diff options
| author | unknown <msvensson@neptunus.(none)> | 2006-05-03 14:06:34 +0200 |
|---|---|---|
| committer | unknown <msvensson@neptunus.(none)> | 2006-05-03 14:06:34 +0200 |
| commit | a3ea780839392f883b23625d2dcd4be6d1fa35f3 (patch) | |
| tree | 39c6281a347663daa6b08d9ea327ca60f6e7ea19 | |
| parent | 0d717ccb7d8eab61e653ac1aec776bf8b34c4510 (diff) | |
| download | mariadb-git-a3ea780839392f883b23625d2dcd4be6d1fa35f3.tar.gz | |
Add tests for connecting to server with invalid and blank certs.
| -rw-r--r-- | mysql-test/r/openssl_1.result | 11 | ||||
| -rw-r--r-- | mysql-test/t/openssl_1.test | 42 |
2 files changed, 49 insertions, 4 deletions
diff --git a/mysql-test/r/openssl_1.result b/mysql-test/r/openssl_1.result index 91382619b6c..1fcfb11525e 100644 --- a/mysql-test/r/openssl_1.result +++ b/mysql-test/r/openssl_1.result @@ -3,8 +3,8 @@ create table t1(f1 int); insert into t1 values (5); grant select on test.* to ssl_user1@localhost require SSL; grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA"; -grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/L=Uppsala/O=MySQL AB/CN=MySQL Client/Email=abstract.mysql.developer@mysql.com"; -grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/L=Uppsala/O=MySQL AB/CN=MySQL Client/Email=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/L=Uppsala/O=MySQL AB/CN=Abstract MySQL Developer/Email=abstract.mysql.developer@mysql.com"; +grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/L=Uppsala/O=MySQL AB/CN=MySQL Client/emailAddress=abstract.mysql.developer@mysql.com"; +grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/L=Uppsala/O=MySQL AB/CN=MySQL Client/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/L=Uppsala/O=MySQL AB/CN=Abstract MySQL Developer/emailAddress=abstract.mysql.developer@mysql.com"; flush privileges; SHOW STATUS LIKE 'Ssl_cipher'; Variable_name Value @@ -41,3 +41,10 @@ ERROR 42000: DELETE command denied to user 'ssl_user4'@'localhost' for table 't1 drop user ssl_user1@localhost, ssl_user2@localhost, ssl_user3@localhost, ssl_user4@localhost; drop table t1; +mysqltest: Could not open connection 'default': 2026 SSL connection error +mysqltest: Could not open connection 'default': 2026 SSL connection error +mysqltest: Could not open connection 'default': 2026 SSL connection error +Error when connection to server using SSL:Unable to get private key from '' +mysqltest: Could not open connection 'default': 2026 SSL connection error +Error when connection to server using SSL:Unable to get certificate from '' +mysqltest: Could not open connection 'default': 2026 SSL connection error diff --git a/mysql-test/t/openssl_1.test b/mysql-test/t/openssl_1.test index 4cc9113048f..afee381f5b7 100644 --- a/mysql-test/t/openssl_1.test +++ b/mysql-test/t/openssl_1.test @@ -10,8 +10,8 @@ insert into t1 values (5); grant select on test.* to ssl_user1@localhost require SSL; grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA"; -grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/L=Uppsala/O=MySQL AB/CN=MySQL Client/Email=abstract.mysql.developer@mysql.com"; -grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/L=Uppsala/O=MySQL AB/CN=MySQL Client/Email=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/L=Uppsala/O=MySQL AB/CN=Abstract MySQL Developer/Email=abstract.mysql.developer@mysql.com"; +grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/L=Uppsala/O=MySQL AB/CN=MySQL Client/emailAddress=abstract.mysql.developer@mysql.com"; +grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/L=Uppsala/O=MySQL AB/CN=MySQL Client/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/L=Uppsala/O=MySQL AB/CN=Abstract MySQL Developer/emailAddress=abstract.mysql.developer@mysql.com"; flush privileges; connect (con1,localhost,ssl_user1,,,,,SSL); @@ -54,3 +54,41 @@ ssl_user3@localhost, ssl_user4@localhost; drop table t1; # End of 4.1 tests + +# +# Test that we can't open connection to server if we are using +# a different cacert +# +--exec echo "this query should not execute;" > $MYSQLTEST_VARDIR/tmp/test.sql +--error 1 +--exec $MYSQL_TEST --ssl-ca=$MYSQL_TEST_DIR/std_data/untrusted-cacert.pem --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 + +# +# Test that we can't open connection to server if we are using +# a blank ca +# +--error 1 +--exec $MYSQL_TEST --ssl-ca= --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 + +# +# Test that we can't open connection to server if we are using +# a nonexistent ca file +# +--error 1 +--exec $MYSQL_TEST --ssl-ca=nonexisting_file.pem --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 + +# +# Test that we can't open connection to server if we are using +# a blank client-key +# +--error 1 +--exec $MYSQL_TEST --ssl-key= --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 + +# +# Test that we can't open connection to server if we are using +# a blank client-cert +# +--error 1 +--exec $MYSQL_TEST --ssl-cert= --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 + + |