TLS/SSL fixes:

- don't run fingerprint and passphrase protected tests if the corresponding
  files (sha1 and encrypted client key) are not found in CERT_PATH
- don't overwrite SSL errors if handshake failed
- Use gnutls read/write instead of pvio

unittest/libmariadb/CMakeLists.txt

@@ -38,8 +38,14 @@ SET(MANUAL_TESTS "t_aurora" "t_conc173")
 # Get finger print from server certificate
 IF(WITH_SSL)
   IF(CERT_PATH)
-    FILE(READ ${CERT_PATH}/server-cert.sha1 CERT_FINGER_PRINT)
-    STRING(REPLACE "\n" "" CERT_FINGER_PRINT "${CERT_FINGER_PRINT}")
+    IF(EXISTS ${CERT_PATH}/server-cert.sha1)
+      FILE(READ ${CERT_PATH}/server-cert.sha1 CERT_FINGER_PRINT)
+      STRING(REPLACE "\n" "" CERT_FINGER_PRINT "${CERT_FINGER_PRINT}")
+      ADD_DEFINITIONS(-DTEST_SSL_SHA1)
+    ENDIF()
+    IF(EXISTS ${CERT_PATH}/client-key-enc.pem)
+      ADD_DEFINITIONS(-DTEST_SSL_PASSPHRASE)
+    ENDIF()
     SET(API_TESTS ${API_TESTS} "ssl")
     IF(WIN32)
       STRING(REPLACE "\\" "\\\\" CERT_PATH ${CERT_PATH})

unittest/libmariadb/ssl.c.in

@@ -394,6 +394,10 @@ static int test_password_protected(MYSQL *unused __attribute__((unused)))
   if (check_skip_ssl())
     return SKIP;
 
+#ifndef TEST_SSL_PASSPHRASE
+  return SKIP;
+#endif
+
   mysql= mysql_init(NULL);
   FAIL_IF(!mysql, "Can't allocate memory");
 
@@ -785,10 +789,14 @@ static int test_ssl_fp(MYSQL *unused __attribute__((unused)))
 static int test_ssl_fp_list(MYSQL *unused __attribute__((unused)))
 {
   MYSQL *my;
-  
+
   if (check_skip_ssl())
     return SKIP;
 
+#ifndef TEST_SSL_SHA1
+  return SKIP;
+#endif
+
   if (!ssl_cert_finger_print[0])
   {
     diag("No fingerprint available");