HEX
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
System: Linux atalantini.com 3.10.0-1127.13.1.el7.x86_64 #1 SMP Tue Jun 23 15:46:38 UTC 2020 x86_64
User: root (0)
PHP: 7.2.34
Disabled: NONE
$ pwd: /usr/share/mysql-test/t/
Upload Files
File: //usr/share/mysql-test/t/ssl_ca.test
--source include/have_ssl.inc
--source include/not_embedded.inc

--echo #
--echo # Bug#21920657: SSL-CA FAILS SILENTLY IF THE PATH CANNOT BE FOUND
--echo #

--echo # try to connect with wrong '--ssl-ca' path : should fail
--error 1
--exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/wrong-cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_cipher'" 2>&1

--echo # try to connect with correct '--ssl-ca' path : should connect
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA
--exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_cipher'"

--echo #
--echo # Bug#21920678: SSL-CA DOES NOT ACCEPT ~USER TILDE HOME DIRECTORY
--echo #               PATH SUBSTITUTION
--echo #

--let $mysql_test_dir_path= `SELECT IF(LENGTH('$HOME'), REPLACE('=$MYSQL_TEST_DIR', '=$HOME', '=~'), '=$MYSQL_TEST_DIR')`

--echo # try to connect with '--ssl-ca' option using tilde home directoy
--echo # path substitution : should connect
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA
--exec $MYSQL --ssl-ca$mysql_test_dir_path/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_cipher'"

--echo # try to connect with '--ssl-key' option using tilde home directoy
--echo # path substitution : should connect
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA
--exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key$mysql_test_dir_path/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_cipher'"

--echo # try to connect with '--ssl-cert' option using tilde home directoy
--echo # path substitution : should connect
--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA
--exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert$mysql_test_dir_path/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_cipher'"
@ Telegram