# # MDEV-7937: Enforce SSL when --ssl client option is used # source include/have_ssl_crypto_functs.inc; # create a procedure instead of SHOW STATUS LIKE 'ssl_cipher' # because the cipher depends on openssl (or yassl) version, # and it's actual value doesn't matter here anyway create procedure have_ssl() select if(variable_value > '','yes','no') as 'have_ssl' from information_schema.session_status where variable_name='ssl_cipher'; --disable_abort_on_error --echo mysql --ssl-ca=cacert.pem -e "call test.have_ssl()" --exec $MYSQL --protocol tcp --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem -e "call test.have_ssl()" 2>&1 --echo mysql --ssl -e "call test.have_ssl()" --exec $MYSQL --protocol tcp --ssl -e "call test.have_ssl()" 2>&1 --echo mysql --ssl-ca=cacert.pem --ssl-verify-server-cert -e "call test.have_ssl()" --exec $MYSQL --protocol tcp --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-verify-server-cert -e "call test.have_ssl()" 2>&1 let $is_win = `select convert(@@version_compile_os using latin1) IN ("Win32","Win64","Windows")`; let $host=; if($is_win) { let $host=--host=127.0.0.2; } --echo mysql --ssl --ssl-verify-server-cert -e "call test.have_ssl()" --replace_regex /TLS\/SSL error.*certificate[^\n]*/TLS\/SSL error: Failed to verify the server certificate/ --exec $MYSQL --protocol tcp $host --ssl --ssl-verify-server-cert -e "call test.have_ssl()" 2>&1 --echo # --echo # MDEV-27105 --ssl option set as default for mariadb CLI --echo # --echo mysql -e "call test.have_ssl()" --exec $MYSQL -e "call test.have_ssl()" drop procedure have_ssl;