1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ssl tests: update ciphers as in 10.2

Browse Source 
to make tests pass on stretch with libssl1.0-dev
This commit is contained in:
Sergei Golubchik 2017-08-06 16:03:10 +02:00
parent b7381526ab
commit 2395adfbfd
7 changed files with 24 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
mysql-test/r/openssl_1.result
View File

@ -196,9 +196,9 @@ SSL error: Unable to get private key from 'MYSQL_TEST_DIR/std_data/client-cert.p
mysqldump: Got error: 2026: "SSL connection error: Unable to get private key" when trying to connect mysqldump: Got error: 2026: "SSL connection error: Unable to get private key" when trying to connect
DROP TABLE t1; DROP TABLE t1;
Variable_name Value Variable_name Value
Ssl_cipher DHE-RSA-AES256-SHA Ssl_cipher AES256-SHA
Variable_name Value Variable_name Value
Ssl_cipher EDH-RSA-DES-CBC3-SHA Ssl_cipher AES128-SHA
select 'is still running; no cipher request crashed the server' as result from dual; select 'is still running; no cipher request crashed the server' as result from dual;
result result
is still running; no cipher request crashed the server is still running; no cipher request crashed the server

10
mysql-test/r/openssl_6975,tlsv10.result
View File

@ -1,11 +1,11 @@
create user ssl_sslv3@localhost; create user ssl_sslv3@localhost;
grant select on test.* to ssl_sslv3@localhost require cipher "RC4-SHA"; grant select on test.* to ssl_sslv3@localhost require cipher "AES128-SHA";
create user ssl_tls12@localhost; create user ssl_tls12@localhost;
grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256"; grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256";
TLS1.2 ciphers: user is ok with any cipher TLS1.2 ciphers: user is ok with any cipher
ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
TLS1.2 ciphers: user requires SSLv3 cipher RC4-SHA TLS1.2 ciphers: user requires SSLv3 cipher AES128-SHA
ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256 TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256
@ -13,12 +13,12 @@ ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_
ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
SSLv3 ciphers: user is ok with any cipher SSLv3 ciphers: user is ok with any cipher
Variable_name Value Variable_name Value
Ssl_cipher RC4-SHA Ssl_cipher AES256-SHA
Variable_name Value Variable_name Value
Ssl_cipher DHE-RSA-AES256-SHA Ssl_cipher DHE-RSA-AES256-SHA
SSLv3 ciphers: user requires SSLv3 cipher RC4-SHA SSLv3 ciphers: user requires SSLv3 cipher AES128-SHA
Variable_name Value Variable_name Value
Ssl_cipher RC4-SHA Ssl_cipher AES128-SHA
ERROR 1045 (28000): Access denied for user 'ssl_sslv3'@'localhost' (using password: NO) ERROR 1045 (28000): Access denied for user 'ssl_sslv3'@'localhost' (using password: NO)
SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256 SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256
ERROR 1045 (28000): Access denied for user 'ssl_tls12'@'localhost' (using password: NO) ERROR 1045 (28000): Access denied for user 'ssl_tls12'@'localhost' (using password: NO)

6
mysql-test/r/openssl_6975,tlsv12.result
View File

@ -1,5 +1,5 @@
create user ssl_sslv3@localhost; create user ssl_sslv3@localhost;
grant select on test.* to ssl_sslv3@localhost require cipher "RC4-SHA"; grant select on test.* to ssl_sslv3@localhost require cipher "AES128-SHA";
create user ssl_tls12@localhost; create user ssl_tls12@localhost;
grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256"; grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256";
TLS1.2 ciphers: user is ok with any cipher TLS1.2 ciphers: user is ok with any cipher
@ -7,7 +7,7 @@ Variable_name Value
Ssl_cipher AES128-SHA256 Ssl_cipher AES128-SHA256
Variable_name Value Variable_name Value
Ssl_cipher DHE-RSA-AES256-GCM-SHA384 Ssl_cipher DHE-RSA-AES256-GCM-SHA384
TLS1.2 ciphers: user requires SSLv3 cipher RC4-SHA TLS1.2 ciphers: user requires SSLv3 cipher AES128-SHA
ERROR 1045 (28000): Access denied for user 'ssl_sslv3'@'localhost' (using password: NO) ERROR 1045 (28000): Access denied for user 'ssl_sslv3'@'localhost' (using password: NO)
ERROR 1045 (28000): Access denied for user 'ssl_sslv3'@'localhost' (using password: NO) ERROR 1045 (28000): Access denied for user 'ssl_sslv3'@'localhost' (using password: NO)
TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256 TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256
@ -17,7 +17,7 @@ ERROR 1045 (28000): Access denied for user 'ssl_tls12'@'localhost' (using passwo
SSLv3 ciphers: user is ok with any cipher SSLv3 ciphers: user is ok with any cipher
ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
SSLv3 ciphers: user requires SSLv3 cipher RC4-SHA SSLv3 ciphers: user requires SSLv3 cipher AES128-SHA
ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256 SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256

4
mysql-test/r/ssl.result
View File

@ -2173,7 +2173,7 @@ select 'still connected?';
still connected? still connected?
still connected? still connected?
create user mysqltest_1@localhost; create user mysqltest_1@localhost;
grant usage on mysqltest.* to mysqltest_1@localhost require cipher "EDH-RSA-DES-CBC3-SHA"; grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA";
Variable_name Value Variable_name Value
Ssl_cipher EDH-RSA-DES-CBC3-SHA Ssl_cipher AES256-SHA
drop user mysqltest_1@localhost; drop user mysqltest_1@localhost;

4
mysql-test/t/openssl_1.test
View File

@ -221,8 +221,8 @@ DROP TABLE t1;
# #
# Common ciphers to openssl and yassl # Common ciphers to openssl and yassl
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=DHE-RSA-AES256-SHA --exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES256-SHA
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC3-SHA --exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES128-SHA
--disable_query_log --disable_query_log
--disable_result_log --disable_result_log

15
mysql-test/t/openssl_6975.test
View File

@ -8,7 +8,8 @@ source include/have_ssl_communication.inc;
# this is OpenSSL test. # this is OpenSSL test.
create user ssl_sslv3@localhost; create user ssl_sslv3@localhost;
grant select on test.* to ssl_sslv3@localhost require cipher "RC4-SHA"; # grant select on test.* to ssl_sslv3@localhost require cipher "AES128-SHA";
grant select on test.* to ssl_sslv3@localhost require cipher "AES128-SHA";
create user ssl_tls12@localhost; create user ssl_tls12@localhost;
grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256"; grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256";
@ -17,9 +18,9 @@ let $mysql=$MYSQL --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$
disable_abort_on_error; disable_abort_on_error;
echo TLS1.2 ciphers: user is ok with any cipher; echo TLS1.2 ciphers: user is ok with any cipher;
exec $mysql --ssl-cipher=AES128-SHA256; exec $mysql --ssl-cipher=AES128-SHA256;
--replace_result DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-GCM-SHA384 --replace_result DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384
exec $mysql --ssl-cipher=TLSv1.2; exec $mysql --ssl-cipher=TLSv1.2;
echo TLS1.2 ciphers: user requires SSLv3 cipher RC4-SHA; echo TLS1.2 ciphers: user requires SSLv3 cipher AES128-SHA;
exec $mysql --user ssl_sslv3 --ssl-cipher=AES128-SHA256; exec $mysql --user ssl_sslv3 --ssl-cipher=AES128-SHA256;
exec $mysql --user ssl_sslv3 --ssl-cipher=TLSv1.2; exec $mysql --user ssl_sslv3 --ssl-cipher=TLSv1.2;
echo TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256; echo TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256;
@ -27,13 +28,13 @@ exec $mysql --user ssl_tls12 --ssl-cipher=AES128-SHA256;
exec $mysql --user ssl_tls12 --ssl-cipher=TLSv1.2; exec $mysql --user ssl_tls12 --ssl-cipher=TLSv1.2;
echo SSLv3 ciphers: user is ok with any cipher; echo SSLv3 ciphers: user is ok with any cipher;
exec $mysql --ssl-cipher=RC4-SHA; exec $mysql --ssl-cipher=AES256-SHA;
exec $mysql --ssl-cipher=SSLv3; exec $mysql --ssl-cipher=SSLv3;
echo SSLv3 ciphers: user requires SSLv3 cipher RC4-SHA; echo SSLv3 ciphers: user requires SSLv3 cipher AES128-SHA;
exec $mysql --user ssl_sslv3 --ssl-cipher=RC4-SHA; exec $mysql --user ssl_sslv3 --ssl-cipher=AES128-SHA;
exec $mysql --user ssl_sslv3 --ssl-cipher=SSLv3; exec $mysql --user ssl_sslv3 --ssl-cipher=SSLv3;
echo SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256; echo SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256;
exec $mysql --user ssl_tls12 --ssl-cipher=RC4-SHA; exec $mysql --user ssl_tls12 --ssl-cipher=AES128-SHA;
exec $mysql --user ssl_tls12 --ssl-cipher=SSLv3; exec $mysql --user ssl_tls12 --ssl-cipher=SSLv3;
drop user ssl_sslv3@localhost; drop user ssl_sslv3@localhost;

4
mysql-test/t/ssl.test
View File

@ -33,8 +33,8 @@ connection default;
disconnect ssl_con; disconnect ssl_con;
create user mysqltest_1@localhost; create user mysqltest_1@localhost;
grant usage on mysqltest.* to mysqltest_1@localhost require cipher "EDH-RSA-DES-CBC3-SHA"; grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA";
--exec $MYSQL -umysqltest_1 --ssl-cipher=EDH-RSA-DES-CBC3-SHA -e "show status like 'ssl_cipher'" 2>&1 --exec $MYSQL -umysqltest_1 --ssl-cipher=AES256-SHA -e "show status like 'ssl_cipher'" 2>&1
drop user mysqltest_1@localhost; drop user mysqltest_1@localhost;
# Wait till all disconnects are completed # Wait till all disconnects are completed