diff --git a/mysql-test/include/have_openssl.inc b/mysql-test/include/have_openssl.inc deleted file mode 100644 index 54c5b04b3e4..00000000000 --- a/mysql-test/include/have_openssl.inc +++ /dev/null @@ -1,4 +0,0 @@ --- require r/have_openssl.require -disable_query_log; -show variables like "have_openssl"; -enable_query_log; diff --git a/mysql-test/include/have_ssl.inc b/mysql-test/include/have_ssl.inc new file mode 100644 index 00000000000..fab57d630e5 --- /dev/null +++ b/mysql-test/include/have_ssl.inc @@ -0,0 +1,4 @@ +-- require r/have_ssl.require +disable_query_log; +show variables like "have_ssl"; +enable_query_log; diff --git a/mysql-test/r/have_openssl.require b/mysql-test/r/have_ssl.require similarity index 54% rename from mysql-test/r/have_openssl.require rename to mysql-test/r/have_ssl.require index dae48a472b5..9bdffdf0c13 100644 --- a/mysql-test/r/have_openssl.require +++ b/mysql-test/r/have_ssl.require @@ -1,2 +1,2 @@ Variable_name Value -have_openssl YES +have_ssl YES diff --git a/mysql-test/r/rpl_ssl.result b/mysql-test/r/rpl_ssl.result new file mode 100644 index 00000000000..17a16d5020d --- /dev/null +++ b/mysql-test/r/rpl_ssl.result @@ -0,0 +1,93 @@ +stop slave; +drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9; +reset master; +reset slave; +drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9; +start slave; +grant replication slave on *.* to replssl@localhost require ssl; +create table t1 (t int auto_increment, KEY(t)); +stop slave; +change master to +master_user='replssl', +master_password='', +master_ssl=1, +master_ssl_ca ='MYSQL_TEST_DIR/std_data/cacert.pem', +master_ssl_cert='MYSQL_TEST_DIR/std_data/client-cert.pem', +master_ssl_key='MYSQL_TEST_DIR/std_data/client-key.pem'; +start slave; +insert into t1 values(1); +select * from t1; +t +1 +show slave status; +Slave_IO_State # +Master_Host 127.0.0.1 +Master_User replssl +Master_Port MASTER_MYPORT +Connect_Retry 1 +Master_Log_File master-bin.000001 +Read_Master_Log_Pos 420 +Relay_Log_File # +Relay_Log_Pos # +Relay_Master_Log_File master-bin.000001 +Slave_IO_Running Yes +Slave_SQL_Running Yes +Replicate_Do_DB +Replicate_Ignore_DB +Replicate_Do_Table +Replicate_Ignore_Table +Replicate_Wild_Do_Table +Replicate_Wild_Ignore_Table +Last_Errno 0 +Last_Error +Skip_Counter 0 +Exec_Master_Log_Pos 420 +Relay_Log_Space # +Until_Condition None +Until_Log_File +Until_Log_Pos 0 +Master_SSL_Allowed Yes +Master_SSL_CA_File MYSQL_TEST_DIR/std_data/cacert.pem +Master_SSL_CA_Path +Master_SSL_Cert MYSQL_TEST_DIR/std_data/client-cert.pem +Master_SSL_Cipher +Master_SSL_Key MYSQL_TEST_DIR/std_data/client-key.pem +Seconds_Behind_Master # +STOP SLAVE; +select * from t1; +t +1 +show slave status; +Slave_IO_State # +Master_Host 127.0.0.1 +Master_User replssl +Master_Port MASTER_MYPORT +Connect_Retry 1 +Master_Log_File master-bin.000001 +Read_Master_Log_Pos 12320 +Relay_Log_File # +Relay_Log_Pos # +Relay_Master_Log_File master-bin.000001 +Slave_IO_Running Yes +Slave_SQL_Running Yes +Replicate_Do_DB +Replicate_Ignore_DB +Replicate_Do_Table +Replicate_Ignore_Table +Replicate_Wild_Do_Table +Replicate_Wild_Ignore_Table +Last_Errno 0 +Last_Error +Skip_Counter 0 +Exec_Master_Log_Pos 12320 +Relay_Log_Space # +Until_Condition None +Until_Log_File +Until_Log_Pos 0 +Master_SSL_Allowed Yes +Master_SSL_CA_File MYSQL_TEST_DIR/std_data/cacert.pem +Master_SSL_CA_Path +Master_SSL_Cert MYSQL_TEST_DIR/std_data/client-cert.pem +Master_SSL_Cipher +Master_SSL_Key MYSQL_TEST_DIR/std_data/client-key.pem +Seconds_Behind_Master # diff --git a/mysql-test/t/func_des_encrypt.test b/mysql-test/t/func_des_encrypt.test index 5d102bd02eb..b757a632adf 100644 --- a/mysql-test/t/func_des_encrypt.test +++ b/mysql-test/t/func_des_encrypt.test @@ -1,4 +1,4 @@ --- source include/have_openssl.inc +-- source include/have_ssl.inc # This test can't be in func_encrypt.test, because it requires # --des-key-file to not be set. diff --git a/mysql-test/t/func_encrypt.test b/mysql-test/t/func_encrypt.test index a7364fa43da..bcf1e5a77f4 100644 --- a/mysql-test/t/func_encrypt.test +++ b/mysql-test/t/func_encrypt.test @@ -1,4 +1,4 @@ --- source include/have_openssl.inc +-- source include/have_ssl.inc --disable_warnings drop table if exists t1; diff --git a/mysql-test/t/openssl_1.test b/mysql-test/t/openssl_1.test index 3d614514de3..8772b8157e3 100644 --- a/mysql-test/t/openssl_1.test +++ b/mysql-test/t/openssl_1.test @@ -1,6 +1,7 @@ -# We test openssl. Result set is optimized to be compiled with --with-openssl. -# Use mysql-test-run with --with-openssl option. --- source include/have_openssl.inc +# Tests for SSL connections, only run if mysqld is compiled +# with support for SSL. + +-- source include/have_ssl.inc --disable_warnings drop table if exists t1; diff --git a/mysql-test/t/rpl_openssl.test b/mysql-test/t/rpl_openssl.test index 00ae5c935bf..edef603f617 100644 --- a/mysql-test/t/rpl_openssl.test +++ b/mysql-test/t/rpl_openssl.test @@ -1,4 +1,4 @@ -source include/have_openssl.inc; +source include/have_ssl.inc; source include/master-slave.inc; # We don't test all types of ssl auth params here since it's a bit hard diff --git a/mysql-test/t/rpl_ssl.test b/mysql-test/t/rpl_ssl.test new file mode 100644 index 00000000000..249ed16f931 --- /dev/null +++ b/mysql-test/t/rpl_ssl.test @@ -0,0 +1,60 @@ +source include/have_ssl.inc; +source include/master-slave.inc; + +# create a user for replication that requires ssl encryption +connection master; +grant replication slave on *.* to replssl@localhost require ssl; +create table t1 (t int auto_increment, KEY(t)); + +sync_slave_with_master; + +# Set slave to use SSL for connection to master +stop slave; +--replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR +eval change master to + master_user='replssl', + master_password='', + master_ssl=1, + master_ssl_ca ='$MYSQL_TEST_DIR/std_data/cacert.pem', + master_ssl_cert='$MYSQL_TEST_DIR/std_data/client-cert.pem', + master_ssl_key='$MYSQL_TEST_DIR/std_data/client-key.pem'; +start slave; + +# Switch to master and insert one record, then sync it to slave +connection master; +insert into t1 values(1); +sync_slave_with_master; + +# The record should now be on slave +select * from t1; + +# The slave is synced and waiting/reading from master +# SHOW SLAVE STATUS will show "Waiting for master to send event" +--replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR $MASTER_MYPORT MASTER_MYPORT +--replace_column 1 # 8 # 9 # 23 # 33 # +query_vertical show slave status; + +# Stop the slave, as reported in bug#21871 it would hang +STOP SLAVE; + +select * from t1; + +# Do the same thing a number of times +disable_query_log; +let $i= 100; +while ($i) +{ + start slave; + connection master; + insert into t1 values (NULL); + connection slave; + stop slave; + dec $i; +} +start slave; +enable_query_log; +connection master; +sync_slave_with_master; +--replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR $MASTER_MYPORT MASTER_MYPORT +--replace_column 1 # 8 # 9 # 23 # 33 # +query_vertical show slave status; diff --git a/mysql-test/t/ssl.test b/mysql-test/t/ssl.test index de88569d74a..a15f0212fbd 100644 --- a/mysql-test/t/ssl.test +++ b/mysql-test/t/ssl.test @@ -1,7 +1,7 @@ # Turn on ssl between the client and server # and run a number of tests --- source include/have_openssl.inc +-- source include/have_ssl.inc connect (ssl_con,localhost,root,,,,,SSL); diff --git a/mysql-test/t/ssl_compress.test b/mysql-test/t/ssl_compress.test index f5fe86e9a81..23051c0e367 100644 --- a/mysql-test/t/ssl_compress.test +++ b/mysql-test/t/ssl_compress.test @@ -1,7 +1,7 @@ # Turn on compression between the client and server # and run a number of tests --- source include/have_openssl.inc +-- source include/have_ssl.inc -- source include/have_compress.inc connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS); diff --git a/mysql-test/t/ssl_connect.test b/mysql-test/t/ssl_connect.test index 99c875186c1..31e581c9342 100644 --- a/mysql-test/t/ssl_connect.test +++ b/mysql-test/t/ssl_connect.test @@ -1,5 +1,5 @@ --- source include/have_openssl.inc +-- source include/have_ssl.inc # Repeat connect/disconnect diff --git a/mysql-test/t/ssl_des.test b/mysql-test/t/ssl_des.test index 7cf2c920ab5..7e4efe40add 100644 --- a/mysql-test/t/ssl_des.test +++ b/mysql-test/t/ssl_des.test @@ -2,7 +2,7 @@ # then turn on ssl between the client and server # and run a number of standard tests --- source include/have_openssl.inc +-- source include/have_ssl.inc # Connect by ip to avoid turning on "ssl-verify-server-cert" connect (ssl_con,127.0.0.1,root,,,,$MASTER_MYPORT,SSL); diff --git a/sql/mysql_priv.h b/sql/mysql_priv.h index e8944aeb4ca..7be22435478 100644 --- a/sql/mysql_priv.h +++ b/sql/mysql_priv.h @@ -1702,7 +1702,7 @@ extern handlerton *partition_hton; extern handlerton *myisam_hton; extern handlerton *heap_hton; -extern SHOW_COMP_OPTION have_openssl, have_symlink, have_dlopen; +extern SHOW_COMP_OPTION have_ssl, have_symlink, have_dlopen; extern SHOW_COMP_OPTION have_query_cache; extern SHOW_COMP_OPTION have_geometry, have_rtree_keys; extern SHOW_COMP_OPTION have_crypt; diff --git a/sql/mysqld.cc b/sql/mysqld.cc index 2effbaac8e8..656fd240adf 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -568,7 +568,7 @@ CHARSET_INFO *system_charset_info, *files_charset_info ; CHARSET_INFO *national_charset_info, *table_alias_charset; CHARSET_INFO *character_set_filesystem; -SHOW_COMP_OPTION have_openssl, have_symlink, have_dlopen, have_query_cache; +SHOW_COMP_OPTION have_ssl, have_symlink, have_dlopen, have_query_cache; SHOW_COMP_OPTION have_geometry, have_rtree_keys; SHOW_COMP_OPTION have_crypt, have_compress; @@ -3160,12 +3160,12 @@ static void init_ssl() if (!ssl_acceptor_fd) { opt_use_ssl = 0; - have_openssl= SHOW_OPTION_DISABLED; + have_ssl= SHOW_OPTION_DISABLED; } } else { - have_openssl= SHOW_OPTION_DISABLED; + have_ssl= SHOW_OPTION_DISABLED; } if (des_key_file) load_des_key_file(des_key_file); @@ -7244,9 +7244,9 @@ static void mysql_init_variables(void) have_ndbcluster=SHOW_OPTION_NO; #endif #ifdef HAVE_OPENSSL - have_openssl=SHOW_OPTION_YES; + have_ssl=SHOW_OPTION_YES; #else - have_openssl=SHOW_OPTION_NO; + have_ssl=SHOW_OPTION_NO; #endif #ifdef HAVE_BROKEN_REALPATH have_symlink=SHOW_OPTION_NO; diff --git a/sql/set_var.cc b/sql/set_var.cc index 732f37a64f0..10b1225349c 100644 --- a/sql/set_var.cc +++ b/sql/set_var.cc @@ -674,7 +674,8 @@ sys_var_have_variable sys_have_dlopen("have_dynamic_loading", &have_dlopen); sys_var_have_variable sys_have_geometry("have_geometry", &have_geometry); sys_var_have_variable sys_have_innodb("have_innodb", &have_innodb); sys_var_have_variable sys_have_ndbcluster("have_ndbcluster", &have_ndbcluster); -sys_var_have_variable sys_have_openssl("have_openssl", &have_openssl); +sys_var_have_variable sys_have_openssl("have_openssl", &have_ssl); +sys_var_have_variable sys_have_ssl("have_ssl", &have_ssl); sys_var_have_variable sys_have_partition_db("have_partitioning", &have_partition_db); sys_var_have_variable sys_have_query_cache("have_query_cache", @@ -799,7 +800,8 @@ SHOW_VAR init_vars[]= { {sys_have_geometry.name, (char*) &have_geometry, SHOW_HAVE}, {sys_have_innodb.name, (char*) &have_innodb, SHOW_HAVE}, {sys_have_ndbcluster.name, (char*) &have_ndbcluster, SHOW_HAVE}, - {sys_have_openssl.name, (char*) &have_openssl, SHOW_HAVE}, + {sys_have_openssl.name, (char*) &have_ssl, SHOW_HAVE}, + {sys_have_ssl.name, (char*) &have_ssl, SHOW_HAVE}, {sys_have_partition_db.name,(char*) &have_partition_db, SHOW_HAVE}, {sys_have_query_cache.name, (char*) &have_query_cache, SHOW_HAVE}, {sys_have_rtree_keys.name, (char*) &have_rtree_keys, SHOW_HAVE},