database/mariadb-connector-c
1
0
Fork 0
mirror of https://github.com/mariadb-corporation/mariadb-connector-c.git synced 2025-08-07 02:42:49 +03:00
Code Activity

Merge branch '3.3' into 3.4

Browse Source
This commit is contained in:
Georg Richter
2024-12-08 12:01:20 +01:00
parent 1093c22e35 6d28fe89af
commit fb0eea663a
5 changed files with 175 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
libmariadb/secure/gnutls.c
View File

@@ -722,6 +722,26 @@ const struct st_cipher_map tls_ciphers[]=
"TLS_DH_anon_WITH_AES_256_GCM_SHA384",
NULL,
"TLS_DH_ANON_AES_256_GCM_SHA384"},
{ {0x13, 0x01},
"TLS_AES_128_GCM_SHA256",
"TLS_AES_128_GCM_SHA256",
"TLS_AES_128_GCM_SHA256"},
{ {0x13, 0x02},
"TLS_AES_256_GCM_SHA384",
"TLS_AES_256_GCM_SHA384",
"TLS_AES_256_GCM_SHA384"},
{ {0x13, 0x03},
"TLS_CHACHA20_POLY1305_SHA256",
"TLS_CHACHA20_POLY1305_SHA256",
"TLS_CHACHA20_POLY1305_SHA256"},
{ {0x13, 0x04},
"TLS_AES_128_CCM_SHA256",
"TLS_AES_128_CCM_SHA256",
"TLS_AES_128_CCM_SHA256"},
{ {0x13, 0x05},
"TLS_AES_128_CCM_8_SHA256",
"TLS_AES_128_CCM_8_SHA256",
"TLS_AES_128_CCM_8_SHA256"},
{ {0xC0, 0x84},
"TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256",
NULL,
@@ -792,6 +812,7 @@ const struct st_cipher_map tls_ciphers[]=
NULL}
};
#if GNUTLS_VERSION_NUMBER < 0x030704
/* map the gnutls cipher suite (defined by key exchange algorithm, cipher
and mac algorithm) to the corresponding OpenSSL cipher name */
static const char *openssl_cipher_name(gnutls_kx_algorithm_t kx,
@@ -828,6 +849,7 @@ static const char *openssl_cipher_name(gnutls_kx_algorithm_t kx,
}
return NULL;
}
#endif
/* get priority string for a given openssl cipher name */
static char *get_priority(const char *cipher_name, char *priority, size_t len)
@@ -856,10 +878,20 @@ static char *get_priority(const char *cipher_name, char *priority, size_t len)
{
if (!strcmp(name, tls_ciphers[i].gnutls_name))
{
snprintf(priority, len - 1, ":+%s:+%s:+%s",
gnutls_cipher_get_name(cipher),
gnutls_mac_get_name(mac),
gnutls_kx_get_name(kx));
const char *p;
if ((p= gnutls_cipher_get_name(cipher)))
snprintf(priority, len - 1, ":+%s",p);
if ((p= gnutls_mac_get_name(mac)))
{
strncat(priority, ":+", len - 1);
strncat(priority, p, len - 1);
}
if ((p= gnutls_kx_get_name(kx)))
{
strncat(priority, ":+", len - 1);
strncat(priority, p, len - 1);
}
return priority;
}
}
@@ -1491,6 +1523,7 @@ end:
const char *ma_tls_get_cipher(MARIADB_TLS *ctls)
{
#if GNUTLS_VERSION_NUMBER < 0x030704
gnutls_kx_algorithm_t kx;
gnutls_cipher_algorithm_t cipher;
gnutls_mac_algorithm_t mac;
@@ -1502,6 +1535,24 @@ const char *ma_tls_get_cipher(MARIADB_TLS *ctls)
cipher= gnutls_cipher_get((gnutls_session_t)ctls->ssl);
kx= gnutls_kx_get((gnutls_session_t)ctls->ssl);
return openssl_cipher_name(kx, cipher, mac);
#else
const char *cs= gnutls_ciphersuite_get((gnutls_session_t)ctls->ssl);
int i=0;
while (tls_ciphers[i].iana_name)
{
if (!strcmp(tls_ciphers[i].gnutls_name, cs))
{
if (tls_ciphers[i].openssl_name)
return tls_ciphers[i].openssl_name;
if (tls_ciphers[i].gnutls_name)
return tls_ciphers[i].gnutls_name;
return tls_ciphers[i].iana_name;
}
i++;
}
return NULL;
#endif
}
unsigned int ma_tls_get_finger_print(MARIADB_TLS *ctls, uint hash_type, char *fp, unsigned int len)

3
plugins/auth/my_auth.c
View File

@@ -508,8 +508,7 @@ static int send_client_reply_packet(MCPVIO_EXT *mpvio,
*/
if (mysql->client_flag & CLIENT_ZSTD_COMPRESSION)
{
int4store(end, (unsigned int)3);
end+= 4;
*end++= 3;
}
/* Write authentication package */

35
unittest/libmariadb/connection.c
View File

@@ -2410,9 +2410,44 @@ int test_tls_timeout(MYSQL *unused __attribute__((unused)))
}
#if defined(HAVE_GNUTLS) || defined(HAVE_OPENSSL)
static int test_conc748(MYSQL *my __attribute__((unused)))
{
MYSQL *mysql;
int i;
const char *ciphers[3]= {"TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256"};
for (i=0; i < 3; i++)
{
const char *tls_version;
mysql= mysql_init(NULL);
mysql_ssl_set(mysql, NULL, NULL, NULL, NULL, NULL);
mysql_optionsv(mysql, MYSQL_OPT_SSL_CIPHER, ciphers[i]);
if (!my_test_connect(mysql, hostname, NULL,
NULL, schema, port, socketname, 0, 0))
{
diag("error: %s", mysql_error(mysql));
return FAIL;
}
FAIL_IF(strcmp(ciphers[i], mysql_get_ssl_cipher(mysql)), "Cipher mismatch");
mariadb_get_infov(mysql, MARIADB_CONNECTION_TLS_VERSION, &tls_version);
FAIL_IF(strcmp(tls_version, "TLSv1.3"), "TLS version mismatch");
mysql_close(mysql);
}
return OK;
}
#endif
struct my_tests_st my_tests[] = {
{"test_tls_timeout", test_tls_timeout, TEST_CONNECTION_NONE, 0, NULL, NULL},
{"test_parsec", test_parsec, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
#if defined(HAVE_GNUTLS) || defined(HAVE_OPENSSL)
{"test_conc748", test_conc748, TEST_CONNECTION_NONE, 0, NULL, NULL},
#endif
{"test_conc505", test_conc505, TEST_CONNECTION_NONE, 0, NULL, NULL},
{"test_conc632", test_conc632, TEST_CONNECTION_NONE, 0, NULL, NULL},
{"test_status_callback", test_status_callback, TEST_CONNECTION_NONE, 0, NULL, NULL},

36
unittest/libmariadb/misc.c
View File

@@ -1534,6 +1534,41 @@ static int test_conc458(MYSQL *my __attribute__((unused)))
return OK;
}
static int test_conc163(MYSQL *mysql)
{
int rc;
MYSQL_STMT *stmt;
rc= mysql_query(mysql, "SET @a:=1");
check_mysql_rc(rc, mysql);
FAIL_IF(mysql_info(mysql) != NULL, "mysql_info: expected NULL");
rc= mysql_query(mysql, "CREATE OR REPLACE TABLE t1 AS SELECT 1");
check_mysql_rc(rc, mysql);
FAIL_IF(mysql_info(mysql) == NULL, "mysql_info: expected != NULL");
rc= mysql_query(mysql, "DROP TABLE t1");
check_mysql_rc(rc, mysql);
stmt= mysql_stmt_init(mysql);
rc= mariadb_stmt_execute_direct(stmt, SL("SET @a:=1"));
check_stmt_rc(rc, stmt);
FAIL_IF(mysql_info(mysql) != NULL, "mysql_info: expected NULL");
rc= mariadb_stmt_execute_direct(stmt, SL("CREATE OR REPLACE TABLE t1 AS SELECT 1"));
check_stmt_rc(rc, stmt);
FAIL_IF(mysql_info(mysql) == NULL, "mysql_info: expected != NULL");
mysql_stmt_close(stmt);
rc= mysql_query(mysql, "DROP TABLE t1");
check_mysql_rc(rc, mysql);
return OK;
}
static int test_conc533(MYSQL *mysql)
{
@@ -1674,6 +1709,7 @@ struct my_tests_st my_tests[] = {
{"test_disable_tls1_0", test_disable_tls1_0, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_ext_field_attr", test_ext_field_attr, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_conc533", test_conc533, TEST_CONNECTION_NEW, 0, NULL, NULL},
{"test_conc163", test_conc163, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_conc458", test_conc458, TEST_CONNECTION_NONE, 0, NULL, NULL},
#if !__has_feature(memory_sanitizer)
{"test_conc457", test_conc457, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},

48
unittest/libmariadb/ps_bugs.c
View File

@@ -5922,10 +5922,58 @@ static int test_conc739(MYSQL *mysql)
return OK;
}
static int test_conc176(MYSQL *mysql)
{
MYSQL_STMT *stmt;
MYSQL_BIND bind;
char buffer[9];
int rc;
rc= mysql_query(mysql, "DROP TABLE IF EXISTS t1");
check_mysql_rc(rc, mysql);
rc= mysql_query(mysql, "CREATE TABLE t1 (a int(8) zerofill)");
check_mysql_rc(rc, mysql);
rc= mysql_query(mysql, "INSERT INTO t1 VALUES (1)");
check_mysql_rc(rc, mysql);
stmt= mysql_stmt_init(mysql);
rc= mysql_stmt_prepare(stmt, "SELECT a FROM t1", -1);
check_stmt_rc(rc, stmt);
rc= mysql_stmt_execute(stmt);
memset(&bind, 0, sizeof(MYSQL_BIND));
bind.buffer= buffer;
bind.buffer_type= MYSQL_TYPE_STRING;
bind.buffer_length= 9;
rc= mysql_stmt_bind_result(stmt, &bind);
check_stmt_rc(rc, stmt);
rc= mysql_stmt_fetch(stmt);
diag("Buffer: %s", buffer);
FAIL_IF(strlen(buffer) == 1, "Expected zerofilled string");
rc= mysql_stmt_close(stmt);
rc= mysql_query(mysql, "DROP TABLE t1");
check_mysql_rc(rc, mysql);
return OK;
}
struct my_tests_st my_tests[] = {
{"test_conc683", test_conc683, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_conc667", test_conc667, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_conc702", test_conc702, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_conc176", test_conc176, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_conc739", test_conc739, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_conc633", test_conc633, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_conc623", test_conc623, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},