List:Commits« Previous MessageNext Message »
From:Mayank Prasad Date:March 10 2011 1:08pm
Subject:bzr commit into mysql-5.5 branch (mayank.prasad:3368) Bug#11760210
View as plain text  
#At file:///home/mayank/mysql-server/mysql-ssl/ based on revid:alexander.barkov@stripped

 3368 Mayank Prasad	2011-03-10
      BUG #11760210: 52596: SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
      
      Issue:
      SSL_CIPHER set to a specific CIPHER name was not getting picked up by SHOW STATUS Command.
      
      Solution:
      If specific cipher name is specified, avoid overwriting of Cipher List with default Cipher names.
     @ extra/yassl/src/yassl_int.cpp
        If user specified Cipher name is there, avoid populating default cipher names' list.
     @ mysql-test/r/ssl_cipher.result
        Expected file for ssl_cipher.test test case
     @ mysql-test/t/ssl_cipher-master.opt
        Server option file for ssl_cipher.test test case.
     @ mysql-test/t/ssl_cipher.test
        Test case to verify that user specified SSL cipher name is shown in SHOW STATUS Command.

    added:
      mysql-test/r/ssl_cipher.result
      mysql-test/t/ssl_cipher-master.opt
      mysql-test/t/ssl_cipher.test
    modified:
      extra/yassl/src/yassl_int.cpp
=== modified file 'extra/yassl/src/yassl_int.cpp'
--- a/extra/yassl/src/yassl_int.cpp	2009-09-23 13:21:29 +0000
+++ b/extra/yassl/src/yassl_int.cpp	2011-03-10 13:08:39 +0000
@@ -308,7 +308,7 @@ SSL::SSL(SSL_CTX* ctx) 
             SetError(YasslError(err));
             return;
         }
-        else if (serverSide) {
+        else if (serverSide && !(ctx->GetCiphers().setSuites_)) {
             // remove RSA or DSA suites depending on cert key type
             ProtocolVersion pv = secure_.get_connection().version_;
             

=== added file 'mysql-test/r/ssl_cipher.result'
--- a/mysql-test/r/ssl_cipher.result	1970-01-01 00:00:00 +0000
+++ b/mysql-test/r/ssl_cipher.result	2011-03-10 13:08:39 +0000
@@ -0,0 +1,9 @@
+#
+# BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
+#
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name	Value
+Ssl_cipher	AES128-SHA
+SHOW STATUS LIKE 'Ssl_cipher_list';
+Variable_name	Value
+Ssl_cipher_list	AES128-SHA

=== added file 'mysql-test/t/ssl_cipher-master.opt'
--- a/mysql-test/t/ssl_cipher-master.opt	1970-01-01 00:00:00 +0000
+++ b/mysql-test/t/ssl_cipher-master.opt	2011-03-10 13:08:39 +0000
@@ -0,0 +1 @@
+--ssl-cipher=AES128-SHA

=== added file 'mysql-test/t/ssl_cipher.test'
--- a/mysql-test/t/ssl_cipher.test	1970-01-01 00:00:00 +0000
+++ b/mysql-test/t/ssl_cipher.test	2011-03-10 13:08:39 +0000
@@ -0,0 +1,26 @@
+# Turn on ssl between the client and server
+# and run a number of tests
+
+--echo #
+--echo # BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
+--echo #
+
+-- source include/have_ssl_communication.inc
+
+# Save the initial number of concurrent sessions
+--source include/count_sessions.inc
+
+connect (ssl_con,localhost,root,,,,,SSL);
+
+# Check Cipher Name and Cipher List
+SHOW STATUS LIKE 'Ssl_cipher';
+SHOW STATUS LIKE 'Ssl_cipher_list';
+
+connection default;
+disconnect ssl_con;
+
+# Wait till all disconnects are completed
+--source include/wait_until_count_sessions.inc
+
+##  This test file is for testing encrypted communication only, not other
+##  encryption routines that the SSL library happens to provide!


Attachment: [text/bzr-bundle] bzr/mayank.prasad@oracle.com-20110310130839-i1fgikgoqy1qro5u.bundle
Thread
bzr commit into mysql-5.5 branch (mayank.prasad:3368) Bug#11760210Mayank Prasad10 Mar