BUG #11760210: 52596: SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"

Issue: SSL_CIPHER set to a specific CIPHER name was not getting picked up by SHOW STATUS Command. Solution: If specific cipher name is specified, avoid overwriting of Cipher List with default Cipher names. extra/yassl/src/yassl_int.cpp: If user specified Cipher name is there, avoid populating default cipher names' list. mysql-test/r/ssl_cipher.result: Expected file for ssl_cipher.test test case mysql-test/t/ssl_cipher-master.opt: Server option file for ssl_cipher.test test case. mysql-test/t/ssl_cipher.test: Test case to verify that user specified SSL cipher name is shown in SHOW STATUS Command.
2011-03-11 16:16:34 +05:30 · 2011-03-11 16:16:34 +05:30 · d2e36e4258
commit d2e36e4258
parent ba85e3cf54
4 changed files with 34 additions and 1 deletions
--- a/extra/yassl/src/yassl_int.cpp
+++ b/extra/yassl/src/yassl_int.cpp
@ -308,7 +308,7 @@ SSL::SSL(SSL_CTX* ctx)
            SetError(YasslError(err));
            return;
        }
-        else if (serverSide) {
+        else if (serverSide && !(ctx->GetCiphers().setSuites_)) {
            // remove RSA or DSA suites depending on cert key type
            ProtocolVersion pv = secure_.get_connection().version_;
            
--- a/mysql-test/r/ssl_cipher.result
+++ b/mysql-test/r/ssl_cipher.result
@ -0,0 +1,9 @@
+#
+# BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
+#
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name	Value
+Ssl_cipher	AES128-SHA
+SHOW STATUS LIKE 'Ssl_cipher_list';
+Variable_name	Value
+Ssl_cipher_list	AES128-SHA
--- a/mysql-test/t/ssl_cipher-master.opt
+++ b/mysql-test/t/ssl_cipher-master.opt
@ -0,0 +1 @@
+--ssl-cipher=AES128-SHA
--- a/mysql-test/t/ssl_cipher.test
+++ b/mysql-test/t/ssl_cipher.test
@ -0,0 +1,23 @@
+# Turn on ssl between the client and server
+# and run a number of tests
+
+--echo #
+--echo # BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
+--echo #
+
+-- source include/have_ssl.inc
+
+# Save the initial number of concurrent sessions
+--source include/count_sessions.inc
+
+connect (ssl_con,localhost,root,,,,,SSL);
+
+# Check Cipher Name and Cipher List
+SHOW STATUS LIKE 'Ssl_cipher';
+SHOW STATUS LIKE 'Ssl_cipher_list';
+
+connection default;
+disconnect ssl_con;
+
+# Wait till all disconnects are completed
+--source include/wait_until_count_sessions.inc