1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
--TEST--
Bug #51647 (Certificate file without private key (pk in another file) doesn't work)
--SKIPIF--
<?php
require_once('skipif.inc');
require_once('skipifconnectfailure.inc');
require_once("connect.inc");
if ($IS_MYSQLND && !extension_loaded("openssl"))
die("skip PHP streams lack support for SSL. mysqli is compiled to use mysqlnd which uses PHP streams in turn.");
if (!($link = @my_mysqli_connect($host, $user, $passwd, $db, $port, $socket)))
die(sprintf("skip Connect failed, [%d] %s", mysqli_connect_errno(), mysqli_connect_error()));
$row = NULL;
if ($res = $link->query('SHOW VARIABLES LIKE "have_ssl"')) {
$row = $res->fetch_row();
} else {
if ($link->errno == 1064 && ($res = $link->query("SHOW VARIABLES"))) {
while ($row = $res->fetch_row())
if ($row[0] == 'have_ssl')
break;
} else {
die(sprintf("skip Failed to test for MySQL SSL support, [%d] %s", $link->errno, $link->error));
}
}
if (empty($row))
die(sprintf("skip Failed to test for MySQL SSL support, [%d] %s", $link->errno, $link->error));
if (($row[1] == 'NO') || ($row[1] == 'DISABLED'))
die(sprintf("skip MySQL has no SSL support, [%d] %s", $link->errno, $link->error));
$link->close();
?>
--FILE--
<?php
include ("connect.inc");
if (!is_object($link = mysqli_init()))
printf("[001] Cannot create link\n");
if (!my_mysqli_real_connect($link, $host, $user, $passwd, $db, $port, $socket, MYSQLI_CLIENT_SSL | MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT)) {
printf("[003] Connect failed, [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error());
}
if (!$res = $link->query('SHOW STATUS like "Ssl_cipher"')) {
if (1064 == $link->errno) {
/* ERROR 1064 (42000): You have an error in your SQL syntax; = sql strict mode */
if ($res = $link->query("SHOW STATUS")) {
while ($row = $res->fetch_assoc())
if ($row['Variable_name'] == 'Ssl_cipher')
break;
} else {
printf("[005] [%d] %s\n", $link->errno, $link->error);
}
} else {
printf("[004] [%d] %s\n", $link->errno, $link->error);
}
} else {
if (!$row = $res->fetch_assoc())
printf("[006] [%d] %s\n", $link->errno, $link->error);
if (!strlen($row["Value"]))
printf("[007] Empty cipher. No encrytion!");
var_dump($row);
}
$link->close();
if (!is_object($link = mysqli_init()))
printf("[008] Cannot create link\n");
if (!my_mysqli_real_connect($link, $host, $user, $passwd, $db, $port, $socket, MYSQLI_CLIENT_SSL)) {
printf("[009] Connect failed, [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error());
}
if (!$res = $link->query('SHOW STATUS like "Ssl_cipher"')) {
if (1064 == $link->errno) {
/* ERROR 1064 (42000): You have an error in your SQL syntax; = sql strict mode */
if ($res = $link->query("SHOW STATUS")) {
while ($row = $res->fetch_assoc())
if ($row['Variable_name'] == 'Ssl_cipher')
break;
} else {
printf("[010] [%d] %s\n", $link->errno, $link->error);
}
} else {
printf("[011] [%d] %s\n", $link->errno, $link->error);
}
} else {
if (!$row = $res->fetch_assoc())
printf("[012] [%d] %s\n", $link->errno, $link->error);
if (!strlen($row["Value"]))
printf("[013] Empty cipher. No encrytion!");
var_dump($row);
}
$link->close();
print "done!";
?>
--EXPECTF--
array(2) {
["Variable_name"]=>
string(10) "Ssl_cipher"
["Value"]=>
string(%d) "%S"
}
array(2) {
["Variable_name"]=>
string(10) "Ssl_cipher"
["Value"]=>
string(%d) "%S"
}
done!
|
