1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
#
# Tests for the performance_schema host_cache.
#
# Simulate failures from SSL:
# - reported in COUNT_SSL_ERRORS
--source include/not_embedded.inc
--source include/have_debug.inc
--source include/have_perfschema.inc
--source include/have_hostname_cache.inc
# Enforce a clean state
--source ../include/wait_for_pfs_thread_count.inc
--source ../include/hostcache_set_state.inc
create user 'user_ssl'@'santa.claus.ipv4.example.com';
create user 'user_ssl_x509'@'santa.claus.ipv4.example.com'
identified by 'good_password';
grant select on test.* to 'user_ssl'@'santa.claus.ipv4.example.com'
REQUIRE SSL;
grant select on test.* to 'user_ssl_x509'@'santa.claus.ipv4.example.com'
REQUIRE SUBJECT '/C=??/ST=??/L=??/
O=No such thing/
CN=Santa Claus/emailAddress=santa.claus@example.com';
connect (con1,"127.0.0.1",root,,test,$MASTER_MYPORT,);
select "Con1 is alive";
select current_user();
disconnect con1;
--connection default
SET @saved_dbug = @@GLOBAL.debug_dbug;
set global debug_dbug= "+d,vio_peer_addr_fake_ipv4,getnameinfo_fake_ipv4,getaddrinfo_fake_good_ipv4";
--disable_query_log
--error ER_ACCESS_DENIED_ERROR
connect (con2a,"127.0.0.1",user_ssl,,test,$MASTER_MYPORT,);
--enable_query_log
--connection default
--source ../include/hostcache_dump.inc
--disable_query_log
--error ER_ACCESS_DENIED_ERROR
connect (con2b,"127.0.0.1",user_ssl,,test,$MASTER_MYPORT,);
--enable_query_log
--connection default
--source ../include/hostcache_dump.inc
--disable_query_log
--error ER_ACCESS_DENIED_ERROR
connect (con2c,"127.0.0.1",user_ssl_x509,good_password,test,$MASTER_MYPORT,,SSL);
--enable_query_log
--connection default
--source ../include/hostcache_dump.inc
--disable_query_log
--error ER_ACCESS_DENIED_ERROR
connect (con2d,"127.0.0.1",user_ssl_x509,good_password,test,$MASTER_MYPORT,,SSL);
--enable_query_log
--connection default
--source ../include/hostcache_dump.inc
drop user 'user_ssl'@'santa.claus.ipv4.example.com';
drop user 'user_ssl_x509'@'santa.claus.ipv4.example.com';
SET @@GLOBAL.debug_dbug = @saved_dbug;
|