Commit b3e9211e authored by Ramil Kalimullin's avatar Ramil Kalimullin

WL#9072: Backport WL#8785 to 5.5

parent d9c541cb
/* /*
Copyright (c) 2001, 2012, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -88,6 +88,7 @@ enum options_client ...@@ -88,6 +88,7 @@ enum options_client
OPT_DEFAULT_AUTH, OPT_DEFAULT_AUTH,
OPT_DEFAULT_PLUGIN, OPT_DEFAULT_PLUGIN,
OPT_ENABLE_CLEARTEXT_PLUGIN, OPT_ENABLE_CLEARTEXT_PLUGIN,
OPT_SSL_MODE,
OPT_MAX_CLIENT_OPTION OPT_MAX_CLIENT_OPTION
}; };
...@@ -111,3 +112,36 @@ enum options_client ...@@ -111,3 +112,36 @@ enum options_client
*/ */
#define PERFORMANCE_SCHEMA_DB_NAME "performance_schema" #define PERFORMANCE_SCHEMA_DB_NAME "performance_schema"
/**
Wrapper for mysql_real_connect() that checks if SSL connection is establised.
The function calls mysql_real_connect() first, then if given ssl_required==TRUE
argument (i.e. --ssl-mode=REQUIRED option used) checks current SSL chiper to
ensure that SSL is used for current connection.
Otherwise it returns NULL and sets errno to CR_SSL_CONNECTION_ERROR.
All clients (except mysqlbinlog which disregards SSL options) use this function
instead of mysql_real_connect() to handle --ssl-mode=REQUIRED option.
*/
MYSQL *mysql_connect_ssl_check(MYSQL *mysql_arg, const char *host,
const char *user, const char *passwd,
const char *db, uint port,
const char *unix_socket, ulong client_flag,
my_bool ssl_required __attribute__((unused)))
{
MYSQL *mysql= mysql_real_connect(mysql_arg, host, user, passwd, db, port,
unix_socket, client_flag);
#if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
if (mysql && /* connection established. */
ssl_required && /* --ssl-mode=REQUIRED. */
!mysql_get_ssl_cipher(mysql)) /* non-SSL connection. */
{
NET *net= &mysql->net;
net->last_errno= CR_SSL_CONNECTION_ERROR;
strmov(net->last_error, "--ssl-mode=REQUIRED option forbids non SSL connections");
strmov(net->sqlstate, "HY000");
return NULL;
}
#endif
return mysql;
}
/* /*
Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -1316,8 +1316,9 @@ sig_handler handle_sigint(int sig) ...@@ -1316,8 +1316,9 @@ sig_handler handle_sigint(int sig)
} }
kill_mysql= mysql_init(kill_mysql); kill_mysql= mysql_init(kill_mysql);
if (!mysql_real_connect(kill_mysql,current_host, current_user, opt_password, if (!mysql_connect_ssl_check(kill_mysql, current_host, current_user, opt_password,
"", opt_mysql_port, opt_mysql_unix_port,0)) "", opt_mysql_port, opt_mysql_unix_port, 0,
opt_ssl_required))
{ {
tee_fprintf(stdout, "Ctrl-C -- sorry, cannot connect to server to kill query, giving up ...\n"); tee_fprintf(stdout, "Ctrl-C -- sorry, cannot connect to server to kill query, giving up ...\n");
goto err; goto err;
...@@ -4457,9 +4458,10 @@ sql_real_connect(char *host,char *database,char *user,char *password, ...@@ -4457,9 +4458,10 @@ sql_real_connect(char *host,char *database,char *user,char *password,
mysql_options(&mysql, MYSQL_ENABLE_CLEARTEXT_PLUGIN, mysql_options(&mysql, MYSQL_ENABLE_CLEARTEXT_PLUGIN,
(char*) &opt_enable_cleartext_plugin); (char*) &opt_enable_cleartext_plugin);
if (!mysql_real_connect(&mysql, host, user, password, if (!mysql_connect_ssl_check(&mysql, host, user, password,
database, opt_mysql_port, opt_mysql_unix_port, database, opt_mysql_port, opt_mysql_unix_port,
connect_flag | CLIENT_MULTI_STATEMENTS)) connect_flag | CLIENT_MULTI_STATEMENTS,
opt_ssl_required))
{ {
if (!silent || if (!silent ||
(mysql_errno(&mysql) != CR_CONN_HOST_ERROR && (mysql_errno(&mysql) != CR_CONN_HOST_ERROR &&
......
/* /*
Copyright (c) 2006, 2015, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2006, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -307,6 +307,7 @@ get_one_option(int optid, const struct my_option *opt, ...@@ -307,6 +307,7 @@ get_one_option(int optid, const struct my_option *opt,
case OPT_DEFAULT_AUTH: /* --default-auth */ case OPT_DEFAULT_AUTH: /* --default-auth */
add_one_option(&conn_args, opt, argument); add_one_option(&conn_args, opt, argument);
break; break;
#include <sslopt-case.h>
} }
if (add_option) if (add_option)
...@@ -386,6 +387,10 @@ static int run_tool(char *tool_path, DYNAMIC_STRING *ds_res, ...) ...@@ -386,6 +387,10 @@ static int run_tool(char *tool_path, DYNAMIC_STRING *ds_res, ...)
va_end(args); va_end(args);
/* If given --ssl-mode=REQUIRED propagate it to the tool. */
if (opt_ssl_required)
dynstr_append(&ds_cmdline, "--ssl-mode=REQUIRED");
#ifdef __WIN__ #ifdef __WIN__
dynstr_append(&ds_cmdline, "\""); dynstr_append(&ds_cmdline, "\"");
#endif #endif
......
/* /*
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -518,8 +518,9 @@ static my_bool sql_connect(MYSQL *mysql, uint wait) ...@@ -518,8 +518,9 @@ static my_bool sql_connect(MYSQL *mysql, uint wait)
for (;;) for (;;)
{ {
if (mysql_real_connect(mysql,host,user,opt_password,NullS,tcp_port, if (mysql_connect_ssl_check(mysql, host, user, opt_password, NullS,
unix_port, CLIENT_REMEMBER_OPTIONS)) tcp_port, unix_port,
CLIENT_REMEMBER_OPTIONS, opt_ssl_required))
{ {
mysql->reconnect= 1; mysql->reconnect= 1;
if (info) if (info)
......
/* /*
Copyright (c) 2001, 2015, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -894,8 +894,10 @@ static int dbConnect(char *host, char *user, char *passwd) ...@@ -894,8 +894,10 @@ static int dbConnect(char *host, char *user, char *passwd)
(char *) &opt_enable_cleartext_plugin); (char *) &opt_enable_cleartext_plugin);
mysql_options(&mysql_connection, MYSQL_SET_CHARSET_NAME, default_charset); mysql_options(&mysql_connection, MYSQL_SET_CHARSET_NAME, default_charset);
if (!(sock = mysql_real_connect(&mysql_connection, host, user, passwd, if (!(sock = mysql_connect_ssl_check(&mysql_connection, host, user, passwd,
NULL, opt_mysql_port, opt_mysql_unix_port, 0))) NULL, opt_mysql_port,
opt_mysql_unix_port, 0,
opt_ssl_required)))
{ {
DBerror(&mysql_connection, "when trying to connect"); DBerror(&mysql_connection, "when trying to connect");
return 1; return 1;
......
/* /*
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -1498,9 +1498,10 @@ static int connect_to_db(char *host, char *user,char *passwd) ...@@ -1498,9 +1498,10 @@ static int connect_to_db(char *host, char *user,char *passwd)
mysql_options(&mysql_connection, MYSQL_ENABLE_CLEARTEXT_PLUGIN, mysql_options(&mysql_connection, MYSQL_ENABLE_CLEARTEXT_PLUGIN,
(char *) &opt_enable_cleartext_plugin); (char *) &opt_enable_cleartext_plugin);
if (!(mysql= mysql_real_connect(&mysql_connection,host,user,passwd, if (!(mysql= mysql_connect_ssl_check(&mysql_connection, host, user,
NULL,opt_mysql_port,opt_mysql_unix_port, passwd, NULL, opt_mysql_port,
0))) opt_mysql_unix_port, 0,
opt_ssl_required)))
{ {
DB_error(&mysql_connection, "when trying to connect"); DB_error(&mysql_connection, "when trying to connect");
DBUG_RETURN(1); DBUG_RETURN(1);
......
/* /*
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -449,9 +449,9 @@ static MYSQL *db_connect(char *host, char *database, ...@@ -449,9 +449,9 @@ static MYSQL *db_connect(char *host, char *database,
(char*)&opt_enable_cleartext_plugin); (char*)&opt_enable_cleartext_plugin);
mysql_options(mysql, MYSQL_SET_CHARSET_NAME, default_charset); mysql_options(mysql, MYSQL_SET_CHARSET_NAME, default_charset);
if (!(mysql_real_connect(mysql,host,user,passwd, if (!(mysql_connect_ssl_check(mysql, host, user, passwd, database,
database,opt_mysql_port,opt_mysql_unix_port, opt_mysql_port, opt_mysql_unix_port,
0))) 0, opt_ssl_required)))
{ {
ignore_errors=0; /* NO RETURN FROM db_error */ ignore_errors=0; /* NO RETURN FROM db_error */
db_error(mysql); db_error(mysql);
......
/* /*
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -139,10 +139,10 @@ int main(int argc, char **argv) ...@@ -139,10 +139,10 @@ int main(int argc, char **argv)
mysql_options(&mysql, MYSQL_ENABLE_CLEARTEXT_PLUGIN, mysql_options(&mysql, MYSQL_ENABLE_CLEARTEXT_PLUGIN,
(char*)&opt_enable_cleartext_plugin); (char*)&opt_enable_cleartext_plugin);
if (!(mysql_real_connect(&mysql,host,user,opt_password, if (!(mysql_connect_ssl_check(&mysql, host, user, opt_password,
(first_argument_uses_wildcards) ? "" : (first_argument_uses_wildcards) ? "" :
argv[0],opt_mysql_port,opt_mysql_unix_port, argv[0], opt_mysql_port, opt_mysql_unix_port,
0))) 0, opt_ssl_required)))
{ {
fprintf(stderr,"%s: %s\n",my_progname,mysql_error(&mysql)); fprintf(stderr,"%s: %s\n",my_progname,mysql_error(&mysql));
exit(1); exit(1);
......
/* /*
Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -355,9 +355,9 @@ int main(int argc, char **argv) ...@@ -355,9 +355,9 @@ int main(int argc, char **argv)
(char*) &opt_enable_cleartext_plugin); (char*) &opt_enable_cleartext_plugin);
if (!opt_only_print) if (!opt_only_print)
{ {
if (!(mysql_real_connect(&mysql, host, user, opt_password, if (!(mysql_connect_ssl_check(&mysql, host, user, opt_password,
NULL, opt_mysql_port, NULL, opt_mysql_port, opt_mysql_unix_port,
opt_mysql_unix_port, connect_flags))) connect_flags, opt_ssl_required)))
{ {
fprintf(stderr,"%s: Error when connecting to server: %s\n", fprintf(stderr,"%s: Error when connecting to server: %s\n",
my_progname,mysql_error(&mysql)); my_progname,mysql_error(&mysql));
......
/* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. /* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -5281,8 +5281,9 @@ void safe_connect(MYSQL* mysql, const char *name, const char *host, ...@@ -5281,8 +5281,9 @@ void safe_connect(MYSQL* mysql, const char *name, const char *host,
verbose_msg("Connecting to server %s:%d (socket %s) as '%s'" verbose_msg("Connecting to server %s:%d (socket %s) as '%s'"
", connection '%s', attempt %d ...", ", connection '%s', attempt %d ...",
host, port, sock, user, name, failed_attempts); host, port, sock, user, name, failed_attempts);
while(!mysql_real_connect(mysql, host,user, pass, db, port, sock, while(!mysql_connect_ssl_check(mysql, host,user, pass, db, port, sock,
CLIENT_MULTI_STATEMENTS | CLIENT_REMEMBER_OPTIONS)) CLIENT_MULTI_STATEMENTS | CLIENT_REMEMBER_OPTIONS,
opt_ssl_required))
{ {
/* /*
Connect failed Connect failed
...@@ -5382,8 +5383,9 @@ int connect_n_handle_errors(struct st_command *command, ...@@ -5382,8 +5383,9 @@ int connect_n_handle_errors(struct st_command *command,
dynstr_append_mem(ds, ";\n", 2); dynstr_append_mem(ds, ";\n", 2);
} }
while (!mysql_real_connect(con, host, user, pass, db, port, sock ? sock: 0, while (!mysql_connect_ssl_check(con, host, user, pass, db, port,
CLIENT_MULTI_STATEMENTS)) sock ? sock: 0, CLIENT_MULTI_STATEMENTS,
opt_ssl_required))
{ {
/* /*
If we have used up all our connections check whether this If we have used up all our connections check whether this
......
#ifndef SSLOPT_CASE_INCLUDED #ifndef SSLOPT_CASE_INCLUDED
#define SSLOPT_CASE_INCLUDED #define SSLOPT_CASE_INCLUDED
/* Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. /* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -28,5 +28,18 @@ ...@@ -28,5 +28,18 @@
*/ */
opt_use_ssl= 1; opt_use_ssl= 1;
break; break;
#ifdef MYSQL_CLIENT
case OPT_SSL_MODE:
if (my_strcasecmp(&my_charset_latin1, argument, "required"))
{
fprintf(stderr,
"Unknown value to --ssl-mode: '%s'. Use --ssl-mode=REQUIRED\n",
argument);
exit(1);
}
else
opt_ssl_required= 1;
break;
#endif /* MYSQL_CLIENT */
#endif #endif
#endif /* SSLOPT_CASE_INCLUDED */ #endif /* SSLOPT_CASE_INCLUDED */
#ifndef SSLOPT_LONGOPTS_INCLUDED #ifndef SSLOPT_LONGOPTS_INCLUDED
#define SSLOPT_LONGOPTS_INCLUDED #define SSLOPT_LONGOPTS_INCLUDED
/* Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. /* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -44,6 +44,9 @@ ...@@ -44,6 +44,9 @@
"when connecting. This option is disabled by default.", "when connecting. This option is disabled by default.",
&opt_ssl_verify_server_cert, &opt_ssl_verify_server_cert, &opt_ssl_verify_server_cert, &opt_ssl_verify_server_cert,
0, GET_BOOL, OPT_ARG, 0, 0, 0, 0, 0, 0}, 0, GET_BOOL, OPT_ARG, 0, 0, 0, 0, 0, 0},
{"ssl-mode", OPT_SSL_MODE,
"SSL connection mode.",
0, 0, 0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
#endif #endif
#endif /* HAVE_OPENSSL */ #endif /* HAVE_OPENSSL */
#endif /* SSLOPT_LONGOPTS_INCLUDED */ #endif /* SSLOPT_LONGOPTS_INCLUDED */
#ifndef SSLOPT_VARS_INCLUDED #ifndef SSLOPT_VARS_INCLUDED
#define SSLOPT_VARS_INCLUDED #define SSLOPT_VARS_INCLUDED
/* Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. /* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -28,8 +28,14 @@ SSL_STATIC char *opt_ssl_capath = 0; ...@@ -28,8 +28,14 @@ SSL_STATIC char *opt_ssl_capath = 0;
SSL_STATIC char *opt_ssl_cert = 0; SSL_STATIC char *opt_ssl_cert = 0;
SSL_STATIC char *opt_ssl_cipher = 0; SSL_STATIC char *opt_ssl_cipher = 0;
SSL_STATIC char *opt_ssl_key = 0; SSL_STATIC char *opt_ssl_key = 0;
#ifdef MYSQL_CLIENT #ifdef MYSQL_CLIENT
SSL_STATIC my_bool opt_ssl_verify_server_cert= 0; SSL_STATIC my_bool opt_ssl_verify_server_cert= 0;
#endif SSL_STATIC my_bool opt_ssl_required= 0;
#endif #endif /* MYSQL_CLIENT */
#else /* HAVE_OPENSSL */
#define opt_ssl_required 0
#endif /* HAVE_OPENSSL */
#endif /* SSLOPT_VARS_INCLUDED */ #endif /* SSLOPT_VARS_INCLUDED */
# positive client tests
# mysql
Variable_name Value
Ssl_cipher DHE-RSA-AES256-SHA
Variable_name Value
Ssl_cipher DHE-RSA-AES256-SHA
CREATE TABLE t1(a INT);
INSERT INTO t1 VALUES(0);
# mysqldump
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `t1` (
`a` int(11) DEFAULT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
/*!40101 SET character_set_client = @saved_cs_client */;
INSERT INTO `t1` VALUES (0);
# mysqladmin
mysqld is alive
# mysqlcheck
test.t1 OK
# mysqlimport
CREATE TABLE words(a VARCHAR(255));
test.words: Records: 70 Deleted: 0 Skipped: 0 Warnings: 0
DROP TABLE words;
# mysqlshow
Database: test
+--------+
| Tables |
+--------+
| t1 |
+--------+
# mysqlslap
# mysqltest
Output from mysqltest-x.inc
DROP TABLE t1;
# negative client tests
# mysql
Unknown value to --ssl-mode: ''. Use --ssl-mode=REQUIRED
Unknown value to --ssl-mode: 'DERIUQER'. Use --ssl-mode=REQUIRED
ERROR 2026 (HY000): --ssl-mode=REQUIRED option forbids non SSL connections
ERROR 2026 (HY000): --ssl-mode=REQUIRED option forbids non SSL connections
ERROR 2026 (HY000): --ssl-mode=REQUIRED option forbids non SSL connections
End of tests
# negative client tests
# mysql
ERROR 2026 (HY000): --ssl-mode=REQUIRED option forbids non SSL connections
ERROR 2026 (HY000): --ssl-mode=REQUIRED option forbids non SSL connections
ERROR 2026 (HY000): --ssl-mode=REQUIRED option forbids non SSL connections
ERROR 2026 (HY000): --ssl-mode=REQUIRED option forbids non SSL connections
# mysqldump
mysqldump: Got error: 2026: --ssl-mode=REQUIRED option forbids non SSL connections when trying to connect
# mysqladmin
mysqladmin: error: '--ssl-mode=REQUIRED option forbids non SSL connections'
# mysqlcheck
mysqlcheck: Got error: 2026: --ssl-mode=REQUIRED option forbids non SSL connections when trying to connect
# mysqlimport
mysqlimport: Error: 2026 --ssl-mode=REQUIRED option forbids non SSL connections
# mysqlshow
mysqlshow: --ssl-mode=REQUIRED option forbids non SSL connections
# mysqlslap
mysqlslap: Error when connecting to server: --ssl-mode=REQUIRED option forbids non SSL connections
# mysqltest
mysqltest: Could not open connection 'default': 2026 --ssl-mode=REQUIRED option forbids non SSL connections
End of tests
-- source include/not_embedded.inc
-- source include/have_ssl_communication.inc
--echo # positive client tests
--echo # mysql
--exec $MYSQL test --ssl-mode=ReQuIrEd --ssl-cipher=DHE-RSA-AES256-SHA -e "SHOW STATUS LIKE 'Ssl_cipher'" 2>&1
--exec $MYSQL test --ssl-mode=REQUIRED --ssl --ssl-cipher=DHE-RSA-AES256-SHA -e "SHOW STATUS LIKE 'Ssl_cipher'" 2>&1
CREATE TABLE t1(a INT);
INSERT INTO t1 VALUES(0);
--echo # mysqldump
--exec $MYSQL_DUMP --ssl-mode=REQUIRED --ssl-cipher=DHE-RSA-AES256-SHA --compact --skip-comments test 2>&1
--echo # mysqladmin
--exec $MYSQLADMIN --ssl-mode=REQUIRED --ssl-cipher=DHE-RSA-AES256-SHA -S $MASTER_MYSOCK -P $MASTER_MYPORT -u root --password= ping 2>&1
--echo # mysqlcheck
--exec $MYSQL_CHECK --ssl-mode=REQUIRED --ssl-cipher=DHE-RSA-AES256-SHA test 2>&1
--echo # mysqlimport
CREATE TABLE words(a VARCHAR(255));
--exec $MYSQL_IMPORT --ssl-mode=REQUIRED --ssl-cipher=DHE-RSA-AES256-SHA test $MYSQLTEST_VARDIR/std_data/words.dat 2>&1
DROP TABLE words;
--echo # mysqlshow
--exec $MYSQL_SHOW --ssl-mode=REQUIRED --ssl-cipher=DHE-RSA-AES256-SHA test 2>&1
--echo # mysqlslap
--exec $MYSQL_SLAP --ssl-mode=REQUIRED --ssl-cipher=DHE-RSA-AES256-SHA --create-schema=test --query="select * from t1" --silent 2>&1
--echo # mysqltest
--exec $MYSQL_TEST --ssl-mode=REQUIRED --ssl-cipher=DHE-RSA-AES256-SHA -x $MYSQL_TEST_DIR/include/mysqltest-x.inc 2>&1
DROP TABLE t1;
--echo # negative client tests
--echo # mysql
--error 5
--exec $MYSQL test --ssl-mode
--error 1
--exec $MYSQL test --ssl-mode= 2>&1
--error 1
--exec $MYSQL test --ssl-mode=DERIUQER 2>&1
--error 1
--exec $MYSQL test --ssl-mode=REQUIRED 2>&1
--error 1
--exec $MYSQL test --ssl-mode=REQUIRED --ssl 2>&1
--error 1
--exec $MYSQL test --ssl-mode=REQUIRED --ssl-cipher=DHE-RSA-AES256-SHA --skip-ssl 2>&1
--echo
--echo End of tests
-- source include/not_embedded.inc
--echo # negative client tests
--echo # mysql
--error 1
--exec $MYSQL test --ssl-mode=REQUIRED 2>&1
--error 1
--exec $MYSQL test --ssl-mode=REQUIRED --ssl 2>&1
--error 1
--exec $MYSQL test --ssl-mode=REQUIRED --ssl-cipher=DHE-RSA-AES256-SHA 2>&1
--error 1
--exec $MYSQL test --ssl-mode=REQUIRED --ssl --ssl-cipher=DHE-RSA-AES256-SHA 2>&1
--echo # mysqldump
--error 2
--exec $MYSQL_DUMP --ssl-mode=REQUIRED test 2>&1
--echo # mysqladmin
--replace_regex /.*mysqladmin.*/mysqladmin: /
--error 1
--exec $MYSQLADMIN --ssl-mode=REQUIRED -S $MASTER_MYSOCK -P $MASTER_MYPORT -u root --password= ping 2>&1
--echo # mysqlcheck
--replace_regex /.*mysqlcheck(\.exe)*/mysqlcheck/
--error 2
--exec $MYSQL_CHECK --ssl-mode=REQUIRED test 2>&1
--echo # mysqlimport
--replace_regex /.*mysqlimport(\.exe)*/mysqlimport/
--error 1
--exec $MYSQL_IMPORT --ssl-mode=REQUIRED test $MYSQLTEST_VARDIR/tmp/t1.txt 2>&1
--echo # mysqlshow
--replace_regex /.*mysqlshow(\.exe)*/mysqlshow/
--error 1
--exec $MYSQL_SHOW --ssl-mode=REQUIRED test 2>&1
--echo # mysqlslap
--replace_regex /.*mysqlslap(\.exe)*/mysqlslap/
--error 1
--exec $MYSQL_SLAP --ssl-mode=REQUIRED 2>&1
--echo # mysqltest
--error 1
--exec $MYSQL_TEST --ssl-mode=REQUIRED -x $MYSQL_TEST_DIR/include/mysqltest-x.inc 2>&1
--echo
--echo End of tests
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment