diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 18:00:34 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 18:00:34 +0000 |
commit | 3f619478f796eddbba6e39502fe941b285dd97b1 (patch) | |
tree | e2c7b5777f728320e5b5542b6213fd3591ba51e2 /mysql-test/main/ssl_cipher.result | |
parent | Initial commit. (diff) | |
download | mariadb-upstream.tar.xz mariadb-upstream.zip |
Adding upstream version 1:10.11.6.upstream/1%10.11.6upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | mysql-test/main/ssl_cipher.result | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/mysql-test/main/ssl_cipher.result b/mysql-test/main/ssl_cipher.result new file mode 100644 index 00000000..d549ec7d --- /dev/null +++ b/mysql-test/main/ssl_cipher.result @@ -0,0 +1,70 @@ +create user ssl_user1@localhost require SSL; +create user ssl_user2@localhost require cipher 'AES256-SHA'; +create user ssl_user3@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client'; +create user ssl_user4@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client' ISSUER '/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB'; +create user ssl_user5@localhost require cipher 'AES256-SHA' AND SUBJECT 'xxx'; +connect con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA; +connect(localhost,ssl_user2,,test,MASTER_PORT,MASTER_SOCKET); +connect con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA; +ERROR 28000: Access denied for user 'ssl_user2'@'localhost' (using password: NO) +connect con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA; +connect con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA; +connect con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA; +connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET); +connect con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA; +ERROR 28000: Access denied for user 'ssl_user5'@'localhost' (using password: NO) +connection con1; +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES256-SHA +disconnect con1; +connection con2; +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES256-SHA +disconnect con2; +connection con3; +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES256-SHA +disconnect con3; +connection con4; +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES256-SHA +disconnect con4; +connection default; +drop user ssl_user1@localhost, ssl_user2@localhost, ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost; +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES256-SHA +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES128-SHA +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES128-SHA +mysqltest: Could not open connection 'default': 2026 TLS/SSL error: xxxxVariable_name Value +Ssl_cipher AES256-SHA +Variable_name Value +Ssl_cipher AES128-SHA +select 'is still running; no cipher request crashed the server' as result from dual; +result +is still running; no cipher request crashed the server +create user mysqltest_1@localhost; +grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA"; +Variable_name Value +Ssl_cipher AES256-SHA +drop user mysqltest_1@localhost; +# restart: --ssl-cipher=AES128-SHA +connect ssl_con,localhost,root,,,,,SSL; +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES128-SHA +SELECT VARIABLE_VALUE like '%AES128-SHA%' FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher_list'; +VARIABLE_VALUE like '%AES128-SHA%' +1 +disconnect ssl_con; +connection default; +call mtr.add_suppression("TLSv1.0 and TLSv1.1 are insecure"); +FOUND 2 /TLSv1.0 and TLSv1.1 are insecure/ in mysqld.1.err |