database/mariadb-connector-c
1
0
Fork 0
mirror of https://github.com/mariadb-corporation/mariadb-connector-c.git synced 2025-08-07 02:42:49 +03:00
Code Activity

test fix: Always specify fingerprint for TLS connections

Browse Source
This commit is contained in:
Georg Richter
2024-04-30 11:06:09 +02:00
parent 148eb0fec1
commit a63b826195
1 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
unittest/libmariadb/my_test.h
View File

@@ -224,6 +224,7 @@ MYSQL *my_test_connect(MYSQL *mysql,
static const char *schema = 0;
static char *hostname = 0;
static char *password = 0;
static char fingerprint[65];
static unsigned int port = 0;
static unsigned int ssl_port = 0;
static char *socketname = 0;
@@ -656,7 +657,9 @@ MYSQL *my_test_connect(MYSQL *mysql,
unsigned long clientflag)
{
if (force_tls)
mysql_options(mysql, MYSQL_OPT_SSL_ENFORCE, &force_tls);
mysql_options(mysql, MYSQL_OPT_SSL_ENFORCE, &force_tls);
if (fingerprint[0])
mysql_options(mysql, MARIADB_OPT_SSL_FP, fingerprint);
if (!mysql_real_connect(mysql, host, user, passwd, db, port, unix_socket, clientflag))
{
diag("error: %s", mysql_error(mysql));
@@ -677,6 +680,8 @@ MYSQL *my_test_connect(MYSQL *mysql,
void run_tests(struct my_tests_st *test) {
int i, rc, total=0;
MYSQL *mysql;
my_bool verify= 0;
MARIADB_X509_INFO *info;
while (test[total].function)
total++;
@@ -684,6 +689,7 @@ void run_tests(struct my_tests_st *test) {
/* display TLS stats */
mysql= mysql_init(NULL);
mysql_options(mysql, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, &verify);
mysql_ssl_set(mysql, NULL, NULL, NULL, NULL, NULL);
if (!mysql_real_connect(mysql, hostname, username, password, schema, port, socketname, 0))
@@ -691,7 +697,7 @@ void run_tests(struct my_tests_st *test) {
diag("Error: %s", mysql_error(mysql));
BAIL_OUT("Can't establish TLS connection to server.");
}
fingerprint[0]= 0;
if (!mysql_query(mysql, "SHOW VARIABLES LIKE '%ssl%'"))
{
MYSQL_RES *res;
@@ -705,6 +711,9 @@ void run_tests(struct my_tests_st *test) {
diag("%s: %s", row[0], row[1]);
mysql_free_result(res);
diag("Cipher in use: %s", mysql_get_ssl_cipher(mysql));
mariadb_get_infov(mysql, MARIADB_TLS_PEER_CERT_INFO, &info);
strcpy(fingerprint, info->fingerprint);
diag("Peer certificate fingerprint: %s", fingerprint);
diag("--------------------");
}
mysql_close(mysql);