Fix several SSL tests that failed because of different SSL cipher expectation

2019-01-30 07:25:50 +01:00 · 2019-01-30 07:25:50 +01:00 · 73b0cf5ba2
parent fba85c10dd
commit 73b0cf5ba2
3 changed files with 59 additions and 9 deletions
--- a/mariadb-ssl-cipher-tests.patch
+++ b/mariadb-ssl-cipher-tests.patch
@ -0,0 +1,52 @@
+diff -up mariadb-10.3.9/mysql-test/main/ssl_cipher.test.fixtest mariadb-10.3.9/mysql-test/main/ssl_cipher.test
+--- mariadb-10.3.9/mysql-test/main/ssl_cipher.test.fixtest	2019-01-27 19:39:19.610027153 +0100
+++ mariadb-10.3.9/mysql-test/main/ssl_cipher.test	2019-01-27 19:42:10.045430776 +0100
+@@ -13,7 +13,9 @@
+ connect (ssl_con,localhost,root,,,,,SSL);
+ 
+ # Check Cipher Name and Cipher List
+--replace_regex /TLS_AES_.*/AES128-SHA/
+ SHOW STATUS LIKE 'Ssl_cipher';
+--replace_regex /TLS_AES_.*/AES128-SHA/
+ SHOW STATUS LIKE 'Ssl_cipher_list';
+ 
+ connection default;
+diff -up mariadb-10.3.9/mysql-test/main/ssl.result.fixtestssl mariadb-10.3.9/mysql-test/main/ssl.result
+--- mariadb-10.3.9/mysql-test/main/ssl.result.fixtestssl	2019-01-27 20:41:52.605213547 +0100
+++ mariadb-10.3.9/mysql-test/main/ssl.result	2019-01-27 20:42:03.977320005 +0100
+@@ -2176,7 +2176,7 @@ still connected?
+ connection default;
+ disconnect ssl_con;
+ create user mysqltest_1@localhost;
+-grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA";
+grant usage on mysqltest.* to mysqltest_1@localhost require cipher "TLS_AES_256_GCM_SHA384";
+ Variable_name	Value
+-Ssl_cipher	AES256-SHA
+Ssl_cipher	TLS_AES_256_GCM_SHA384
+ drop user mysqltest_1@localhost;
+diff -up mariadb-10.3.9/mysql-test/main/ssl.test.fixtestssl mariadb-10.3.9/mysql-test/main/ssl.test
+--- mariadb-10.3.9/mysql-test/main/ssl.test.fixtestssl	2019-01-27 20:40:39.756531579 +0100
+++ mariadb-10.3.9/mysql-test/main/ssl.test	2019-01-27 20:41:02.631745724 +0100
+@@ -33,8 +33,8 @@ connection default;
+ disconnect ssl_con;
+ 
+ create user mysqltest_1@localhost;
+-grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA";
+---exec $MYSQL -umysqltest_1 --ssl-cipher=AES256-SHA -e "show status like 'ssl_cipher'" 2>&1
+grant usage on mysqltest.* to mysqltest_1@localhost require cipher "TLS_AES_256_GCM_SHA384";
+--exec $MYSQL -umysqltest_1 --ssl-cipher=TLS_AES_256_GCM_SHA384 -e "show status like 'ssl_cipher'" 2>&1
+ drop user mysqltest_1@localhost;
+ 
+ # Wait till all disconnects are completed
+diff -up mariadb-10.3.9/mysql-test/main/ssl_cert_verify.test.fixcerttest mariadb-10.3.9/mysql-test/main/ssl_cert_verify.test
+--- mariadb-10.3.9/mysql-test/main/ssl_cert_verify.test.fixcerttest	2019-01-27 21:11:12.280726041 +0100
+++ mariadb-10.3.9/mysql-test/main/ssl_cert_verify.test	2019-01-27 21:10:01.034041434 +0100
+@@ -30,7 +30,7 @@ let $ssl_verify_pass_path = --ssl --ssl-
+ --enable_reconnect
+ --source include/wait_until_connected_again.inc
+ 
+---replace_result TLSv1.2 TLS_VERSION TLSv1.1 TLS_VERSION TLSv1 TLS_VERSION
+--replace_result TLSv1.3 TLS_VERSION TLSv1.2 TLS_VERSION TLSv1.1 TLS_VERSION TLSv1 TLS_VERSION
+ --exec $MYSQL --protocol=tcp --ssl-ca=$MYSQL_TEST_DIR/std_data/ca-cert-verify.pem --ssl-verify-server-cert -e "SHOW STATUS like 'Ssl_version'"
+ 
+ --echo # restart server using restart
--- a/mariadb.spec
+++ b/mariadb.spec
@ -159,7 +159,7 @@

 Name:             mariadb
 Version:          10.3.12
-Release:          7%{?with_debug:.debug}%{?dist}
+Release:          8%{?with_debug:.debug}%{?dist}
 Epoch:            3

 Summary:          A very fast and robust SQL database server
@ -203,6 +203,8 @@ Patch4:           %{pkgnamepatch}-logrotate.patch
 Patch7:           %{pkgnamepatch}-scripts.patch
 #   Patch9: pre-configure to comply with guidelines
 Patch9:           %{pkgnamepatch}-ownsetup.patch
+#   Patch10: Fix cipher name in the SSL Cipher name test
+Patch10:          %{pkgnamepatch}-ssl-cipher-tests.patch

 BuildRequires:    cmake gcc-c++
 BuildRequires:    multilib-rpm-config
@ -709,6 +711,7 @@ find . -name "*.jar" -type f -exec rm --verbose -f {} \;
 %patch4 -p1
 %patch7 -p1
 %patch9 -p1
+%patch10 -p1

 # workaround for upstream bug #56342
 #rm mysql-test/t/ssl_8k_key-master.opt
@ -1598,6 +1601,9 @@ fi
 %endif

 %changelog
+* Wed Jan 30 2019 Honza Horak <hhorak@redhat.com> - 3:10.3.12-8
+- Fix several SSL tests that failed because of different SSL cipher expectation
+
 * Wed Jan 23 2019 Michal Schorm <mschorm@redhat.com> - 3:10.3.12-7
 - Fix TokuDB Jemalloc ld_preload
  Resolves: #1668375
--- a/rh-skipped-tests-base.list
+++ b/rh-skipped-tests-base.list
@ -2,16 +2,8 @@
 # https://jira.mariadb.org/browse/MDEV-8404?focusedCommentId=84275&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-84275
 main.ssl_7937                                : #1399847
 main.ssl_crl_clients                         : #1399847
-main.ssl_cert_verify                         :
-
 main.ssl_8k_key                              :

-# From 10.3.9
-main.openssl_1                               :
-main.openssl_6975                            :
-main.ssl                                     :
-main.ssl_cipher                              :
-
 # 
 perfschema.nesting                           : #1399847
 perfschema.socket_summary_by_instance_func   : #1399847