File: ssl_verify_identity.test

package info (click to toggle)
mysql-8.0 8.0.43-3
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 1,273,924 kB
  • sloc: cpp: 4,684,605; ansic: 412,450; pascal: 108,398; java: 83,641; perl: 30,221; cs: 27,067; sql: 26,594; sh: 24,181; python: 21,816; yacc: 17,169; php: 11,522; xml: 7,388; javascript: 7,076; makefile: 2,194; lex: 1,075; awk: 670; asm: 520; objc: 183; ruby: 97; lisp: 86
file content (20 lines) | stat: -rw-r--r-- 960 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
 
# === Purpose ===
# This test verifies that while verifying the server certificates
# when ssl-mode=VERIFY_IDENTITY, the DNS/IPs provided in the Subject
# Alternative Names (which can be provided as an extension in X509)
# fields are also checked for apart from the Common Name in the subject.
# Applicable for openssl versions 1.0.2 and greater.
#
# === Related bugs and/or worklogs ===
# Bug #16211011 - SSL CERTIFICATE SUBJECT ALT NAMES WITH IPS NOT RESPECTED WITH ssl-mode=VERIFY_IDENTITY
#
# Note that these test cases are written keeping in mind that the openssl version used by the system will
# be 1.0.2+. For older versions of openssl, the test will be skipped.

--source include/check_openssl_version.inc
--source include/allowed_ciphers.inc

let PARAM_TEST_EXE=$MYSQL ;
let PARAM_CIPHER_VARIABLE=Ssl_cipher;
let PARAM_VERIFY_IDENTITY_ERROR=ERROR 2005 \(HY000\): Unknown MySQL server host 'nonexistent';
--source include/test_ssl_verify_identity.inc