database/mariadb-connector-c
1
0
Fork 0
mirror of https://github.com/mariadb-corporation/mariadb-connector-c.git synced 2025-08-07 02:42:49 +03:00
Code Activity

- removed global context for tls, so code can be used also with no yassl branch in 10.2

Browse Source 
- added new gnutls cipher mapping
- fixed ssl test case: skip hostname verification if both server and client run on localhost
- added server certificates
This commit is contained in:
Georg Richter
2016-10-17 16:02:51 +02:00
parent 7cb8479605
commit c20974b039
15 changed files with 1427 additions and 209 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1066
libmariadb/secure/gnutls.c
View File

File diff suppressed because it is too large Load Diff

62
libmariadb/secure/openssl.c
View File

@@ -49,7 +49,6 @@
extern my_bool ma_tls_initialized;
extern unsigned int mariadb_deinitialize_ssl;
static SSL_CTX *SSL_context= NULL;
#define MAX_SSL_ERR_LEN 100
@@ -287,8 +286,7 @@ static void disable_sigpipe()
#endif
/*
Initializes SSL and allocate global
context SSL_context
Initializes SSL
SYNOPSIS
my_ssl_start
@@ -325,22 +323,7 @@ int ma_tls_start(char *errmsg, size_t errmsg_len)
SSL_load_error_strings();
/* digests and ciphers */
OpenSSL_add_all_algorithms();
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
if (!(SSL_context= SSL_CTX_new(TLS_client_method())))
#else
if (!(SSL_context= SSL_CTX_new(SSLv23_client_method())))
#endif
{
ma_tls_get_error(errmsg, errmsg_len);
goto end;
}
SSL_CTX_set_options(SSL_context, SSL_OP_ALL);
#ifdef HAVE_TLS_SESSION_CACHE
SSL_CTX_set_session_cache_mode(SSL_context, SSL_SESS_CACHE_CLIENT);
ma_tls_sessions= (MA_SSL_SESSION *)calloc(1, sizeof(struct st_ma_tls_session) * ma_tls_session_cache_size);
SSL_CTX_sess_set_new_cb(SSL_context, ma_tls_session_cb);
SSL_CTX_sess_set_remove_cb(SSL_context, ma_tls_remove_session_cb);
#endif
disable_sigpipe();
#if OPENSSL_USE_BIOMETHOD
memcpy(&ma_BIO_method, BIO_s_socket(), sizeof(BIO_METHOD));
@@ -382,12 +365,6 @@ void ma_tls_end()
ma_free((gptr)LOCK_crypto);
LOCK_crypto= NULL;
#endif
if (SSL_context)
{
SSL_CTX_free(SSL_context);
SSL_context= NULL;
}
if (mariadb_deinitialize_ssl)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L
@@ -423,6 +400,7 @@ static int ma_tls_set_certs(MYSQL *mysql, SSL *ssl)
*keyfile= mysql->options.ssl_key;
char *pw= (mysql->options.extension) ?
mysql->options.extension->tls_pw : NULL;
SSL_CTX *ctx= SSL_get_SSL_CTX(ssl);
/* add cipher */
@@ -432,13 +410,15 @@ static int ma_tls_set_certs(MYSQL *mysql, SSL *ssl)
goto error;
/* ca_file and ca_path */
if (SSL_CTX_load_verify_locations(SSL_context,
SSL_CTX_set_verify(ctx, (mysql->options.ssl_ca || mysql->options.ssl_capath)?
SSL_VERIFY_NONE : SSL_VERIFY_NONE, NULL);
if (SSL_CTX_load_verify_locations(ctx,
mysql->options.ssl_ca,
mysql->options.ssl_capath) == 0)
mysql->options.ssl_capath) <= 0)
{
if (mysql->options.ssl_ca || mysql->options.ssl_capath)
goto error;
if (SSL_CTX_set_default_verify_paths(SSL_context) == 0)
if (SSL_CTX_set_default_verify_paths(ctx) == 0)
goto error;
}
@@ -450,7 +430,7 @@ static int ma_tls_set_certs(MYSQL *mysql, SSL *ssl)
/* set cert */
if (certfile && certfile[0] != 0)
{
if (SSL_CTX_use_certificate_chain_file(SSL_context, certfile) != 1 ||
if (SSL_CTX_use_certificate_chain_file(ctx, certfile) != 1 ||
SSL_use_certificate_file(ssl, certfile, SSL_FILETYPE_PEM) != 1)
goto error;
}
@@ -486,7 +466,7 @@ static int ma_tls_set_certs(MYSQL *mysql, SSL *ssl)
{
X509_STORE *certstore;
if ((certstore= SSL_CTX_get_cert_store(SSL_context)))
if ((certstore= SSL_CTX_get_cert_store(ctx)))
{
if (X509_STORE_load_locations(certstore, mysql->options.extension->ssl_crl,
mysql->options.extension->ssl_crlpath) == 0)
@@ -505,12 +485,27 @@ error:
void *ma_tls_init(MYSQL *mysql)
{
SSL *ssl= NULL;
SSL_CTX *ctx= NULL;
#ifdef HAVE_TLS_SESSION_CACHE
MA_SSL_SESSION *session= ma_tls_get_session(mysql);
#endif
pthread_mutex_lock(&LOCK_openssl_config);
if (!(ssl= SSL_new(SSL_context)))
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
if (!(ctx= SSL_CTX_new(TLS_client_method())))
#else
if (!(ctx= SSL_CTX_new(SSLv23_client_method())))
#endif
goto error;
SSL_CTX_set_options(ctx, SSL_OP_ALL);
#ifdef HAVE_TLS_SESSION_CACHE
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT);
ma_tls_sessions= (MA_SSL_SESSION *)calloc(1, sizeof(struct st_ma_tls_session) * ma_tls_session_cache_size);
SSL_CTX_sess_set_new_cb(ctx, ma_tls_session_cb);
SSL_CTX_sess_set_remove_cb(ctx, ma_tls_remove_session_cb);
#endif
if (!(ssl= SSL_new(ctx)))
goto error;
if (ma_tls_set_certs(mysql, ssl))
@@ -530,6 +525,8 @@ void *ma_tls_init(MYSQL *mysql)
return (void *)ssl;
error:
pthread_mutex_unlock(&LOCK_openssl_config);
if (ctx)
SSL_CTX_free(ctx);
if (ssl)
SSL_free(ssl);
return NULL;
@@ -625,6 +622,9 @@ my_bool ma_tls_close(MARIADB_TLS *ctls)
if (!ctls || !ctls->ssl)
return 1;
ssl= (SSL *)ctls->ssl;
SSL_CTX *ctx= SSL_get_SSL_CTX(ssl);
if (ctx)
SSL_CTX_free(ctx);
SSL_set_quiet_shutdown(ssl, 1);
/* 2 x pending + 2 * data = 4 */

18
unittest/libmariadb/bulk1.c
View File

@@ -128,26 +128,32 @@ static int bulk2(MYSQL *mysql)
{
MYSQL_STMT *stmt= mysql_stmt_init(mysql);
int rc;
MYSQL_BIND bind;
MYSQL_BIND bind[2];
unsigned int i;
unsigned int array_size=1024;
char indicator[1024];
long lval[1024];
rc= mysql_query(mysql, "DROP TABLE IF EXISTS bulk2");
check_mysql_rc(rc, mysql);
rc= mysql_query(mysql, "CREATE TABLE bulk2 (a int default 4)");
rc= mysql_query(mysql, "CREATE TABLE bulk2 (a int default 4, b default 2)");
check_mysql_rc(rc, mysql);
rc= mysql_stmt_prepare(stmt, "INSERT INTO bulk2 VALUES (?)", -1);
rc= mysql_stmt_prepare(stmt, "INSERT INTO bulk2 VALUES (?,1)", -1);
check_stmt_rc(rc, stmt);
memset(&bind, 0, sizeof(MYSQL_BIND));
memset(bind, 0, 2 * sizeof(MYSQL_BIND));
for (i=0; i < array_size; i++)
{
indicator[i]= STMT_INDICATOR_DEFAULT;
lval[i]= i;
}
bind.buffer_type= MYSQL_TYPE_LONG;
bind.u.indicator= indicator;
bind[0].buffer_type= MYSQL_TYPE_LONG;
bind[0].u.indicator= indicator;
bind[1].buffer_type= MYSQL_TYPE_LONG;
bind[1].buffer= &lval;
rc= mysql_stmt_attr_set(stmt, STMT_ATTR_ARRAY_SIZE, &array_size);
check_stmt_rc(rc, stmt);

78
unittest/libmariadb/certs/ca-cert.pem Normal file
View File

@@ -0,0 +1,78 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11580370790696127632 (0xa0b5bde0f2c08c90)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=cacert, C=FI, ST=Helsinki, L=Helsinki, O=MariaDB
Validity
Not Before: Apr 25 14:55:05 2015 GMT
Not After : Apr 20 14:55:05 2035 GMT
Subject: CN=cacert, C=FI, ST=Helsinki, L=Helsinki, O=MariaDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c0:1f:90:7c:2b:c2:ea:01:93:ce:e0:c5:72:e8:
1c:06:bd:63:4e:b6:d2:c6:00:32:13:27:42:9e:c9:
3c:91:33:4d:15:90:67:7d:9d:d8:be:9b:12:e2:f6:
1b:46:81:4a:8b:10:c5:b8:14:53:ab:6a:2c:c3:7f:
66:87:6c:0e:18:51:4e:9c:93:7a:6d:a1:d4:06:47:
58:61:a6:04:21:2c:bd:74:7a:e4:68:45:fe:91:fe:
fb:a6:29:47:ec:c5:c3:88:c8:c9:e7:d7:c6:1a:0d:
b8:f5:c5:02:57:25:01:cc:d5:8c:37:46:58:c6:71:
30:ee:63:38:99:84:5e:9e:3c:af:40:d4:f0:f2:12:
44:6e:2f:4d:cd:f9:da:4d:0e:1f:a6:fe:35:c3:9d:
40:08:82:5e:6f:7d:4d:09:16:7d:a1:78:d6:9f:9f:
44:d6:b1:ad:e7:50:25:1a:f3:4e:16:92:4a:17:5e:
0b:e1:c8:9f:62:22:c4:e2:01:96:63:ed:37:a2:e5:
70:b9:dc:c8:8e:c4:fe:00:21:f5:b9:48:c0:43:55:
4a:d8:0c:9d:ce:d6:60:30:bb:81:31:c8:e9:0e:aa:
1c:18:3d:e4:10:47:42:17:c0:4d:fb:f5:d9:c2:e4:
07:33:f7:15:94:63:6d:11:ad:4f:d4:1d:11:41:c1:
e2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2C:01:95:1A:F5:3E:CD:04:A6:24:35:35:04:D9:A7:16:01:2A:79
X509v3 Authority Key Identifier:
keyid:C7:2C:01:95:1A:F5:3E:CD:04:A6:24:35:35:04:D9:A7:16:01:2A:79
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
40:6f:6a:54:f3:29:30:48:46:bd:da:46:71:64:52:14:a7:c2:
34:b7:5e:1e:42:3d:e7:47:92:cd:87:e7:9d:5d:1a:82:77:82:
62:32:d4:9d:b6:44:11:dc:88:78:38:a5:d3:1f:1e:be:c2:d6:
14:b0:58:35:cd:66:22:43:97:ba:bb:e3:44:4f:9d:75:14:9f:
6f:37:d3:50:07:09:36:bc:58:92:e8:fe:c0:a8:ba:29:55:65:
e2:6f:8f:ab:a5:1d:4f:56:37:de:c7:b4:39:20:4c:a8:4c:db:
56:51:12:7e:e7:7f:83:9d:c4:c7:72:8f:6f:83:f0:af:e3:37:
1c:40:fe:5e:38:26:2f:05:46:a7:0c:a5:81:79:d6:9c:9c:d7:
56:eb:96:fe:c7:ae:8e:4f:5e:4a:6c:3a:fa:68:be:65:60:a2:
d3:3f:07:76:45:b3:95:3e:11:ef:3a:0e:6f:73:47:4c:90:dd:
0b:36:b4:22:df:62:8d:58:d2:a6:34:5b:f0:06:5d:cd:bf:52:
fa:ee:9b:4f:e8:79:18:6e:1c:6e:5f:96:10:6d:2f:02:1b:dd:
bf:14:c9:32:3c:83:a5:6e:56:56:78:9d:ce:84:50:a4:df:cc:
b5:a9:b1:ec:09:07:74:02:27:7a:9d:d2:96:a9:80:95:9a:f2:
8c:e9:ef:99
-----BEGIN CERTIFICATE-----
MIIDfzCCAmegAwIBAgIJAKC1veDywIyQMA0GCSqGSIb3DQEBBQUAMFYxDzANBgNV
BAMMBmNhY2VydDELMAkGA1UEBhMCRkkxETAPBgNVBAgMCEhlbHNpbmtpMREwDwYD
VQQHDAhIZWxzaW5raTEQMA4GA1UECgwHTWFyaWFEQjAeFw0xNTA0MjUxNDU1MDVa
Fw0zNTA0MjAxNDU1MDVaMFYxDzANBgNVBAMMBmNhY2VydDELMAkGA1UEBhMCRkkx
ETAPBgNVBAgMCEhlbHNpbmtpMREwDwYDVQQHDAhIZWxzaW5raTEQMA4GA1UECgwH
TWFyaWFEQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMAfkHwrwuoB
k87gxXLoHAa9Y0620sYAMhMnQp7JPJEzTRWQZ32d2L6bEuL2G0aBSosQxbgUU6tq
LMN/ZodsDhhRTpyTem2h1AZHWGGmBCEsvXR65GhF/pH++6YpR+zFw4jIyefXxhoN
uPXFAlclAczVjDdGWMZxMO5jOJmEXp48r0DU8PISRG4vTc352k0OH6b+NcOdQAiC
Xm99TQkWfaF41p+fRNaxredQJRrzThaSShdeC+HIn2IixOIBlmPtN6LlcLncyI7E
/gAh9blIwENVStgMnc7WYDC7gTHI6Q6qHBg95BBHQhfATfv12cLkBzP3FZRjbRGt
T9QdEUHB4t0CAwEAAaNQME4wHQYDVR0OBBYEFMcsAZUa9T7NBKYkNTUE2acWASp5
MB8GA1UdIwQYMBaAFMcsAZUa9T7NBKYkNTUE2acWASp5MAwGA1UdEwQFMAMBAf8w
DQYJKoZIhvcNAQEFBQADggEBAEBvalTzKTBIRr3aRnFkUhSnwjS3Xh5CPedHks2H
551dGoJ3gmIy1J22RBHciHg4pdMfHr7C1hSwWDXNZiJDl7q740RPnXUUn28301AH
CTa8WJLo/sCouilVZeJvj6ulHU9WN97HtDkgTKhM21ZREn7nf4OdxMdyj2+D8K/j
NxxA/l44Ji8FRqcMpYF51pyc11brlv7Hro5PXkpsOvpovmVgotM/B3ZFs5U+Ee86
Dm9zR0yQ3Qs2tCLfYo1Y0qY0W/AGXc2/Uvrum0/oeRhuHG5flhBtLwIb3b8UyTI8
g6VuVlZ4nc6EUKTfzLWpsewJB3QCJ3qd0papgJWa8ozp75k=
-----END CERTIFICATE-----

78
unittest/libmariadb/certs/cacert.pem Normal file
View File

@@ -0,0 +1,78 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11580370790696127632 (0xa0b5bde0f2c08c90)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=cacert, C=FI, ST=Helsinki, L=Helsinki, O=MariaDB
Validity
Not Before: Apr 25 14:55:05 2015 GMT
Not After : Apr 20 14:55:05 2035 GMT
Subject: CN=cacert, C=FI, ST=Helsinki, L=Helsinki, O=MariaDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c0:1f:90:7c:2b:c2:ea:01:93:ce:e0:c5:72:e8:
1c:06:bd:63:4e:b6:d2:c6:00:32:13:27:42:9e:c9:
3c:91:33:4d:15:90:67:7d:9d:d8:be:9b:12:e2:f6:
1b:46:81:4a:8b:10:c5:b8:14:53:ab:6a:2c:c3:7f:
66:87:6c:0e:18:51:4e:9c:93:7a:6d:a1:d4:06:47:
58:61:a6:04:21:2c:bd:74:7a:e4:68:45:fe:91:fe:
fb:a6:29:47:ec:c5:c3:88:c8:c9:e7:d7:c6:1a:0d:
b8:f5:c5:02:57:25:01:cc:d5:8c:37:46:58:c6:71:
30:ee:63:38:99:84:5e:9e:3c:af:40:d4:f0:f2:12:
44:6e:2f:4d:cd:f9:da:4d:0e:1f:a6:fe:35:c3:9d:
40:08:82:5e:6f:7d:4d:09:16:7d:a1:78:d6:9f:9f:
44:d6:b1:ad:e7:50:25:1a:f3:4e:16:92:4a:17:5e:
0b:e1:c8:9f:62:22:c4:e2:01:96:63:ed:37:a2:e5:
70:b9:dc:c8:8e:c4:fe:00:21:f5:b9:48:c0:43:55:
4a:d8:0c:9d:ce:d6:60:30:bb:81:31:c8:e9:0e:aa:
1c:18:3d:e4:10:47:42:17:c0:4d:fb:f5:d9:c2:e4:
07:33:f7:15:94:63:6d:11:ad:4f:d4:1d:11:41:c1:
e2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2C:01:95:1A:F5:3E:CD:04:A6:24:35:35:04:D9:A7:16:01:2A:79
X509v3 Authority Key Identifier:
keyid:C7:2C:01:95:1A:F5:3E:CD:04:A6:24:35:35:04:D9:A7:16:01:2A:79
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
40:6f:6a:54:f3:29:30:48:46:bd:da:46:71:64:52:14:a7:c2:
34:b7:5e:1e:42:3d:e7:47:92:cd:87:e7:9d:5d:1a:82:77:82:
62:32:d4:9d:b6:44:11:dc:88:78:38:a5:d3:1f:1e:be:c2:d6:
14:b0:58:35:cd:66:22:43:97:ba:bb:e3:44:4f:9d:75:14:9f:
6f:37:d3:50:07:09:36:bc:58:92:e8:fe:c0:a8:ba:29:55:65:
e2:6f:8f:ab:a5:1d:4f:56:37:de:c7:b4:39:20:4c:a8:4c:db:
56:51:12:7e:e7:7f:83:9d:c4:c7:72:8f:6f:83:f0:af:e3:37:
1c:40:fe:5e:38:26:2f:05:46:a7:0c:a5:81:79:d6:9c:9c:d7:
56:eb:96:fe:c7:ae:8e:4f:5e:4a:6c:3a:fa:68:be:65:60:a2:
d3:3f:07:76:45:b3:95:3e:11:ef:3a:0e:6f:73:47:4c:90:dd:
0b:36:b4:22:df:62:8d:58:d2:a6:34:5b:f0:06:5d:cd:bf:52:
fa:ee:9b:4f:e8:79:18:6e:1c:6e:5f:96:10:6d:2f:02:1b:dd:
bf:14:c9:32:3c:83:a5:6e:56:56:78:9d:ce:84:50:a4:df:cc:
b5:a9:b1:ec:09:07:74:02:27:7a:9d:d2:96:a9:80:95:9a:f2:
8c:e9:ef:99
-----BEGIN CERTIFICATE-----
MIIDfzCCAmegAwIBAgIJAKC1veDywIyQMA0GCSqGSIb3DQEBBQUAMFYxDzANBgNV
BAMMBmNhY2VydDELMAkGA1UEBhMCRkkxETAPBgNVBAgMCEhlbHNpbmtpMREwDwYD
VQQHDAhIZWxzaW5raTEQMA4GA1UECgwHTWFyaWFEQjAeFw0xNTA0MjUxNDU1MDVa
Fw0zNTA0MjAxNDU1MDVaMFYxDzANBgNVBAMMBmNhY2VydDELMAkGA1UEBhMCRkkx
ETAPBgNVBAgMCEhlbHNpbmtpMREwDwYDVQQHDAhIZWxzaW5raTEQMA4GA1UECgwH
TWFyaWFEQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMAfkHwrwuoB
k87gxXLoHAa9Y0620sYAMhMnQp7JPJEzTRWQZ32d2L6bEuL2G0aBSosQxbgUU6tq
LMN/ZodsDhhRTpyTem2h1AZHWGGmBCEsvXR65GhF/pH++6YpR+zFw4jIyefXxhoN
uPXFAlclAczVjDdGWMZxMO5jOJmEXp48r0DU8PISRG4vTc352k0OH6b+NcOdQAiC
Xm99TQkWfaF41p+fRNaxredQJRrzThaSShdeC+HIn2IixOIBlmPtN6LlcLncyI7E
/gAh9blIwENVStgMnc7WYDC7gTHI6Q6qHBg95BBHQhfATfv12cLkBzP3FZRjbRGt
T9QdEUHB4t0CAwEAAaNQME4wHQYDVR0OBBYEFMcsAZUa9T7NBKYkNTUE2acWASp5
MB8GA1UdIwQYMBaAFMcsAZUa9T7NBKYkNTUE2acWASp5MAwGA1UdEwQFMAMBAf8w
DQYJKoZIhvcNAQEFBQADggEBAEBvalTzKTBIRr3aRnFkUhSnwjS3Xh5CPedHks2H
551dGoJ3gmIy1J22RBHciHg4pdMfHr7C1hSwWDXNZiJDl7q740RPnXUUn28301AH
CTa8WJLo/sCouilVZeJvj6ulHU9WN97HtDkgTKhM21ZREn7nf4OdxMdyj2+D8K/j
NxxA/l44Ji8FRqcMpYF51pyc11brlv7Hro5PXkpsOvpovmVgotM/B3ZFs5U+Ee86
Dm9zR0yQ3Qs2tCLfYo1Y0qY0W/AGXc2/Uvrum0/oeRhuHG5flhBtLwIb3b8UyTI8
g6VuVlZ4nc6EUKTfzLWpsewJB3QCJ3qd0papgJWa8ozp75k=
-----END CERTIFICATE-----

69
unittest/libmariadb/certs/client-cert.pem Normal file
View File

@@ -0,0 +1,69 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=cacert, C=FI, ST=Helsinki, L=Helsinki, O=MariaDB
Validity
Not Before: Apr 25 14:55:16 2015 GMT
Not After : Apr 20 14:55:16 2035 GMT
Subject: C=FI, ST=Helsinki, L=Helsinki, O=MariaDB, CN=client
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:ce:a0:3d:3c:a4:bb:4f:a1:4f:91:0d:05:ac:5b:
8a:15:7f:d7:aa:0c:a3:a7:9f:b2:c7:26:9d:65:28:
b1:84:d3:a0:ef:9e:b1:45:0f:33:df:98:6e:71:ff:
2b:66:9c:9c:c1:25:13:27:42:b6:20:46:e7:e7:47:
a1:88:47:c2:9e:e2:45:25:99:9f:f9:28:1a:9a:13:
67:5d:3e:b3:b8:fe:40:25:ac:26:49:46:2c:03:43:
83:67:d8:0f:41:ae:2e:f4:d8:71:60:3c:8e:e7:91:
d0:bb:2c:ca:12:da:71:1a:7b:e3:fa:8c:8f:c3:bb:
62:55:89:b3:bf:85:45:01:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
5A:73:74:8E:14:29:C3:FB:B4:19:0F:97:8F:AA:6F:E1:E1:A8:F7:5B
X509v3 Authority Key Identifier:
keyid:C7:2C:01:95:1A:F5:3E:CD:04:A6:24:35:35:04:D9:A7:16:01:2A:79
Signature Algorithm: sha1WithRSAEncryption
32:42:4b:36:44:a5:6c:fb:70:d8:08:2b:cb:16:34:15:db:39:
60:7b:7e:b4:4a:bc:fb:e5:16:04:97:0d:eb:f5:68:95:da:2f:
23:57:4c:c9:29:2b:d1:1b:1b:9f:bd:f4:79:75:df:62:7f:63:
b4:84:7a:95:5c:c4:ee:f3:77:16:e4:0b:8a:5e:c9:64:bd:7c:
04:50:ac:ff:9a:41:6b:b1:6a:9f:cd:45:10:72:83:10:8a:26:
1d:7f:6c:84:34:5a:41:79:72:91:ee:87:5d:1d:3a:55:ff:91:
7e:52:85:ff:42:41:eb:76:56:23:e5:bc:bc:79:b1:aa:4e:4c:
bf:7b:df:63:8b:1a:3c:4b:01:72:89:35:bb:0d:92:97:16:6e:
ae:50:cb:89:ee:c6:7a:d0:d3:32:22:0f:19:33:1e:ee:ff:41:
a5:a1:25:c5:4c:ce:8f:98:4c:b5:2c:1f:ec:cc:f1:21:e2:3a:
ff:7d:6a:87:fe:89:fd:2c:20:3e:fb:9b:b8:c0:f9:09:99:ce:
45:63:82:09:1c:bb:79:d8:a8:40:21:46:c7:ae:3e:dd:89:9d:
56:46:4a:f4:ed:7d:5b:a6:1e:a6:1b:26:f9:ec:26:b4:51:3a:
87:b6:50:13:84:33:22:1a:8a:20:c5:44:64:b8:bb:de:32:ec:
6b:58:db:17
-----BEGIN CERTIFICATE-----
MIIDHjCCAgagAwIBAgIBAzANBgkqhkiG9w0BAQUFADBWMQ8wDQYDVQQDDAZjYWNl
cnQxCzAJBgNVBAYTAkZJMREwDwYDVQQIDAhIZWxzaW5raTERMA8GA1UEBwwISGVs
c2lua2kxEDAOBgNVBAoMB01hcmlhREIwHhcNMTUwNDI1MTQ1NTE2WhcNMzUwNDIw
MTQ1NTE2WjBWMQswCQYDVQQGEwJGSTERMA8GA1UECAwISGVsc2lua2kxETAPBgNV
BAcMCEhlbHNpbmtpMRAwDgYDVQQKDAdNYXJpYURCMQ8wDQYDVQQDDAZjbGllbnQw
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM6gPTyku0+hT5ENBaxbihV/16oM
o6efsscmnWUosYTToO+esUUPM9+YbnH/K2acnMElEydCtiBG5+dHoYhHwp7iRSWZ
n/koGpoTZ10+s7j+QCWsJklGLANDg2fYD0GuLvTYcWA8jueR0LssyhLacRp74/qM
j8O7YlWJs7+FRQFhAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8W
HU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRac3SOFCnD
+7QZD5ePqm/h4aj3WzAfBgNVHSMEGDAWgBTHLAGVGvU+zQSmJDU1BNmnFgEqeTAN
BgkqhkiG9w0BAQUFAAOCAQEAMkJLNkSlbPtw2AgryxY0Fds5YHt+tEq8++UWBJcN
6/VoldovI1dMySkr0Rsbn730eXXfYn9jtIR6lVzE7vN3FuQLil7JZL18BFCs/5pB
a7Fqn81FEHKDEIomHX9shDRaQXlyke6HXR06Vf+RflKF/0JB63ZWI+W8vHmxqk5M
v3vfY4saPEsBcok1uw2SlxZurlDLie7GetDTMiIPGTMe7v9BpaElxUzOj5hMtSwf
7MzxIeI6/31qh/6J/SwgPvubuMD5CZnORWOCCRy7edioQCFGx64+3YmdVkZK9O19
W6Yephsm+ewmtFE6h7ZQE4QzIhqKIMVEZLi73jLsa1jbFw==
-----END CERTIFICATE-----

15
unittest/libmariadb/certs/client-key-enc.pem Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDOoD08pLtPoU+RDQWsW4oVf9eqDKOnn7LHJp1lKLGE06DvnrFF
DzPfmG5x/ytmnJzBJRMnQrYgRufnR6GIR8Ke4kUlmZ/5KBqaE2ddPrO4/kAlrCZJ
RiwDQ4Nn2A9Bri702HFgPI7nkdC7LMoS2nEae+P6jI/Du2JVibO/hUUBYQIDAQAB
AoGAa/FgLFcul3oA9BjmdtVXfMXNp8N0l3QhVFLC9P7eRjK8p5GysA4yHkQmpp0U
UkXMykYRDHiYZqJEMhnEtEowzBmodi7go+gpwAR2eUKwESmJoBhPvqDJAbS/fL5D
H2Wk6FGsdKoPhEpigWefu6ZqlX5GCGa601eMYLMR9i+6bbUCQQDspD4j2q8oihTU
RQt/XpF1l+5ZRHjQOokwRekuHdq0powtNxZ+X3V8Qy8JbDRNCM2YtfKMX4gXAfZp
JWs7HoPvAkEA34doY3AKxZSpXD84m4dnJ0/Ubfk3+tcC1EPYyDJ1DHpfz7fy6aoX
z8TWCQXtSBGaEa9Dgbz+EFXuctLbUR8/rwJACDjIo+xEK69oe9uOQ7WgbiqCMH3N
iMaP36p+KIkHAUHMGwIP+QIODewzpSsqQgbtRcIElFX5X3tE+XBAYoRz5wJAKH3/
CwRg7ynfBDbvqjz9EsIDWWisG2SXvpwLyThau8fvU1GfT3Tgm2Ks4zWPpl6J6mo1
cGssGwl2CJbp4+glQQJBAJAwvKufpB+M6OjvKh89GGsCEaV1ENJ41FPcQwJ2pjed
Fcq28ZP59v7bfBH2IkNu3pfEzmvQnmRlTEtXGjNn+i8=
-----END RSA PRIVATE KEY-----

15
unittest/libmariadb/certs/client-key.pem Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDOoD08pLtPoU+RDQWsW4oVf9eqDKOnn7LHJp1lKLGE06DvnrFF
DzPfmG5x/ytmnJzBJRMnQrYgRufnR6GIR8Ke4kUlmZ/5KBqaE2ddPrO4/kAlrCZJ
RiwDQ4Nn2A9Bri702HFgPI7nkdC7LMoS2nEae+P6jI/Du2JVibO/hUUBYQIDAQAB
AoGAa/FgLFcul3oA9BjmdtVXfMXNp8N0l3QhVFLC9P7eRjK8p5GysA4yHkQmpp0U
UkXMykYRDHiYZqJEMhnEtEowzBmodi7go+gpwAR2eUKwESmJoBhPvqDJAbS/fL5D
H2Wk6FGsdKoPhEpigWefu6ZqlX5GCGa601eMYLMR9i+6bbUCQQDspD4j2q8oihTU
RQt/XpF1l+5ZRHjQOokwRekuHdq0powtNxZ+X3V8Qy8JbDRNCM2YtfKMX4gXAfZp
JWs7HoPvAkEA34doY3AKxZSpXD84m4dnJ0/Ubfk3+tcC1EPYyDJ1DHpfz7fy6aoX
z8TWCQXtSBGaEa9Dgbz+EFXuctLbUR8/rwJACDjIo+xEK69oe9uOQ7WgbiqCMH3N
iMaP36p+KIkHAUHMGwIP+QIODewzpSsqQgbtRcIElFX5X3tE+XBAYoRz5wJAKH3/
CwRg7ynfBDbvqjz9EsIDWWisG2SXvpwLyThau8fvU1GfT3Tgm2Ks4zWPpl6J6mo1
cGssGwl2CJbp4+glQQJBAJAwvKufpB+M6OjvKh89GGsCEaV1ENJ41FPcQwJ2pjed
Fcq28ZP59v7bfBH2IkNu3pfEzmvQnmRlTEtXGjNn+i8=
-----END RSA PRIVATE KEY-----

74
unittest/libmariadb/certs/server-cert.pem Normal file
View File

@@ -0,0 +1,74 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=cacert, C=FI, ST=Helsinki, L=Helsinki, O=MariaDB
Validity
Not Before: Apr 25 14:55:05 2015 GMT
Not After : Apr 20 14:55:05 2035 GMT
Subject: C=FI, ST=state or province within country, in other certificates in this file it is the same as L, L=location, usually an address but often ambiguously used, O=organization name, typically a company name, OU=organizational unit name, a division name within an organization, CN=localhost
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:aa:e6:54:bd:dd:52:1e:16:f7:24:52:37:58:2b:
a7:af:49:e1:cd:75:2a:18:52:e1:48:f0:59:82:c0:
7a:d9:66:b3:97:04:b3:77:f4:39:fd:d1:c0:1a:c5:
a6:ab:44:84:d2:17:39:53:25:63:9b:c3:24:78:51:
5c:77:6b:df:b4:82:1d:e4:43:f4:67:0a:5d:89:a2:
fe:b0:ea:64:3a:1d:9d:49:78:c8:7f:79:a5:cd:45:
4b:0c:ad:ae:4f:e2:d4:5d:ec:e8:73:06:ed:98:92:
85:49:b2:9c:31:3b:44:38:5f:bb:5a:f1:68:84:a9:
c3:5b:31:39:d4:47:98:38:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
E5:72:8F:57:72:D6:75:63:28:7F:E2:BF:00:B7:1D:B8:AA:FE:94:59
X509v3 Authority Key Identifier:
keyid:C7:2C:01:95:1A:F5:3E:CD:04:A6:24:35:35:04:D9:A7:16:01:2A:79
Signature Algorithm: sha1WithRSAEncryption
88:44:46:fa:7d:16:ae:9d:16:5b:95:26:03:3c:71:f4:29:3d:
df:cb:f4:14:20:9f:87:24:b4:29:17:2d:7a:12:48:76:ac:00:
44:26:ba:93:83:ad:58:7e:b7:77:e4:b0:32:0d:e5:dd:fb:cc:
0e:9b:88:e0:24:82:e4:41:43:47:5a:4e:d3:b4:5b:47:4b:57:
eb:67:02:63:bb:dd:05:12:f5:95:01:0b:89:81:ca:c2:91:14:
21:9a:9e:c9:84:91:46:35:0e:26:44:1e:91:88:74:4f:fe:d3:
19:9e:65:fa:46:e2:46:04:ad:91:79:4c:70:1b:68:b2:49:e9:
6c:f4:58:44:3b:43:15:85:56:64:1b:84:74:49:95:9f:cd:93:
9d:8e:69:ab:ca:46:97:b6:74:e9:2a:83:85:62:cd:e5:be:c3:
52:bd:cf:90:cc:60:27:76:ee:1b:3c:da:69:73:e2:11:68:14:
dc:7d:9f:b8:6f:20:a2:0c:b7:8e:33:40:89:d1:a3:89:e2:60:
6a:ec:b5:9f:e8:c5:55:10:40:b2:95:5e:54:8a:10:8e:d5:90:
d9:98:86:d8:f9:b6:01:41:8c:d7:0d:0e:86:0e:50:6d:a2:64:
00:2a:91:5e:35:64:15:e3:86:34:3a:39:eb:0f:4f:56:c7:15:
4c:74:2e:91
-----BEGIN CERTIFICATE-----
MIIEETCCAvmgAwIBAgIBATANBgkqhkiG9w0BAQUFADBWMQ8wDQYDVQQDDAZjYWNl
cnQxCzAJBgNVBAYTAkZJMREwDwYDVQQIDAhIZWxzaW5raTERMA8GA1UEBwwISGVs
c2lua2kxEDAOBgNVBAoMB01hcmlhREIwHhcNMTUwNDI1MTQ1NTA1WhcNMzUwNDIw
MTQ1NTA1WjCCAUcxCzAJBgNVBAYTAkZJMWEwXwYDVQQIDFhzdGF0ZSBvciBwcm92
aW5jZSB3aXRoaW4gY291bnRyeSwgaW4gb3RoZXIgY2VydGlmaWNhdGVzIGluIHRo
aXMgZmlsZSBpdCBpcyB0aGUgc2FtZSBhcyBMMUAwPgYDVQQHDDdsb2NhdGlvbiwg
dXN1YWxseSBhbiBhZGRyZXNzIGJ1dCBvZnRlbiBhbWJpZ3VvdXNseSB1c2VkMTQw
MgYDVQQKDCtvcmdhbml6YXRpb24gbmFtZSwgdHlwaWNhbGx5IGEgY29tcGFueSBu
YW1lMUkwRwYDVQQLDEBvcmdhbml6YXRpb25hbCB1bml0IG5hbWUsIGEgZGl2aXNp
b24gbmFtZSB3aXRoaW4gYW4gb3JnYW5pemF0aW9uMRIwEAYDVQQDDAlsb2NhbGhv
c3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKrmVL3dUh4W9yRSN1grp69J
4c11KhhS4UjwWYLAetlms5cEs3f0Of3RwBrFpqtEhNIXOVMlY5vDJHhRXHdr37SC
HeRD9GcKXYmi/rDqZDodnUl4yH95pc1FSwytrk/i1F3s6HMG7ZiShUmynDE7RDhf
u1rxaISpw1sxOdRHmDhVAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgEN
BB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBTlco9X
ctZ1Yyh/4r8Atx24qv6UWTAfBgNVHSMEGDAWgBTHLAGVGvU+zQSmJDU1BNmnFgEq
eTANBgkqhkiG9w0BAQUFAAOCAQEAiERG+n0Wrp0WW5UmAzxx9Ck938v0FCCfhyS0
KRctehJIdqwARCa6k4OtWH63d+SwMg3l3fvMDpuI4CSC5EFDR1pO07RbR0tX62cC
Y7vdBRL1lQELiYHKwpEUIZqeyYSRRjUOJkQekYh0T/7TGZ5l+kbiRgStkXlMcBto
sknpbPRYRDtDFYVWZBuEdEmVn82TnY5pq8pGl7Z06SqDhWLN5b7DUr3PkMxgJ3bu
GzzaaXPiEWgU3H2fuG8gogy3jjNAidGjieJgauy1n+jFVRBAspVeVIoQjtWQ2ZiG
2Pm2AUGM1w0Ohg5QbaJkACqRXjVkFeOGNDo56w9PVscVTHQukQ==
-----END CERTIFICATE-----

15
unittest/libmariadb/certs/server-key.pem Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCq5lS93VIeFvckUjdYK6evSeHNdSoYUuFI8FmCwHrZZrOXBLN3
9Dn90cAaxaarRITSFzlTJWObwyR4UVx3a9+0gh3kQ/RnCl2Jov6w6mQ6HZ1JeMh/
eaXNRUsMra5P4tRd7OhzBu2YkoVJspwxO0Q4X7ta8WiEqcNbMTnUR5g4VQIDAQAB
AoGAblQWXyBzdBN1Z5BgRF6ieYpj6OT70QoogJMR5lRmutUPma4iQo17pr3znBT/
nU+1w3/UtTXNEXCwqbA01q/gkbP2PaW/sbHLVow1B7u/o42WW6I3Btnl3ClnCNjD
Mo7/Gj027hhp7mC61r81JeJVh8fJUgxdNqoH7AkDnA+FJAECQQDjIl3k6W2P+bHb
bp+8eyY7ITQbppZh+3hFJKRL7DZKFYL5J6gejiBURnG9DKnhoSP2nqzqdrRhWZhB
ZHr+ciEBAkEAwJ5rMpFoIwRzgPD4Q4iSqHcBbFcJE7dK1XLq6MYUVNQGfDU8pBvI
EocXphpsJ8CbR35dGDY19rmO2LjG3RBDVQJAetRN9Inrjw2YCjNzvKjYTuew1zcq
YghszO94zfoKjdu+PWEdwJBZmVmTDoo3oGXVHfxHRHA3MeISvWJKRSmRAQJAHL9H
9msXJKrEZkkQdFvMr5HbR4UR2LxxUbvt7UGqxSJDuYPkggWXbZR15hdpbuFjC1+D
m1pz4Ve+RwAExfdoZQJBANfmuWtlLU+SMpDG4zOyC7u4dz+TtnEOfDUECFNZtqvU
MWz98MIXAjiBDYU1Z0BrA7b0/FVsPR3t6JZFQWWI2y8=
-----END RSA PRIVATE KEY-----

6
unittest/libmariadb/fetch.c
View File

@@ -32,7 +32,7 @@ static int bind_fetch(MYSQL *mysql, int row_count)
int32 data[10];
int8 i8_data;
int16 i16_data;
long i32_data;
int i32_data;
longlong i64_data;
float f_data;
double d_data;
@@ -316,7 +316,7 @@ static int test_fetch_offset(MYSQL *mysql)
rc= mysql_stmt_store_result(stmt);
check_stmt_rc(rc,stmt);
diag("truncation: %d", mysql->options.report_data_truncation);
rc= mysql_stmt_fetch(stmt);
FAIL_UNLESS(rc == MYSQL_DATA_TRUNCATED, "rc != MYSQL_DATA_TRUNCATED");
@@ -567,7 +567,7 @@ static int test_fetch_null(MYSQL *mysql)
MYSQL_STMT *stmt;
int rc;
int i;
long nData= 0;
int nData= 0;
MYSQL_BIND my_bind[11];
ulong length[11];
my_bool is_null[11];

1
unittest/libmariadb/misc.c
View File

@@ -231,7 +231,6 @@ static int test_frm_bug(MYSQL *mysql)
char test_frm[FN_REFLEN];
int rc;
return SKIP;
mysql_autocommit(mysql, TRUE);
rc= mysql_query(mysql, "drop table if exists test_frm_bug");

2
unittest/libmariadb/my_test.h
View File

@@ -401,7 +401,7 @@ MYSQL *test_connect(struct my_tests_st *test)
MYSQL *mysql;
int i= 0;
int timeout= 10;
int truncation_report= 1;
my_bool truncation_report= 1;
if (!(mysql = mysql_init(NULL))) {
diag("%s", "mysql_init failed - exiting");
return(NULL);

83
unittest/libmariadb/ps_bugs.c
View File

@@ -4405,8 +4405,91 @@ static int test_conc198(MYSQL *mysql)
return OK;
}
static int test_conc205(MYSQL *mysql)
{
MYSQL_STMT *stmt;
MYSQL_BIND my_bind[3];
char data[8];
ulong length[3];
int rc, int_col;
short smint_col;
my_bool is_null[3];
const char *query = "SELECT text_col, smint_col, int_col FROM test_conc205";
rc= mysql_query(mysql, "drop table if exists test_conc205");
check_mysql_rc(rc, mysql);
rc= mysql_query(mysql, "CREATE TABLE test_conc205 (text_col TEXT, smint_col SMALLINT, int_col INT)");
check_mysql_rc(rc, mysql);
rc= mysql_query(mysql, "INSERT INTO test_conc205 VALUES('data01', 21893, 1718038908), ('data2', -25734, -1857802040)");
check_mysql_rc(rc, mysql);
stmt= mysql_stmt_init(mysql);
FAIL_IF(!stmt, mysql_error(mysql));
rc= mysql_stmt_prepare(stmt, query, (unsigned long)strlen(query));
check_stmt_rc(rc, stmt);
memset(my_bind, '\0', sizeof(my_bind));
my_bind[0].buffer_type= MYSQL_TYPE_STRING;
my_bind[0].buffer= (void *)data;
my_bind[0].buffer_length= sizeof(data);
my_bind[0].is_null= &is_null[0];
my_bind[0].length= &length[0];
my_bind[1].buffer_type= MYSQL_TYPE_SHORT;
my_bind[1].buffer= &smint_col;
my_bind[1].buffer_length= 2;
my_bind[1].is_null= &is_null[1];
my_bind[1].length= &length[1];
my_bind[2].buffer_type= MYSQL_TYPE_LONG;
my_bind[2].buffer= &int_col;
my_bind[2].buffer_length= 4;
my_bind[2].is_null= &is_null[2];
my_bind[2].length= &length[2];
rc= mysql_stmt_execute(stmt);
check_stmt_rc(rc, stmt);
rc= mysql_stmt_bind_result(stmt, my_bind);
check_stmt_rc(rc, stmt);
rc= mysql_stmt_fetch(stmt);
check_stmt_rc(rc, stmt);
FAIL_IF(length[0] != 6, "Wrong fetched string length");
FAIL_IF(length[1] != 2, "Wrong fetched short length");
FAIL_IF(length[2] != 4, "Wrong fetched int length");
FAIL_IF(strncmp(data, "data01", length[0] + 1) != 0, "Wrong string value");
FAIL_IF(smint_col != 21893, "Expected 21893");
FAIL_IF(int_col != 1718038908, "Expected 1718038908");
rc= mysql_stmt_fetch(stmt);
check_stmt_rc(rc, stmt);
FAIL_IF(length[0] != 5, "Wrong fetched string length");
FAIL_IF(length[1] != 2, "Wrong fetched short length");
FAIL_IF(length[2] != 4, "Wrong fetched int length");
FAIL_IF(strncmp(data, "data2", length[0] + 1) != 0, "Wrong string value");
FAIL_IF(smint_col != -25734, "Expected 21893");
FAIL_IF(int_col != -1857802040, "Expected 1718038908");
rc= mysql_stmt_fetch(stmt);
FAIL_IF(rc != MYSQL_NO_DATA, "Expected MYSQL_NO_DATA");
mysql_stmt_close(stmt);
rc= mysql_query(mysql, "drop table test_conc205");
check_mysql_rc(rc, mysql);
return OK;
}
struct my_tests_st my_tests[] = {
{"test_conc205", test_conc205, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_conc198", test_conc198, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_conc182", test_conc182, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_conc181", test_conc181, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},

54
unittest/libmariadb/ssl.c.in
View File

@@ -140,7 +140,7 @@ static int test_ssl_cipher(MYSQL *unused __attribute__((unused)))
my= mysql_init(NULL);
FAIL_IF(!my, "mysql_init() failed");
mysql_ssl_set(my,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0);
mysql_ssl_set(my,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", 0, 0);
FAIL_IF(!mysql_real_connect(my, hostname, ssluser, sslpw, schema,
port, socketname, 0), mysql_error(my));
@@ -220,7 +220,7 @@ static int test_multi_ssl_connections(MYSQL *unused __attribute__((unused)))
mysql[i]= mysql_init(NULL);
FAIL_IF(!mysql[i],"mysql_init() failed");
mysql_ssl_set(mysql[i], 0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0);
mysql_ssl_set(mysql[i], 0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", 0, 0);
mysql_real_connect(mysql[i], hostname, ssluser, sslpw, schema,
port, socketname, 0);
@@ -264,7 +264,7 @@ DWORD WINAPI ssl_thread(void *dummy)
{
goto end;
}
mysql_ssl_set(mysql, 0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0);
mysql_ssl_set(mysql, 0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", 0, 0);
if(!mysql_real_connect(mysql, hostname, ssluser, sslpw, schema,
port, socketname, 0))
@@ -352,7 +352,7 @@ static int test_phpbug51647(MYSQL *unused __attribute__((unused)))
mysql_ssl_set(mysql, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/client-key.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/client-cert.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0);
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", 0, 0);
FAIL_IF(!mysql_real_connect(mysql, hostname, ssluser, sslpw, schema,
port, socketname, 0), mysql_error(mysql));
@@ -374,7 +374,7 @@ static int test_password_protected(MYSQL *unused __attribute__((unused)))
mysql_ssl_set(mysql, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/client-key-enc.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/client-cert.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0);
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", 0, 0);
mysql_options(mysql, MARIADB_OPT_TLS_PASSPHRASE, "qwerty");
@@ -418,7 +418,7 @@ static int test_conc50_1(MYSQL *unused __attribute__((unused)))
mysql= mysql_init(NULL);
FAIL_IF(!mysql, "Can't allocate memory");
mysql_ssl_set(mysql, NULL, NULL, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", NULL, NULL);
mysql_ssl_set(mysql, NULL, NULL, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", NULL, NULL);
mysql_real_connect(mysql, hostname, ssluser, sslpw, schema,
port, socketname, 0);
@@ -486,8 +486,6 @@ static int test_conc50_3(MYSQL *unused __attribute__((unused)))
mysql= mysql_init(NULL);
FAIL_IF(!mysql, "Can't allocate memory");
mysql_ssl_set(mysql, NULL, NULL, NULL, NULL, NULL);
mysql_real_connect(mysql, hostname, ssluser, sslpw, schema,
port, socketname, 0);
FAIL_IF(!mysql_errno(mysql), "Error expected, SSL connection required!");
@@ -496,7 +494,7 @@ static int test_conc50_3(MYSQL *unused __attribute__((unused)))
mysql= mysql_init(NULL);
FAIL_IF(!mysql, "Can't allocate memory");
mysql_ssl_set(mysql, NULL, NULL, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", NULL, NULL);
mysql_ssl_set(mysql, NULL, NULL, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", NULL, NULL);
mysql_real_connect(mysql, hostname, ssluser, sslpw, schema,
port, socketname, 0);
@@ -517,7 +515,7 @@ static int test_conc50_4(MYSQL *unused __attribute__((unused)))
mysql= mysql_init(NULL);
FAIL_IF(!mysql, "Can't allocate memory");
mysql_ssl_set(mysql, NULL, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", NULL, NULL, NULL);
mysql_ssl_set(mysql, NULL, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", NULL, NULL, NULL);
mysql_real_connect(mysql, hostname, ssluser, sslpw, schema,
port, socketname, 0);
@@ -535,6 +533,9 @@ static int verify_ssl_server_cert(MYSQL *unused __attribute__((unused)))
if (check_skip_ssl())
return SKIP;
if (!hostname || !strcmp(hostname, "localhost"))
return SKIP;
mysql= mysql_init(NULL);
FAIL_IF(!mysql, "Can't allocate memory");
@@ -619,9 +620,9 @@ DWORD WINAPI thread_conc102(void)
mysql_ssl_set(mysql, "@CMAKE_SOURCE_DIR@/unitt/libmariadb/certs/client-key.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/client-cert.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem",
NULL, NULL);
mysql_ssl_set(mysql,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0);
mysql_ssl_set(mysql,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", 0, 0);
if(!mysql_real_connect(mysql, hostname, username, password, schema,
port, socketname, 0))
@@ -716,7 +717,7 @@ static int test_ssl_fp(MYSQL *unused __attribute__((unused)))
my= mysql_init(NULL);
FAIL_IF(!my, "mysql_init() failed");
mysql_ssl_set(my,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0);
mysql_ssl_set(my,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", 0, 0);
mysql_options(my, MARIADB_OPT_SSL_FP, ssl_cert_finger_print);
@@ -752,7 +753,7 @@ static int test_ssl_fp_list(MYSQL *unused __attribute__((unused)))
my= mysql_init(NULL);
FAIL_IF(!my, "mysql_init() failed");
mysql_ssl_set(my,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0);
mysql_ssl_set(my,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", 0, 0);
mysql_options(my, MARIADB_OPT_SSL_FP_LIST, "./fingerprint.list");
@@ -781,7 +782,7 @@ static int test_ssl_version(MYSQL *unused __attribute__((unused)))
my= mysql_init(NULL);
FAIL_IF(!my, "mysql_init() failed");
mysql_ssl_set(my,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0);
mysql_ssl_set(my,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", 0, 0);
FAIL_IF(!mysql_real_connect(my, hostname, ssluser, sslpw, schema,
port, socketname, 0), mysql_error(my));
@@ -811,7 +812,7 @@ static int test_schannel_cipher(MYSQL *unused __attribute__((unused)))
my= mysql_init(NULL);
FAIL_IF(!my, "mysql_init() failed");
mysql_ssl_set(my,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0);
mysql_ssl_set(my,0, 0, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem", 0, 0);
mysql_options(my, MARIADB_OPT_TLS_CIPHER_STRENGTH, &cipher_strength);
FAIL_IF(!mysql_real_connect(my, hostname, ssluser, sslpw, schema,
port, socketname, 0), mysql_error(my));
@@ -849,6 +850,7 @@ static int test_cipher_mapping(MYSQL *unused __attribute__((unused)))
MYSQL_RES *res;
char c[100];
int rc;
const char *cipher;
mysql_ssl_set(mysql, NULL, NULL, NULL, NULL, ciphers[i]);
diag("%s", ciphers[i]);
@@ -856,12 +858,12 @@ static int test_cipher_mapping(MYSQL *unused __attribute__((unused)))
mysql->options.use_ssl= 1;
FAIL_IF(!mysql_real_connect(mysql, hostname, username, password, schema,
port, socketname, 0), mysql_error(mysql));
if (!mysql_get_ssl_cipher(mysql) ||
strcmp(ciphers[i], mysql_get_ssl_cipher(mysql)) != 0)
if (!(cipher= mysql_get_ssl_cipher(mysql)) ||
strcmp(ciphers[i], cipher) != 0)
{
diag("cipher %s failed", ciphers[i]);
diag("cipher %s differs: (%s)", ciphers[i], cipher);
mysql_close(mysql);
return FAIL;
goto cont;
}
else
{
@@ -875,9 +877,11 @@ static int test_cipher_mapping(MYSQL *unused __attribute__((unused)))
if (strcmp(ciphers[i], c) != 0)
{
diag("expected: %s instead of %s", ciphers[i], c);
return FAIL;
/* depending if server supports ECC, ciphers may differ,
so we don't return failure here */
}
}
cont:
i++;
}
return OK;
@@ -956,7 +960,7 @@ static int test_openssl_1(MYSQL *mysql)
sprintf(query, "grant select on %s.* to 'ssluser3'@'%s' require cipher 'AES256-SHA' AND "
" SUBJECT '/DC=com/DC=example/CN=client'", schema, sslhost);
" SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client'", schema, sslhost);
rc= mysql_query(mysql, query);
check_mysql_rc(rc, mysql);
@@ -971,7 +975,7 @@ static int test_openssl_1(MYSQL *mysql)
my= mysql_init(NULL);
mysql_ssl_set(my, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/client-key.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/client-cert.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem",
NULL,
"AES256-SHA");
FAIL_IF(!mysql_real_connect(my, hostname, "ssluser3", NULL, schema,
@@ -980,7 +984,7 @@ static int test_openssl_1(MYSQL *mysql)
mysql_close(my);
sprintf(query, "grant select on %s.* to 'ssluser4'@'%s' require cipher 'AES256-SHA' AND "
" ISSUER '/DC=com/DC=example/CN=client'", schema, sslhost);
" ISSUER '/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB'", schema, sslhost);
rc= mysql_query(mysql, query);
check_mysql_rc(rc, mysql);
@@ -995,7 +999,7 @@ static int test_openssl_1(MYSQL *mysql)
my= mysql_init(NULL);
mysql_ssl_set(my, "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/client-key.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/client-cert.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/cacert.pem",
NULL,
"AES256-SHA");
FAIL_IF(!mysql_real_connect(my, hostname, "ssluser4", NULL, schema,