File: cert_verify.test

package info (click to toggle)
mysql-5.5 5.5.60-0%2Bdeb8u1
  • links: PTS, VCS
  • area: main
  • in suites: jessie
  • size: 201,012 kB
  • sloc: cpp: 648,063; ansic: 552,041; perl: 48,017; pascal: 25,099; sh: 15,065; yacc: 13,088; cs: 4,647; xml: 4,178; sql: 3,380; makefile: 1,368; lex: 639; awk: 54
file content (45 lines) | stat: -rw-r--r-- 2,210 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
# Want to skip this test from Valgrind execution
--source include/no_valgrind_without_big.inc
# This test should work in embedded server after we fix mysqltest
-- source include/not_embedded.inc
-- source include/have_ssl_communication.inc
# Save the initial number of concurrent sessions
--source include/count_sessions.inc

let $ssl_verify_fail_path = --ssl --ssl-ca=$MYSQL_TEST_DIR/std_data/ca-cert-verify.pem --ssl-key=$MYSQL_TEST_DIR/std_data/server-key-verify-fail.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/server-cert-verify-fail.pem;
let $ssl_verify_pass_path = --ssl --ssl-ca=$MYSQL_TEST_DIR/std_data/ca-cert-verify.pem --ssl-key=$MYSQL_TEST_DIR/std_data/server-key-verify-pass.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/server-cert-verify-pass.pem;

let $tls_default= TLSv1;

--echo #T1: Host name (/CN=localhost/) as OU name in the server certificate, server certificate verification should fail.
--exec echo "wait" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--shutdown_server
--source include/wait_until_disconnected.inc

--exec echo "restart:" $ssl_verify_fail_path  > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--enable_reconnect
--source include/wait_until_connected_again.inc

--error 1
--exec $MYSQL --protocol=tcp --ssl-ca=$MYSQL_TEST_DIR/std_data/ca-cert-verify.pem --ssl-verify-server-cert -e "SHOW STATUS like 'Ssl_version'"

--echo #T2: Host name (localhost) as common name in the server certificate, server certificate verification should pass.
--exec echo "wait" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--shutdown_server
--source include/wait_until_disconnected.inc

--exec echo "restart:" $ssl_verify_pass_path  > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--enable_reconnect
--source include/wait_until_connected_again.inc

--replace_result $tls_default TLS_VERSION
--exec $MYSQL --protocol=tcp --ssl-ca=$MYSQL_TEST_DIR/std_data/ca-cert-verify.pem --ssl-verify-server-cert -e "SHOW STATUS like 'Ssl_version'"

--echo # restart server using restart
--exec echo "wait" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--shutdown_server
--source include/wait_until_disconnected.inc

--exec echo "restart: " > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--enable_reconnect
--source include/wait_until_connected_again.inc