Commit 2544aa7b authored by unknown's avatar unknown

Bug#25988 openssl_1 Test Case Fails

 - Small difference in output from 'X509_NAME_Oneline' between OpenSSL and yaSSL. OpenSSL uses
   an extension that allow's the email adress of the cert holder.   
 - Imported patch for yaSSL "add email to DN output"


extra/yassl/taocrypt/src/asn.cpp:
  Import patch yassl.diff
mysql-test/r/openssl_1.result:
  Update result file
mysql-test/t/openssl_1.test:
  Update test to include "emailAddress=" tag in the required SUBJECT for grant.
parent cbace0b7
...@@ -732,9 +732,21 @@ void CertDecoder::GetName(NameType nt) ...@@ -732,9 +732,21 @@ void CertDecoder::GetName(NameType nt)
source_.advance(strLen); source_.advance(strLen);
} }
else { else {
// skip bool email = false;
if (joint[0] == 0x2a && joint[1] == 0x86) // email id hdr
email = true;
source_.advance(oidSz + 1); source_.advance(oidSz + 1);
word32 length = GetLength(source_); word32 length = GetLength(source_);
if (email) {
memcpy(&ptr[idx], "/emailAddress=", 14);
idx += 14;
memcpy(&ptr[idx], source_.get_current(), length);
idx += length;
}
source_.advance(length); source_.advance(length);
} }
} }
......
...@@ -3,8 +3,8 @@ create table t1(f1 int); ...@@ -3,8 +3,8 @@ create table t1(f1 int);
insert into t1 values (5); insert into t1 values (5);
grant select on test.* to ssl_user1@localhost require SSL; grant select on test.* to ssl_user1@localhost require SSL;
grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA"; grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";
grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com";
grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx"; grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
flush privileges; flush privileges;
connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET); connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET);
......
...@@ -10,8 +10,8 @@ insert into t1 values (5); ...@@ -10,8 +10,8 @@ insert into t1 values (5);
grant select on test.* to ssl_user1@localhost require SSL; grant select on test.* to ssl_user1@localhost require SSL;
grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA"; grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";
grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com";
grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx"; grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
flush privileges; flush privileges;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment