mirror of
https://github.com/MariaDB/server.git
synced 2025-01-27 01:04:19 +01:00
66f14ef6a1
note that: * unit.conc_tls is broken in mtr * schannel now doesn't fail on invalid ca path unless --ssl-verify-server-cert is used. openssl still does.
16 lines
1,014 B
Text
16 lines
1,014 B
Text
--source include/have_ssl_communication.inc
|
|
--source include/not_embedded.inc
|
|
|
|
--echo #
|
|
--echo # Bug#21920657: SSL-CA FAILS SILENTLY IF THE PATH CANNOT BE FOUND
|
|
--echo #
|
|
|
|
--echo # try to connect with wrong '--ssl-ca' path : should fail
|
|
|
|
--replace_regex /TLS\/SSL error.*/TLS\/SSL error: xxxx/
|
|
--error 1
|
|
--exec $MYSQL --ssl-verify-server-cert --ssl-ca=$MYSQL_TEST_DIR/std_data/wrong-cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';" 2>&1
|
|
--echo
|
|
|
|
--echo # try to connect with correct '--ssl-ca' path : should connect
|
|
--exec $MYSQL --ssl-verify-server-cert --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';"
|