mirror of
https://github.com/MariaDB/server.git
synced 2026-05-15 19:37:16 +02:00
Openssl test
This commit is contained in:
gluh@gluh.mysql.r18.ru
parent
045ac4b84b
commit
00314bfd88
7 changed files with 99 additions and 11 deletions
|
|
@ -1,4 +1,4 @@
|
|||
-- require r/have_openssl_1.require
|
||||
disable_query_log;
|
||||
show variables like "have_openssl";
|
||||
SHOW STATUS LIKE 'Ssl_cipher';
|
||||
enable_query_log;
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@ CHARACTER_SET=latin1
|
|||
DBUSER=""
|
||||
START_WAIT_TIMEOUT=10
|
||||
STOP_WAIT_TIMEOUT=10
|
||||
MYSQL_TEST_SSL_OPTS=""
|
||||
|
||||
while test $# -gt 0; do
|
||||
case "$1" in
|
||||
|
|
@ -237,7 +238,10 @@ while test $# -gt 0; do
|
|||
EXTRA_SLAVE_MYSQLD_OPT="$EXTRA_SLAVE_MYSQLD_OPT \
|
||||
--ssl-ca=$BASEDIR/SSL/cacert.pem \
|
||||
--ssl-cert=$BASEDIR/SSL/server-cert.pem \
|
||||
--ssl-key=$BASEDIR/SSL/server-key.pem" ;;
|
||||
--ssl-key=$BASEDIR/SSL/server-key.pem"
|
||||
MYSQL_TEST_SSL_OPTS="--ssl-ca=$BASEDIR/SSL/cacert.pem \
|
||||
--ssl-cert=$BASEDIR/SSL/client-cert.pem \
|
||||
--ssl-key=$BASEDIR/SSL/client-key.pem" ;;
|
||||
--no-manager | --skip-manager) USE_MANAGER=0 ;;
|
||||
--manager)
|
||||
USE_MANAGER=1
|
||||
|
|
@ -489,7 +493,7 @@ fi
|
|||
|
||||
MYSQL_TEST_ARGS="--no-defaults --socket=$MASTER_MYSOCK --database=$DB \
|
||||
--user=$DBUSER --password=$DBPASSWD --silent -v --skip-safemalloc \
|
||||
--tmpdir=$MYSQL_TMP_DIR --port=$MASTER_MYPORT"
|
||||
--tmpdir=$MYSQL_TMP_DIR --port=$MASTER_MYPORT $MYSQL_TEST_SSL_OPTS"
|
||||
MYSQL_TEST_BIN=$MYSQL_TEST
|
||||
MYSQL_TEST="$MYSQL_TEST $MYSQL_TEST_ARGS"
|
||||
GDB_CLIENT_INIT=$MYSQL_TMP_DIR/gdbinit.client
|
||||
|
|
|
|||
|
|
@ -1,2 +1,2 @@
|
|||
Variable_name Value
|
||||
have_openssl YES
|
||||
Ssl_cipher EDH-RSA-DES-CBC3-SHA
|
||||
|
|
|
|||
|
|
@ -1,2 +1,32 @@
|
|||
SHOW STATUS LIKE 'SSL%';
|
||||
Variable_name Value
|
||||
drop table if exists t1;
|
||||
create table t1(f1 int);
|
||||
insert into t1 values (5);
|
||||
grant select on test.* to ssl_user1@localhost require SSL;
|
||||
grant select on test.* to ssl_user2@localhost require cipher "EDH-RSA-DES-CBC3-SHA";
|
||||
grant select on test.* to ssl_user3@localhost require cipher "EDH-RSA-DES-CBC3-SHA" AND SUBJECT "/C=RU/L=orenburg/O=MySQL AB/OU=client/CN=walrus/Email=walrus@mysql.com";
|
||||
grant select on test.* to ssl_user4@localhost require cipher "EDH-RSA-DES-CBC3-SHA" AND SUBJECT "/C=RU/L=orenburg/O=MySQL AB/OU=client/CN=walrus/Email=walrus@mysql.com" ISSUER "/C=RU/ST=Some-State/L=Orenburg/O=MySQL AB/CN=Walrus/Email=walrus@mysql.com";
|
||||
flush privileges;
|
||||
select * from t1;
|
||||
f1
|
||||
5
|
||||
delete from t1;
|
||||
Access denied for user: 'ssl_user1@localhost' to database 'test'
|
||||
select * from t1;
|
||||
f1
|
||||
5
|
||||
delete from t1;
|
||||
Access denied for user: 'ssl_user2@localhost' to database 'test'
|
||||
select * from t1;
|
||||
f1
|
||||
5
|
||||
delete from t1;
|
||||
Access denied for user: 'ssl_user3@localhost' to database 'test'
|
||||
select * from t1;
|
||||
f1
|
||||
5
|
||||
delete from t1;
|
||||
Access denied for user: 'ssl_user4@localhost' to database 'test'
|
||||
delete from mysql.user where user='ssl_user%';
|
||||
delete from mysql.db where user='ssl_user%';
|
||||
flush privileges;
|
||||
drop table t1;
|
||||
|
|
|
|||
|
|
@ -1,6 +1,43 @@
|
|||
# We test openssl. Result set is optimized to be compiled with --with-openssl but
|
||||
# SSL is swithced off in some reason
|
||||
-- source include/have_openssl_2.inc
|
||||
# We test openssl. Result set is optimized to be compiled with --with-openssl.
|
||||
# Use mysql-test-run with --with-openssl option.
|
||||
-- source include/have_openssl_1.inc
|
||||
|
||||
SHOW STATUS LIKE 'SSL%';
|
||||
drop table if exists t1;
|
||||
create table t1(f1 int);
|
||||
insert into t1 values (5);
|
||||
|
||||
grant select on test.* to ssl_user1@localhost require SSL;
|
||||
grant select on test.* to ssl_user2@localhost require cipher "EDH-RSA-DES-CBC3-SHA";
|
||||
grant select on test.* to ssl_user3@localhost require cipher "EDH-RSA-DES-CBC3-SHA" AND SUBJECT "/C=RU/L=orenburg/O=MySQL AB/OU=client/CN=walrus/Email=walrus@mysql.com";
|
||||
grant select on test.* to ssl_user4@localhost require cipher "EDH-RSA-DES-CBC3-SHA" AND SUBJECT "/C=RU/L=orenburg/O=MySQL AB/OU=client/CN=walrus/Email=walrus@mysql.com" ISSUER "/C=RU/ST=Some-State/L=Orenburg/O=MySQL AB/CN=Walrus/Email=walrus@mysql.com";
|
||||
flush privileges;
|
||||
connect (con1,localhost,ssl_user1,,);
|
||||
connect (con2,localhost,ssl_user2,,);
|
||||
connect (con3,localhost,ssl_user3,,);
|
||||
connect (con4,localhost,ssl_user4,,);
|
||||
|
||||
connection con1;
|
||||
select * from t1;
|
||||
--error 1044;
|
||||
delete from t1;
|
||||
|
||||
connection con2;
|
||||
select * from t1;
|
||||
--error 1044;
|
||||
delete from t1;
|
||||
|
||||
connection con3;
|
||||
select * from t1;
|
||||
--error 1044;
|
||||
delete from t1;
|
||||
|
||||
connection con4;
|
||||
select * from t1;
|
||||
--error 1044;
|
||||
delete from t1;
|
||||
|
||||
connection default;
|
||||
delete from mysql.user where user='ssl_user%';
|
||||
delete from mysql.db where user='ssl_user%';
|
||||
flush privileges;
|
||||
drop table t1;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue