Skip to content

Commit

Permalink
show in mariadb cli whether server cert was verified
Browse files Browse the repository at this point in the history
  • Loading branch information
@vuvova
vuvova committed Feb 4, 2024
1 parent 853bdf5 commit 6b90033
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 2 deletions.
4 changes: 2 additions & 2 deletions client/mysql.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5049,8 +5049,8 @@ com_status(String *buffer __attribute__((unused)),

#if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
if ((status_str= mysql_get_ssl_cipher(&mysql)))
tee_fprintf(stdout, "SSL:\t\t\tCipher in use is %s\n",
status_str);
tee_fprintf(stdout, "SSL:\t\t\tCipher in use is %s, cert is %s\n",
status_str, opt_ssl_verify_server_cert ? "OK" : "UNKNOWN");
else
#endif /* HAVE_OPENSSL && !EMBEDDED_LIBRARY */
tee_puts("SSL:\t\t\tNot in use", stdout);
Expand Down
15 changes: 15 additions & 0 deletions mysql-test/main/mysql.result
View file
Original file line number Diff line number Diff line change
Expand Up @@ -640,3 +640,18 @@ WARNING: option --enable-cleartext-plugin is obsolete.
#
# MDEV-30327 Client crashes in print_last_query_cost
#
#
# show whether server cert was verified
#
create user ser@localhost identified by "ass";
MYSQL --disable-ssl-verify-server-cert -e "\s"

SSL: Cipher in use is XXX, cert is UNKNOWN


MYSQL --ssl-verify-server-cert -e "\s"

SSL: Cipher in use is XXX, cert is OK


drop user ser@localhost;
12 changes: 12 additions & 0 deletions mysql-test/main/mysql.test
View file
Original file line number Diff line number Diff line change
Expand Up @@ -725,3 +725,15 @@ drop table t1;
--exec $MYSQL --show-query-costs --port=$MASTER_MYPORT -e "show tables in mysql like 'foo'"
--enable_result_log
--enable_query_log

--echo #
--echo # show whether server cert was verified
--echo #
create user ser@localhost identified by "ass";
--echo MYSQL --disable-ssl-verify-server-cert -e "\\s"
--replace_regex /^.[^S].*// /\b[-A-Z_0-9]+,/XXX,/
--exec $MYSQL -user -pass --disable-ssl-verify-server-cert -e "\\s"
--echo MYSQL --ssl-verify-server-cert -e "\\s"
--replace_regex /^.[^S].*// /\b[-A-Z_0-9]+,/XXX,/
--exec $MYSQL -user -pass --ssl-verify-server-cert -e "\\s"
drop user ser@localhost;

0 comments on commit 6b90033

Please sign in to comment.