diff --git a/client/mysql.cc b/client/mysql.cc index e9eada2d8cc..99bc5b14ef0 100644 --- a/client/mysql.cc +++ b/client/mysql.cc @@ -5049,8 +5049,8 @@ com_status(String *buffer __attribute__((unused)), #if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY) if ((status_str= mysql_get_ssl_cipher(&mysql))) - tee_fprintf(stdout, "SSL:\t\t\tCipher in use is %s\n", - status_str); + tee_fprintf(stdout, "SSL:\t\t\tCipher in use is %s, cert is %s\n", + status_str, opt_ssl_verify_server_cert ? "OK" : "UNKNOWN"); else #endif /* HAVE_OPENSSL && !EMBEDDED_LIBRARY */ tee_puts("SSL:\t\t\tNot in use", stdout); diff --git a/mysql-test/main/mysql.result b/mysql-test/main/mysql.result index ecc052d9ee2..e5c9f4ee4ed 100644 --- a/mysql-test/main/mysql.result +++ b/mysql-test/main/mysql.result @@ -640,3 +640,18 @@ WARNING: option --enable-cleartext-plugin is obsolete. # # MDEV-30327 Client crashes in print_last_query_cost # +# +# show whether server cert was verified +# +create user ser@localhost identified by "ass"; +MYSQL --disable-ssl-verify-server-cert -e "\s" + +SSL: Cipher in use is XXX, cert is UNKNOWN + + +MYSQL --ssl-verify-server-cert -e "\s" + +SSL: Cipher in use is XXX, cert is OK + + +drop user ser@localhost; diff --git a/mysql-test/main/mysql.test b/mysql-test/main/mysql.test index 5aa130f8a4c..feae9ef9824 100644 --- a/mysql-test/main/mysql.test +++ b/mysql-test/main/mysql.test @@ -725,3 +725,15 @@ drop table t1; --exec $MYSQL --show-query-costs --port=$MASTER_MYPORT -e "show tables in mysql like 'foo'" --enable_result_log --enable_query_log + +--echo # +--echo # show whether server cert was verified +--echo # +create user ser@localhost identified by "ass"; +--echo MYSQL --disable-ssl-verify-server-cert -e "\\s" +--replace_regex /^.[^S].*// /\b[-A-Z_0-9]+,/XXX,/ +--exec $MYSQL -user -pass --disable-ssl-verify-server-cert -e "\\s" +--echo MYSQL --ssl-verify-server-cert -e "\\s" +--replace_regex /^.[^S].*// /\b[-A-Z_0-9]+,/XXX,/ +--exec $MYSQL -user -pass --ssl-verify-server-cert -e "\\s" +drop user ser@localhost;