mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-11-04 04:46:15 +01:00
Code Issues Projects Releases Packages Wiki Activity
mariadb/mysql-test/main/ssl_crl_clients.test
Daniel Black 7afc6ee8bc MDEV-29615 mtr to use mariadb names
2022-10-21 18:37:13 +11:00

44 lines
2.2 KiB
Text
Raw Permalink Blame History

# This test should work in embedded server after we fix mysqltest
-- source include/not_embedded.inc
if (`SELECT COUNT(*) = 0 FROM information_schema.GLOBAL_VARIABLES
WHERE (VARIABLE_NAME ='version_compile_os' AND VARIABLE_VALUE LIKE 'Win%' OR
VARIABLE_NAME='have_openssl' AND VARIABLE_VALUE='YES')`)
{
skip Need openssl or Windows;
}
--echo # Test clients with and without CRL lists
let $ssl_base = --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem --ssl-verify-server-cert;
let $ssl_crl = $ssl_base --ssl-crl=$MYSQL_TEST_DIR/std_data/server-cert.crl;
let $ssl_crlpath = $ssl_base --ssl-crlpath=$MYSQL_TMP_DIR;
# See `openssl x509 -in server-cert.pem -noout -issuer_hash`
copy_file $MYSQL_TEST_DIR/std_data/server-cert.crl $MYSQL_TMP_DIR/ed1f42db.r0;
--echo ############ Test mysql ##############
--echo # Test mysql connecting to a server with a certificate revoked by -crl
--replace_result "Server certificate validation failed. The certificate is revoked. Error 0x80092010(CRYPT_E_REVOKED)" "certificate revoked"
--error 1
--exec $MYSQL $ssl_crl test -e "SHOW STATUS LIKE 'Ssl_version'" 2>&1
--echo # Test mysql connecting to a server with a certificate revoked by -crlpath
--replace_result "Server certificate validation failed. The certificate is revoked. Error 0x80092010(CRYPT_E_REVOKED)" "certificate revoked"
--error 1
--exec $MYSQL $ssl_crlpath test -e "SHOW STATUS LIKE 'Ssl_version'" 2>&1
--echo ############ Test mysqladmin ##############
let $admin_suffix = --default-character-set=latin1 -S $MASTER_MYSOCK -P $MASTER_MYPORT -u root --password= ping;
--echo # Test mysqladmin connecting to a server with a certificate revoked by -crl
--replace_regex /.*mariadb-admin.*:/mariadb-admin:/ /TLS\/SSL error: .*CRYPT_E_REVOKED./TLS\/SSL error: certificate revoked/
--error 1
--exec $MYSQLADMIN $ssl_crl $admin_suffix 2>&1
--echo # Test mysqladmin connecting to a server with a certificate revoked by -crlpath
--replace_regex /.*mariadb-admin.*:/mariadb-admin:/ /TLS\/SSL error: .*CRYPT_E_REVOKED./TLS\/SSL error: certificate revoked/
--error 1
--exec $MYSQLADMIN $ssl_crlpath $admin_suffix 2>&1
Reference in a new issue View git blame Copy permalink