database/mariadb-connector-c
1
0
Fork 0
mirror of https://github.com/mariadb-corporation/mariadb-connector-c.git synced 2025-08-08 14:02:17 +03:00
Code Activity

SSL fixes:

Browse Source 
- added MARIADB_OPT_SSL_CIPHER_STRENGTH (value uint) for Schannel
- fixed mutes in all ssl variants
This commit is contained in:
Georg Richter
2016-02-16 13:04:16 +01:00
parent 448b68023c
commit 509b948e7d
12 changed files with 264 additions and 199 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
unittest/libmariadb/CMakeLists.txt
View File

@@ -51,21 +51,21 @@ IF(WITH_SSL AND OPENSSL_FOUND)
STRING(REPLACE "\n" "" FINGER_PRINT "${FINGER_PRINT}")
STRING(REPLACE ":" "" SSL_CERT_FINGER_PRINT "${FINGER_PRINT}")
ENDIF()
CONFIGURE_FILE(${CMAKE_SOURCE_DIR}/unittest/libmariadb/ssl.c.in
${CMAKE_SOURCE_DIR}/unittest/libmariadb/ssl.c)
CONFIGURE_FILE(${CMAKE_SOURCE_DIR}/unittest/libmariadb/fingerprint.list.in
${CMAKE_SOURCE_DIR}/unittest/libmariadb/fingerprint.list)
SET(API_TESTS ${API_TESTS} "ssl")
ENDIF()
SET(API_TESTS ${API_TESTS} "ssl")
FOREACH(API_TEST ${API_TESTS})
ADD_EXECUTABLE(${API_TEST} ${API_TEST}.c ${CMAKE_SOURCE_DIR}/libmariadb/getopt.c)
TARGET_LINK_LIBRARIES(${API_TEST} mytap libmariadb)
TARGET_LINK_LIBRARIES(${API_TEST} mytap mariadbclient)
ADD_TEST(${API_TEST} ${EXECUTABLE_OUTPUT_PATH}/${API_TEST})
SET_TESTS_PROPERTIES(${API_TEST} PROPERTIES TIMEOUT 120)
ENDFOREACH(API_TEST)
FOREACH(API_TEST ${MANUAL_TESTS})
ADD_EXECUTABLE(${API_TEST} ${API_TEST}.c ${CMAKE_SOURCE_DIR}/libmariadb/getopt.c)
TARGET_LINK_LIBRARIES(${API_TEST} mytap libmariadb)
TARGET_LINK_LIBRARIES(${API_TEST} mytap mariadbclient)
ENDFOREACH()

29
unittest/libmariadb/ssl.c.in
View File

@@ -793,6 +793,33 @@ static int test_ssl_version(MYSQL *mysql)
return OK;
}
#ifdef HAVE_SCHANNEL
static int test_schannel_cipher(MYSQL *mysql)
{
MYSQL *my;
unsigned int cipher_strength= 256;
if (check_skip_ssl())
return SKIP;
my= mysql_init(NULL);
FAIL_IF(!my, "mysql_init() failed");
mysql_ssl_set(my,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0);
mysql_options(my, MARIADB_OPT_SSL_CIPHER_STRENGTH, &cipher_strength);
FAIL_IF(!mysql_real_connect(my, hostname, ssluser, sslpw, schema,
port, socketname, 0), mysql_error(my));
diag("cipher: %s", mysql_get_ssl_cipher(my));
FAIL_IF(strcmp(mysql_get_ssl_cipher(my), "CALG_AES_256") != 0, "expected cipher with 256bit strength");
mysql_close(my);
return OK;
}
#endif
struct my_tests_st my_tests[] = {
@@ -816,6 +843,8 @@ struct my_tests_st my_tests[] = {
{"test_ssl_threads", test_ssl_threads, TEST_CONNECTION_NEW, 0, NULL, NULL},
#ifndef HAVE_SCHANNEL
{"test_password_protected", test_password_protected, TEST_CONNECTION_NEW, 0, NULL, NULL},
#else
{"test_schannel_cipher", test_schannel_cipher, TEST_CONNECTION_NEW, 0, NULL, NULL},
#endif
{NULL, NULL, 0, 0, NULL, NULL}
};