[Commits] Rev 4348: new mysqltest connect option SSL-CIPHER=xxxx in lp:~maria-captains/maria/5.5

Sergei Golubchik serg at mariadb.org
Tue Nov 11 21:18:34 EET 2014


At lp:~maria-captains/maria/5.5

------------------------------------------------------------
revno: 4348
revision-id: sergii at pisem.net-20141111191834-czu3oew18mnhbcbo
parent: sergii at pisem.net-20141111190410-g76u6f6wt6vorc57
committer: Sergei Golubchik <sergii at pisem.net>
branch nick: 5.5
timestamp: Tue 2014-11-11 20:18:34 +0100
message:
  new mysqltest connect option SSL-CIPHER=xxxx
=== modified file 'client/mysqltest.cc'
--- a/client/mysqltest.cc	2014-05-28 11:51:19 +0000
+++ b/client/mysqltest.cc	2014-11-11 19:18:34 +0000
@@ -5883,6 +5883,7 @@ void do_connect(struct st_command *comma
 {
   int con_port= opt_port;
   char *con_options;
+  char *ssl_cipher= opt_ssl_cipher;
   my_bool con_ssl= 0, con_compress= 0;
   my_bool con_pipe= 0;
   my_bool con_shm __attribute__ ((unused))= 0;
@@ -5971,6 +5972,11 @@ void do_connect(struct st_command *comma
     length= (size_t) (end - con_options);
     if (length == 3 && !strncmp(con_options, "SSL", 3))
       con_ssl= 1;
+    else if (!strncmp(con_options, "SSL-CIPHER=", 11))
+    {
+      con_ssl= 1;
+      ssl_cipher=con_options + 11;
+    }
     else if (length == 8 && !strncmp(con_options, "COMPRESS", 8))
       con_compress= 1;
     else if (length == 4 && !strncmp(con_options, "PIPE", 4))
@@ -6027,7 +6033,7 @@ void do_connect(struct st_command *comma
   {
 #if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
     mysql_ssl_set(con_slot->mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
-		  opt_ssl_capath, opt_ssl_cipher);
+		  opt_ssl_capath, ssl_cipher);
 #if MYSQL_VERSION_ID >= 50000
     /* Turn on ssl_verify_server_cert only if host is "localhost" */
     opt_ssl_verify_server_cert= !strcmp(ds_host.str, "localhost");

=== modified file 'mysql-test/r/openssl_1.result'
--- a/mysql-test/r/openssl_1.result	2014-01-22 14:29:36 +0000
+++ b/mysql-test/r/openssl_1.result	2014-11-11 19:18:34 +0000
@@ -7,6 +7,8 @@ grant select on test.* to ssl_user3 at loca
 grant select on test.* to ssl_user4 at localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
 grant select on test.* to ssl_user5 at localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
 flush privileges;
+connect(localhost,ssl_user2,,test,MASTER_PORT,MASTER_SOCKET);
+ERROR 28000: Access denied for user 'ssl_user2'@'localhost' (using password: NO)
 connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET);
 ERROR 28000: Access denied for user 'ssl_user5'@'localhost' (using password: NO)
 SHOW STATUS LIKE 'Ssl_cipher';

=== modified file 'mysql-test/t/openssl_1.test'
--- a/mysql-test/t/openssl_1.test	2013-09-06 20:31:30 +0000
+++ b/mysql-test/t/openssl_1.test	2014-11-11 19:18:34 +0000
@@ -20,13 +20,16 @@ grant select on test.* to ssl_user4 at loca
 grant select on test.* to ssl_user5 at localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
 flush privileges;
 
-connect (con1,localhost,ssl_user1,,,,,SSL);
-connect (con2,localhost,ssl_user2,,,,,SSL);
-connect (con3,localhost,ssl_user3,,,,,SSL);
-connect (con4,localhost,ssl_user4,,,,,SSL);
+connect (con1,localhost,ssl_user1,,,,,SSL-CIPHER=DHE-RSA-AES256-SHA);
 --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
 --error ER_ACCESS_DENIED_ERROR
-connect (con5,localhost,ssl_user5,,,,,SSL);
+connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=RC4-SHA);
+connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=DHE-RSA-AES256-SHA);
+connect (con3,localhost,ssl_user3,,,,,SSL-CIPHER=DHE-RSA-AES256-SHA);
+connect (con4,localhost,ssl_user4,,,,,SSL-CIPHER=DHE-RSA-AES256-SHA);
+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
+--error ER_ACCESS_DENIED_ERROR
+connect (con5,localhost,ssl_user5,,,,,SSL-CIPHER=DHE-RSA-AES256-SHA);
 
 connection con1;
 # Check ssl turned on



More information about the commits mailing list