1.result index 34d8e3ab768..92900ac1a83 100644 --- a/mysql-test/r/openssl_1.result +++ b/mysql-test/r/openssl_1.result @@ -51,3 +51,5 @@ SSL error: Unable to get private key from '' mysqltest: Could not open connection 'default': 2026 SSL connection error SSL error: Unable to get certificate from '' mysqltest: Could not open connection 'default': 2026 SSL connection error +Variable_name Value +Ssl_cipher DHE-RSA-AES256-SHA diff --git a/mysql-test/t/openssl_1.test b/mysql-test/t/openssl_1.test index 3d614514de3..2eb3251c862 100644 --- a/mysql-test/t/openssl_1.test +++ b/mysql-test/t/openssl_1.test @@ -95,4 +95,11 @@ drop table t1; --error 1 --exec $MYSQL_TEST --ssl-cert= --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 - +# +# Bug#25309 SSL connections without CA certificate broken since MySQL 5.0.23 +# +# Test that we can open encrypted connection to server without +# verification of servers certificate by setting both ca certificate +# and ca path to NULL +# +--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1 -- cgit v1.2.1