database/mariadb-connector-c
1
0
Fork 0
mirror of https://github.com/mariadb-corporation/mariadb-connector-c.git synced 2025-08-08 14:02:17 +03:00
Code Activity

tls test fix:

Browse Source 
- Don't skip ca test when running with schannel.
- Load new self signed cert after expiration test
This commit is contained in:
Georg Richter
2024-07-17 11:56:44 +02:00
parent ea307b8d6e
commit efbc562477
1 changed files with 9 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
unittest/libmariadb/tls.c.in
View File

@@ -265,40 +265,23 @@ static int test_ca_cert_check(MYSQL *my __attribute__((unused)))
MYSQL *mysql= mysql_init(NULL); MYSQL *mysql= mysql_init(NULL);
int rc= FAIL; int rc= FAIL;
#ifdef HAVE_SCHANNEL if (set_tls_dummy_options("CMD:create_new=True"))
diag("Not supported by schannel");
return SKIP;
#endif
if (ignore_self_signed)
{ {
diag("Test doesn't work on trusted connection"); diag("Error when setting TLS options");
return SKIP; return FAIL;
} }
/* Force use of TLS with faked ca, which contains the server /* Force use of TLS with faked ca, which contains the server
certificate */ certificate */
mysql_ssl_set(mysql, NULL, NULL, "./ca_cert.pem", NULL, NULL); mysql_ssl_set(mysql, NULL, NULL, "./selfsigned.pem", NULL, NULL);
if (my_test_connect(mysql, hostname, username, password, schema, if (my_test_connect(mysql, tls_dummy_host, username, password, schema,
port, socketname, 0, 0)) tls_dummy_port, socketname, 0, 0))
{ {
if (auto_generated_cert)
{
diag("expected hostname mismatch for autogenerated certificate");
goto end;
}
} else {
if (auto_generated_cert)
{
rc= OK;
goto end;
}
diag("Error: %s", mysql_error(mysql)); diag("Error: %s", mysql_error(mysql));
goto end; goto end;
} }
diag("flags: %d\n", mysql->net.tls_verify_status);
FAIL_IF(!mysql_get_ssl_cipher(mysql), "No TLS connection"); CHECK_TLS_FLAGS(mysql, MARIADB_TLS_VERIFY_HOST, "Host verification flag not set");
rc= OK; rc= OK;
end: end:
mysql_close(mysql); mysql_close(mysql);
@@ -475,7 +458,7 @@ static int test_pw_check(MYSQL *my)
diag("Error (password + self signed)"); diag("Error (password + self signed)");
goto end; goto end;
} }
diag("ok"); CHECK_TLS_FLAGS(mysql, MARIADB_TLS_VERIFY_TRUST, "Trust verification flag not set");
mysql_close(mysql); mysql_close(mysql);
mysql= mysql_init(NULL); mysql= mysql_init(NULL);
@@ -642,7 +625,6 @@ static int test_wrong_hostname(MYSQL *my __attribute__((unused)))
{ {
MYSQL *mysql; MYSQL *mysql;
/* Set validity in future */
if (set_tls_dummy_options("CMD:create_new=True")) if (set_tls_dummy_options("CMD:create_new=True"))
{ {
diag("Error when setting TLS options"); diag("Error when setting TLS options");