[This commit e-mail is a repeat.]
#At file:///home/mayank/mysql-server/mysql-ssl/ based on
revid:alexander.barkov@stripped
3368 Mayank Prasad 2011-03-10
BUG #11760210: 52596: SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE
'SSL_CIPHER_LIST'"
Issue:
SSL_CIPHER set to a specific CIPHER name was not getting picked up by SHOW STATUS
Command.
Solution:
If specific cipher name is specified, avoid overwriting of Cipher List with default
Cipher names.
@ extra/yassl/src/yassl_int.cpp
If user specified Cipher name is there, avoid populating default cipher names'
list.
@ mysql-test/r/ssl_cipher.result
Expected file for ssl_cipher.test test case
@ mysql-test/t/ssl_cipher-master.opt
Server option file for ssl_cipher.test test case.
@ mysql-test/t/ssl_cipher.test
Test case to verify that user specified SSL cipher name is shown in SHOW STATUS
Command.
added:
mysql-test/r/ssl_cipher.result
mysql-test/t/ssl_cipher-master.opt
mysql-test/t/ssl_cipher.test
modified:
extra/yassl/src/yassl_int.cpp
=== modified file 'extra/yassl/src/yassl_int.cpp'
--- a/extra/yassl/src/yassl_int.cpp 2009-09-23 13:21:29 +0000
+++ b/extra/yassl/src/yassl_int.cpp 2011-03-10 13:08:39 +0000
@@ -308,7 +308,7 @@ SSL::SSL(SSL_CTX* ctx)
SetError(YasslError(err));
return;
}
- else if (serverSide) {
+ else if (serverSide && !(ctx->GetCiphers().setSuites_)) {
// remove RSA or DSA suites depending on cert key type
ProtocolVersion pv = secure_.get_connection().version_;
=== added file 'mysql-test/r/ssl_cipher.result'
--- a/mysql-test/r/ssl_cipher.result 1970-01-01 00:00:00 +0000
+++ b/mysql-test/r/ssl_cipher.result 2011-03-10 13:08:39 +0000
@@ -0,0 +1,9 @@
+#
+# BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE
'SSL_CIPHER_LIST'"
+#
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name Value
+Ssl_cipher AES128-SHA
+SHOW STATUS LIKE 'Ssl_cipher_list';
+Variable_name Value
+Ssl_cipher_list AES128-SHA
=== added file 'mysql-test/t/ssl_cipher-master.opt'
--- a/mysql-test/t/ssl_cipher-master.opt 1970-01-01 00:00:00 +0000
+++ b/mysql-test/t/ssl_cipher-master.opt 2011-03-10 13:08:39 +0000
@@ -0,0 +1 @@
+--ssl-cipher=AES128-SHA
=== added file 'mysql-test/t/ssl_cipher.test'
--- a/mysql-test/t/ssl_cipher.test 1970-01-01 00:00:00 +0000
+++ b/mysql-test/t/ssl_cipher.test 2011-03-10 13:08:39 +0000
@@ -0,0 +1,26 @@
+# Turn on ssl between the client and server
+# and run a number of tests
+
+--echo #
+--echo # BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE
'SSL_CIPHER_LIST'"
+--echo #
+
+-- source include/have_ssl_communication.inc
+
+# Save the initial number of concurrent sessions
+--source include/count_sessions.inc
+
+connect (ssl_con,localhost,root,,,,,SSL);
+
+# Check Cipher Name and Cipher List
+SHOW STATUS LIKE 'Ssl_cipher';
+SHOW STATUS LIKE 'Ssl_cipher_list';
+
+connection default;
+disconnect ssl_con;
+
+# Wait till all disconnects are completed
+--source include/wait_until_count_sessions.inc
+
+## This test file is for testing encrypted communication only, not other
+## encryption routines that the SSL library happens to provide!
Attachment: [text/bzr-bundle] bzr/mayank.prasad@oracle.com-20110310130839-i1fgikgoqy1qro5u.bundle
| Thread |
|---|
| • [Resend] bzr commit into mysql-5.5 branch (mayank.prasad:3368) Bug#11760210 | Mayank Prasad | 10 Mar |
