403Webshell
Server IP : 172.67.216.182  /  Your IP : 172.70.92.247
Web Server : Apache
System : Linux krdc-ubuntu-s-2vcpu-4gb-amd-blr1-01.localdomain 5.15.0-142-generic #152-Ubuntu SMP Mon May 19 10:54:31 UTC 2025 x86_64
User : www ( 1000)
PHP Version : 7.4.33
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /www/server/mysql/src/mysql-test/suite/auth_sec/t/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /www/server/mysql/src/mysql-test/suite/auth_sec/t/tls.test
# Want to skip this test from daily Valgrind execution
--source include/no_valgrind_without_big.inc
# This test should work in embedded server after we fix mysqltest
-- source include/not_embedded.inc
-- source include/have_ssl_communication.inc
# Save the initial number of concurrent sessions
--source include/count_sessions.inc

--echo #
--echo # WL#8196 TLSv1.2 support
--echo #

--disable_query_log
call mtr.add_suppression("InnoDB: Resizing redo log");
call mtr.add_suppression("InnoDB: Starting to delete and rewrite");
call mtr.add_suppression("InnoDB: New log files created");
call mtr.add_suppression("Failed to set up SSL because of");
--enable_query_log

# We let our server restart attempts write to the file $error_log.
let $error_log= $MYSQLTEST_VARDIR/log/my_restart.err;

perl;
my $filetodelete = "$ENV{'MYSQLTEST_VARDIR'}/log/my_restart.err";
while (-e $filetodelete) {
  unlink $filetodelete;
  sleep 1;
}
EOF

let $MYSQLD_DATADIR= `SELECT @@datadir`;
let $MYSQL_SOCKET= `SELECT @@socket`;
let $MYSQL_PORT= `SELECT @@port`;

let $tls_default= TLSv1.2;

--echo #T1: Default TLS connection
--replace_result $tls_default TLS_VERSION
--exec $MYSQL --host=127.0.0.1 -P $MASTER_MYPORT -e "SHOW STATUS like 'Ssl_version'"

--echo #T2: Default SSL cipher
--replace_regex $ALLOWED_CIPHERS_REGEX
--exec $MYSQL --host=127.0.0.1 -P $MASTER_MYPORT -e "SHOW STATUS like 'Ssl_cipher'"

--echo #T3: Setting TLS version TLSv1.2 from the client
--replace_result $tls_default TLS_VERSION
--exec $MYSQL --host=127.0.0.1 -P $MASTER_MYPORT --tls-version=$tls_default -e "SHOW STATUS like 'Ssl_version'"

--echo #T4: Setting TLS version TLSv1.1 from the client
--exec $MYSQL --host=127.0.0.1 -P $MASTER_MYPORT --tls-version=TLSv1.1 -e "SHOW STATUS like 'Ssl_version'"

--echo #T5: Setting TLS version TLSv1 from the client
--exec $MYSQL --host=127.0.0.1 -P $MASTER_MYPORT --tls-version=TLSv1 -e "SHOW STATUS like 'Ssl_version'"

--echo #T6: Setting TLS version TLSv1, TLSv1.1 from the client
--exec $MYSQL --host=127.0.0.1 -P $MASTER_MYPORT --tls-version=TLSv1,TLSv1.1 -e "SHOW STATUS like 'Ssl_version'"

--echo #T7: Setting invalid TLS version value from the client, it should give error.
--error 1
--exec $MYSQL --host=127.0.0.1 -P $MASTER_MYPORT --tls-version=TLS_INVALID_VERSION -e "SHOW STATUS like 'Ssl_version'"

--echo #T8: Cipher which is not in the cipher list but not restricted permanently
--error 1
--exec $MYSQL --host=127.0.0.1 -P $MASTER_MYPORT --ssl-cipher=CAMELLIA256-SHA -e "SHOW STATUS like 'Ssl_cipher'"

--echo #T9: Cipher which is not in the cipher list but not restricted permanently, setting the server cipher as well

--echo Restart server and provide ssl-cipher at server startup
--exec echo "wait" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--shutdown_server
--source include/wait_until_disconnected.inc

--exec echo "restart:--ssl-cipher=CAMELLIA256-SHA " > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--enable_reconnect
--source include/wait_until_connected_again.inc

--exec $MYSQL -h 127.0.0.1 -P $MYSQL_PORT --ssl-cipher=CAMELLIA256-SHA -e "SHOW STATUS like 'Ssl_cipher'"

--echo #T10: Permanently restricted cipher, setting in the server as well
--exec echo "wait" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--shutdown_server
--source include/wait_until_disconnected.inc

--exec echo "restart:--ssl-cipher=DHE-DSS-DES-CBC3-SHA " > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--enable_reconnect
--source include/wait_until_connected_again.inc

--echo Connection will be possible, but server will not be enabled with ssl and connection is not ssl-enabled
--exec $MYSQL --host=127.0.0.1 -P $MASTER_MYPORT --ssl-cipher=DHE-DSS-DES-CBC3-SHA -e "SHOW STATUS like 'Ssl_cipher'"

--echo #T11: Setting TLS version1.2 in the server and from client giving TLSv1.1, connection should fail
--exec echo "wait" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--shutdown_server
--source include/wait_until_disconnected.inc

--exec echo "restart:--tls-version=TLSv1.2 " > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--enable_reconnect
--source include/wait_until_connected_again.inc

--error 1
--exec $MYSQL --ssl-mode=REQUIRED --host=127.0.0.1 -P $MASTER_MYPORT --tls-version=TLSv1.1 -e "SHOW STATUS like 'Ssl_version'"

--echo # restart server using restart
--echo Restart server and provide ssl-cipher at server startup
--exec echo "wait" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--shutdown_server
--source include/wait_until_disconnected.inc

--exec echo "restart: " > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--enable_reconnect
--source include/wait_until_connected_again.inc

Youez - 2016 - github.com/yon3zu
LinuXploit