summaryrefslogtreecommitdiffstats
path: root/mysql-test/main/ssl_cipher.result
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 18:00:34 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 18:00:34 +0000
commit3f619478f796eddbba6e39502fe941b285dd97b1 (patch)
treee2c7b5777f728320e5b5542b6213fd3591ba51e2 /mysql-test/main/ssl_cipher.result
parentInitial commit. (diff)
downloadmariadb-3f619478f796eddbba6e39502fe941b285dd97b1.tar.xz
mariadb-3f619478f796eddbba6e39502fe941b285dd97b1.zip
Adding upstream version 1:10.11.6.upstream/1%10.11.6upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'mysql-test/main/ssl_cipher.result')
-rw-r--r--mysql-test/main/ssl_cipher.result70
1 files changed, 70 insertions, 0 deletions
diff --git a/mysql-test/main/ssl_cipher.result b/mysql-test/main/ssl_cipher.result
new file mode 100644
index 00000000..d549ec7d
--- /dev/null
+++ b/mysql-test/main/ssl_cipher.result
@@ -0,0 +1,70 @@
+create user ssl_user1@localhost require SSL;
+create user ssl_user2@localhost require cipher 'AES256-SHA';
+create user ssl_user3@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client';
+create user ssl_user4@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client' ISSUER '/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB';
+create user ssl_user5@localhost require cipher 'AES256-SHA' AND SUBJECT 'xxx';
+connect con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA;
+connect(localhost,ssl_user2,,test,MASTER_PORT,MASTER_SOCKET);
+connect con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA;
+ERROR 28000: Access denied for user 'ssl_user2'@'localhost' (using password: NO)
+connect con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA;
+connect con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA;
+connect con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA;
+connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET);
+connect con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA;
+ERROR 28000: Access denied for user 'ssl_user5'@'localhost' (using password: NO)
+connection con1;
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name Value
+Ssl_cipher AES256-SHA
+disconnect con1;
+connection con2;
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name Value
+Ssl_cipher AES256-SHA
+disconnect con2;
+connection con3;
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name Value
+Ssl_cipher AES256-SHA
+disconnect con3;
+connection con4;
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name Value
+Ssl_cipher AES256-SHA
+disconnect con4;
+connection default;
+drop user ssl_user1@localhost, ssl_user2@localhost, ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost;
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name Value
+Ssl_cipher AES256-SHA
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name Value
+Ssl_cipher AES128-SHA
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name Value
+Ssl_cipher AES128-SHA
+mysqltest: Could not open connection 'default': 2026 TLS/SSL error: xxxxVariable_name Value
+Ssl_cipher AES256-SHA
+Variable_name Value
+Ssl_cipher AES128-SHA
+select 'is still running; no cipher request crashed the server' as result from dual;
+result
+is still running; no cipher request crashed the server
+create user mysqltest_1@localhost;
+grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA";
+Variable_name Value
+Ssl_cipher AES256-SHA
+drop user mysqltest_1@localhost;
+# restart: --ssl-cipher=AES128-SHA
+connect ssl_con,localhost,root,,,,,SSL;
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name Value
+Ssl_cipher AES128-SHA
+SELECT VARIABLE_VALUE like '%AES128-SHA%' FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher_list';
+VARIABLE_VALUE like '%AES128-SHA%'
+1
+disconnect ssl_con;
+connection default;
+call mtr.add_suppression("TLSv1.0 and TLSv1.1 are insecure");
+FOUND 2 /TLSv1.0 and TLSv1.1 are insecure/ in mysqld.1.err