database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-11-15 09:02:33 +03:00
Code Activity
Files
f8866f8f665ac26beb31842fef48ecee5feb346e
mariadb/mysql-test/t/openssl_6975.test
Georg Richter f8866f8f66 MDEV-10332 support for OpenSSL 1.1 and LibreSSL 
Initial support

tested against OpenSSL 1.0.1, 1.0.2, 1.1.0, Yassl and LibreSSL
not working on Windows with native SChannel support, due to wrong cipher
mapping: Latter one requires push of CONC-241 fixes.
Please note that OpenSSL 0.9.8 and OpenSSL 1.1.0 will not work: Even if
the build succeeds, test cases will fail with various errors, especially
when using different tls libraries or versions for client and server.
2017-05-09 18:53:10 +02:00

45 lines
1.9 KiB
Plaintext
Raw Blame History

#
# MDEV-6975 Implement TLS protocol
#
# test SSLv3 and TLSv1.2 ciphers when OpenSSL is restricted to SSLv3 or TLSv1.2
#
source include/have_ssl_communication.inc;
source include/require_openssl_client.inc;
# this is OpenSSL test.
create user ssl_sslv3@localhost;
# grant select on test.* to ssl_sslv3@localhost require cipher "AES128-SHA";
grant select on test.* to ssl_sslv3@localhost require cipher "AES128-SHA";
create user ssl_tls12@localhost;
grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256";
let $mysql=$MYSQL --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1;
disable_abort_on_error;
echo TLS1.2 ciphers: user is ok with any cipher;
exec $mysql --ssl-cipher=AES128-SHA256;
--replace_result DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-GCM-SHA384
--replace_result ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384
exec $mysql --ssl-cipher=TLSv1.2
echo TLS1.2 ciphers: user requires SSLv3 cipher AES128-SHA;
exec $mysql --user ssl_sslv3 --ssl-cipher=AES128-SHA256;
exec $mysql --user ssl_sslv3 --ssl-cipher=TLSv1.2;
echo TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256;
exec $mysql --user ssl_tls12 --ssl-cipher=AES128-SHA256;
exec $mysql --user ssl_tls12 --ssl-cipher=TLSv1.2;
echo SSLv3 ciphers: user is ok with any cipher;
exec $mysql --ssl-cipher=AES256-SHA;
exec $mysql --ssl-cipher=DHE-RSA-AES256-SHA
echo SSLv3 ciphers: user requires SSLv3 cipher AES128-SHA;
exec $mysql --user ssl_sslv3 --ssl-cipher=AES128-SHA;
exec $mysql --user ssl_sslv3 --ssl-cipher=SSLv3;
echo SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256;
exec $mysql --user ssl_tls12 --ssl-cipher=AES128-SHA;
exec $mysql --user ssl_tls12 --ssl-cipher=SSLv3;
drop user ssl_sslv3@localhost;
drop user ssl_tls12@localhost;
View Git Blame Copy Permalink