#At file:///home/mayank/mysql-server/mysql-5.1_SSL/ based on revid:mattias.jonsson@stripped
3613 Mayank Prasad 2011-03-11
BUG #11760210: 52596: SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
Issue:
SSL_CIPHER set to a specific CIPHER name was not getting picked up by SHOW STATUS Command.
Solution:
If specific cipher name is specified, avoid overwriting of Cipher List with default Cipher names.
@ extra/yassl/src/yassl_int.cpp
If user specified Cipher name is there, avoid populating default
cipher names' list.
@ mysql-test/r/ssl_cipher.result
Expected file for ssl_cipher.test test case
@ mysql-test/t/ssl_cipher-master.opt
Server option file for ssl_cipher.test test case.
@ mysql-test/t/ssl_cipher.test
Test case to verify that user specified SSL cipher name is shown in SHOW STATUS Command.
added:
mysql-test/r/ssl_cipher.result
mysql-test/t/ssl_cipher-master.opt
mysql-test/t/ssl_cipher.test
modified:
extra/yassl/src/yassl_int.cpp
=== modified file 'extra/yassl/src/yassl_int.cpp'
--- a/extra/yassl/src/yassl_int.cpp 2009-09-23 13:21:29 +0000
+++ b/extra/yassl/src/yassl_int.cpp 2011-03-11 10:46:34 +0000
@@ -308,7 +308,7 @@ SSL::SSL(SSL_CTX* ctx)
SetError(YasslError(err));
return;
}
- else if (serverSide) {
+ else if (serverSide && !(ctx->GetCiphers().setSuites_)) {
// remove RSA or DSA suites depending on cert key type
ProtocolVersion pv = secure_.get_connection().version_;
=== added file 'mysql-test/r/ssl_cipher.result'
--- a/mysql-test/r/ssl_cipher.result 1970-01-01 00:00:00 +0000
+++ b/mysql-test/r/ssl_cipher.result 2011-03-11 10:46:34 +0000
@@ -0,0 +1,9 @@
+#
+# BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
+#
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name Value
+Ssl_cipher AES128-SHA
+SHOW STATUS LIKE 'Ssl_cipher_list';
+Variable_name Value
+Ssl_cipher_list AES128-SHA
=== added file 'mysql-test/t/ssl_cipher-master.opt'
--- a/mysql-test/t/ssl_cipher-master.opt 1970-01-01 00:00:00 +0000
+++ b/mysql-test/t/ssl_cipher-master.opt 2011-03-11 10:46:34 +0000
@@ -0,0 +1 @@
+--ssl-cipher=AES128-SHA
=== added file 'mysql-test/t/ssl_cipher.test'
--- a/mysql-test/t/ssl_cipher.test 1970-01-01 00:00:00 +0000
+++ b/mysql-test/t/ssl_cipher.test 2011-03-11 10:46:34 +0000
@@ -0,0 +1,23 @@
+# Turn on ssl between the client and server
+# and run a number of tests
+
+--echo #
+--echo # BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
+--echo #
+
+-- source include/have_ssl.inc
+
+# Save the initial number of concurrent sessions
+--source include/count_sessions.inc
+
+connect (ssl_con,localhost,root,,,,,SSL);
+
+# Check Cipher Name and Cipher List
+SHOW STATUS LIKE 'Ssl_cipher';
+SHOW STATUS LIKE 'Ssl_cipher_list';
+
+connection default;
+disconnect ssl_con;
+
+# Wait till all disconnects are completed
+--source include/wait_until_count_sessions.inc
Attachment: [text/bzr-bundle] bzr/mayank.prasad@oracle.com-20110311104634-2zks6i8mmt2vzk0z.bundle
| Thread |
|---|
| • bzr commit into mysql-5.1 branch (mayank.prasad:3613) Bug#11760210 | Mayank Prasad | 11 Mar |
