config root man

Current Path : /home/usr.opt/mysql57/mysql-test/suite/x/r/

FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64
Upload File :
Current File : //home/usr.opt/mysql57/mysql-test/suite/x/r/connection_openssl.result

Preamble
install plugin mysqlx soname "mysqlx.so";
call mtr.add_suppression("Plugin mysqlx reported: .Failed at SSL configuration: .SSL context is not usable without certificate and private key..");
call mtr.add_suppression("Plugin mysqlx reported: .SSL_CTX_load_verify_locations failed.");
SET GLOBAL mysqlx_connect_timeout = 300;
call mtr.add_suppression("Unsuccessful login attempt");
send Mysqlx.Connection.CapabilitiesGet {
}

Mysqlx.Connection.Capabilities {
  capabilities {
    name: "tls"
    value {
      type: SCALAR
      scalar {
        type: V_BOOL
        v_bool: false
      }
    }
  }
  capabilities {
    name: "authentication.mechanisms"
    value {
      type: ARRAY
      array {
        value {
          type: SCALAR
          scalar {
            type: V_STRING
            v_string {
              value: "MYSQL41"
            }
          }
        }
      }
    }
  }
  capabilities {
    name: "doc.formats"
    value {
      type: SCALAR
      scalar {
        type: V_STRING
        v_string {
          value: "text"
        }
      }
    }
  }
  capabilities {
    name: "node_type"
    value {
      type: SCALAR
      scalar {
        type: V_STRING
        v_string {
          value: "mysql"
        }
      }
    }
  }
  capabilities {
    name: "client.pwd_expire_ok"
    value {
      type: SCALAR
      scalar {
        type: V_BOOL
        v_bool: false
      }
    }
  }
}

send Mysqlx.Connection.CapabilitiesSet {
  capabilities {
    capabilities {
      name: "tls"
      value {
        type: SCALAR
        scalar {
          type: V_BOOL
          v_bool: true
        }
      }
    }
  }
}

Mysqlx.Ok {
}

Enable SSL
send Mysqlx.Connection.CapabilitiesGet {
}

Mysqlx.Connection.Capabilities {
  capabilities {
    name: "tls"
    value {
      type: SCALAR
      scalar {
        type: V_BOOL
        v_bool: true
      }
    }
  }
  capabilities {
    name: "authentication.mechanisms"
    value {
      type: ARRAY
      array {
        value {
          type: SCALAR
          scalar {
            type: V_STRING
            v_string {
              value: "MYSQL41"
            }
          }
        }
        value {
          type: SCALAR
          scalar {
            type: V_STRING
            v_string {
              value: "PLAIN"
            }
          }
        }
      }
    }
  }
  capabilities {
    name: "doc.formats"
    value {
      type: SCALAR
      scalar {
        type: V_STRING
        v_string {
          value: "text"
        }
      }
    }
  }
  capabilities {
    name: "node_type"
    value {
      type: SCALAR
      scalar {
        type: V_STRING
        v_string {
          value: "mysql"
        }
      }
    }
  }
  capabilities {
    name: "client.pwd_expire_ok"
    value {
      type: SCALAR
      scalar {
        type: V_BOOL
        v_bool: false
      }
    }
  }
}

ok
setting read/write  tls param with possible invalid data types V_SINT,V_UINT ,V_NULL,V_OCTETS ,V_DOUBLE,V_FLOAT,V_STRING types instead of Bool
send Mysqlx.Connection.CapabilitiesGet {
}

Mysqlx.Connection.Capabilities {
  capabilities {
    name: "tls"
    value {
      type: SCALAR
      scalar {
        type: V_BOOL
        v_bool: false
      }
    }
  }
  capabilities {
    name: "authentication.mechanisms"
    value {
      type: ARRAY
      array {
        value {
          type: SCALAR
          scalar {
            type: V_STRING
            v_string {
              value: "MYSQL41"
            }
          }
        }
      }
    }
  }
  capabilities {
    name: "doc.formats"
    value {
      type: SCALAR
      scalar {
        type: V_STRING
        v_string {
          value: "text"
        }
      }
    }
  }
  capabilities {
    name: "node_type"
    value {
      type: SCALAR
      scalar {
        type: V_STRING
        v_string {
          value: "mysql"
        }
      }
    }
  }
  capabilities {
    name: "client.pwd_expire_ok"
    value {
      type: SCALAR
      scalar {
        type: V_BOOL
        v_bool: false
      }
    }
  }
}

send Mysqlx.Connection.CapabilitiesSet {
  capabilities {
    capabilities {
      name: "tls"
      value {
        type: SCALAR
        scalar {
          type: V_BOOL
          v_bool: false
        }
      }
    }
  }
}

Mysqlx.Error {
  severity: ERROR
  code: 5001
  msg: "Capability prepare failed for \'tls\'"
  sql_state: "HY000"
}

send Mysqlx.Connection.CapabilitiesSet {
  capabilities {
    capabilities {
      name: "tls"
      value {
        type: SCALAR
        scalar {
          type: V_NULL
        }
      }
    }
  }
}

Mysqlx.Error {
  severity: ERROR
  code: 5001
  msg: "Capability prepare failed for \'tls\'"
  sql_state: "HY000"
}

send Mysqlx.Connection.CapabilitiesSet {
  capabilities {
    capabilities {
      name: "tls"
      value {
        type: SCALAR
        scalar {
          type: V_OCTETS
        }
      }
    }
  }
}

Mysqlx.Error {
  severity: ERROR
  code: 5001
  msg: "Capability prepare failed for \'tls\'"
  sql_state: "HY000"
}

send Mysqlx.Connection.CapabilitiesSet {
  capabilities {
    capabilities {
      name: "tls"
      value {
        type: SCALAR
        scalar {
          type: V_UINT
        }
      }
    }
  }
}

Mysqlx.Error {
  severity: ERROR
  code: 5001
  msg: "Capability prepare failed for \'tls\'"
  sql_state: "HY000"
}

send Mysqlx.Connection.CapabilitiesSet {
  capabilities {
    capabilities {
      name: "tls"
      value {
        type: SCALAR
        scalar {
          type: V_SINT
        }
      }
    }
  }
}

Mysqlx.Error {
  severity: ERROR
  code: 5001
  msg: "Capability prepare failed for \'tls\'"
  sql_state: "HY000"
}

ok
setting read/write  tls param with possible invalid data types V_SINT,V_UINT ,V_NULL,V_OCTETS ,V_DOUBLE,V_FLOAT,V_STRING types instead of Bool
send Mysqlx.Connection.CapabilitiesGet {
}

Mysqlx.Connection.Capabilities {
  capabilities {
    name: "tls"
    value {
      type: SCALAR
      scalar {
        type: V_BOOL
        v_bool: false
      }
    }
  }
  capabilities {
    name: "authentication.mechanisms"
    value {
      type: ARRAY
      array {
        value {
          type: SCALAR
          scalar {
            type: V_STRING
            v_string {
              value: "MYSQL41"
            }
          }
        }
      }
    }
  }
  capabilities {
    name: "doc.formats"
    value {
      type: SCALAR
      scalar {
        type: V_STRING
        v_string {
          value: "text"
        }
      }
    }
  }
  capabilities {
    name: "node_type"
    value {
      type: SCALAR
      scalar {
        type: V_STRING
        v_string {
          value: "mysql"
        }
      }
    }
  }
  capabilities {
    name: "client.pwd_expire_ok"
    value {
      type: SCALAR
      scalar {
        type: V_BOOL
        v_bool: false
      }
    }
  }
}

send Mysqlx.Connection.CapabilitiesSet {
  capabilities {
    capabilities {
      name: "tls"
      value {
        type: SCALAR
        scalar {
          type: V_BOOL
          v_bool: false
        }
      }
    }
  }
}

Mysqlx.Error {
  severity: ERROR
  code: 5001
  msg: "Capability prepare failed for \'tls\'"
  sql_state: "HY000"
}

send Mysqlx.Connection.CapabilitiesSet {
  capabilities {
    capabilities {
      name: "tls"
      value {
        type: SCALAR
        scalar {
          type: V_NULL
        }
      }
    }
  }
}

Mysqlx.Error {
  severity: ERROR
  code: 5001
  msg: "Capability prepare failed for \'tls\'"
  sql_state: "HY000"
}

send Mysqlx.Connection.CapabilitiesSet {
  capabilities {
    capabilities {
      name: "tls"
      value {
        type: SCALAR
        scalar {
          type: V_OCTETS
        }
      }
    }
  }
}

Mysqlx.Error {
  severity: ERROR
  code: 5001
  msg: "Capability prepare failed for \'tls\'"
  sql_state: "HY000"
}

send Mysqlx.Connection.CapabilitiesSet {
  capabilities {
    capabilities {
      name: "tls"
      value {
        type: SCALAR
        scalar {
          type: V_UINT
        }
      }
    }
  }
}

Mysqlx.Error {
  severity: ERROR
  code: 5001
  msg: "Capability prepare failed for \'tls\'"
  sql_state: "HY000"
}

send Mysqlx.Connection.CapabilitiesSet {
  capabilities {
    capabilities {
      name: "tls"
      value {
        type: SCALAR
        scalar {
          type: V_SINT
        }
      }
    }
  }
}

Mysqlx.Error {
  severity: ERROR
  code: 5001
  msg: "Capability prepare failed for \'tls\'"
  sql_state: "HY000"
}

ok
Cleanup
SET GLOBAL mysqlx_connect_timeout = 300;


## SSL connection testing
RUN CREATE USER user1_mysqlx@localhost
            IDENTIFIED WITH 'mysql_native_password' BY 'auth_string1'

0 rows affected
RUN CREATE USER user2_mysqlx@localhost
            IDENTIFIED WITH 'mysql_native_password' BY 'auth_string2'
            PASSWORD EXPIRE

0 rows affected
RUN CREATE USER user3_mysqlx@localhost
IDENTIFIED WITH 'mysql_native_password' BY 'auth_string3'
REQUIRE CIPHER "DHE-RSA-AES256-SHA" AND
SUBJECT "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client"
ISSUER "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA"
PASSWORD EXPIRE NEVER

0 rows affected
RUN CREATE USER user4_mysqlx@localhost REQUIRE SSL ACCOUNT LOCK

0 rows affected
RUN CREATE USER user5_mysqlx@localhost
            IDENTIFIED WITH 'mysql_native_password' BY 'auth_string'
            REQUIRE SSL

0 rows affected
RUN CREATE USER user6_mysqlx@localhost
            IDENTIFIED WITH 'mysql_native_password' BY 'dwh@#ghd'
            REQUIRE x509

0 rows affected
RUN CREATE USER user7_mysqlx@localhost
            IDENTIFIED WITH 'mysql_native_password' BY ''
            REQUIRE CIPHER "AES256-SHA"

0 rows affected
RUN GRANT ALL ON *.* TO user1_mysqlx@localhost

0 rows affected
RUN GRANT ALL ON *.* TO user2_mysqlx@localhost

0 rows affected
RUN GRANT ALL ON *.* TO user3_mysqlx@localhost

0 rows affected
RUN GRANT ALL ON *.* TO user4_mysqlx@localhost

0 rows affected
RUN GRANT ALL ON *.* TO user5_mysqlx@localhost

0 rows affected
RUN GRANT ALL ON *.* TO user6_mysqlx@localhost

0 rows affected
RUN GRANT ALL ON *.* TO user7_mysqlx@localhost

0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
RUN SELECT CONNECTION_TYPE from performance_schema.threads where processlist_command='Query'
CONNECTION_TYPE
TCP/IP
0 rows affected
RUN SELECT USER()
USER()
user1_mysqlx@localhost
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_version'
Variable_name	Value
Mysqlx_ssl_version	
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_accepts'
Variable_name	Value
Mysqlx_ssl_accepts	1
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_finished_accepts'
Variable_name	Value
Mysqlx_ssl_finished_accepts	1
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_cipher'
Variable_name	Value
Mysqlx_ssl_cipher	
0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
Application terminated with expected error: Your password has expired. To log in you must change it using a client that supports expired passwords. (code 1045)
not ok
NOTICE: Account password expired
RUN ALTER USER USER() IDENTIFIED BY 'alter-new-auth'

0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
ALTER USER user2_mysqlx@localhost PASSWORD EXPIRE;
NOTICE: Account password expired
RUN SET PASSWORD='set-new-auth'

0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
RUN ALTER USER USER() IDENTIFIED BY 'alter-new-auth'

0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
ALTER USER user2_mysqlx@localhost PASSWORD EXPIRE;
NOTICE: Account password expired
RUN SET PASSWORD='set-new-auth'

0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
RUN SELECT CONNECTION_TYPE from performance_schema.threads where processlist_command='Query'
CONNECTION_TYPE
SSL/TLS
0 rows affected
RUN SELECT USER()
USER()
user2_mysqlx@localhost
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_version'
Variable_name	Value
Mysqlx_ssl_version	TLSv1
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_accepts'
Variable_name	Value
Mysqlx_ssl_accepts	5
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_finished_accepts'
Variable_name	Value
Mysqlx_ssl_finished_accepts	5
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_cipher'
Variable_name	Value
Mysqlx_ssl_cipher	DHE-RSA-AES256-SHA
0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
RUN SELECT CONNECTION_TYPE from performance_schema.threads where processlist_command='Query'
CONNECTION_TYPE
SSL/TLS
0 rows affected
RUN SELECT USER()
USER()
user3_mysqlx@localhost
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_version'
Variable_name	Value
Mysqlx_ssl_version	TLSv1
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_accepts'
Variable_name	Value
Mysqlx_ssl_accepts	6
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_finished_accepts'
Variable_name	Value
Mysqlx_ssl_finished_accepts	6
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_cipher'
Variable_name	Value
Mysqlx_ssl_cipher	DHE-RSA-AES256-SHA
0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
Testing conenction for ACCOUNT LOCK user.
Application terminated with expected error: Account is locked. (code 1045)
not ok
Unlocking user account.
ALTER USER user4_mysqlx@localhost ACCOUNT UNLOCK;
RUN SELECT CONNECTION_TYPE from performance_schema.threads where processlist_command='Query'
CONNECTION_TYPE
SSL/TLS
0 rows affected
RUN SELECT USER()
USER()
user4_mysqlx@localhost
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_version'
Variable_name	Value
Mysqlx_ssl_version	TLSv1
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_accepts'
Variable_name	Value
Mysqlx_ssl_accepts	8
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_finished_accepts'
Variable_name	Value
Mysqlx_ssl_finished_accepts	8
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_cipher'
Variable_name	Value
Mysqlx_ssl_cipher	DHE-RSA-AES256-SHA
0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
RUN SELECT CONNECTION_TYPE from performance_schema.threads where processlist_command='Query'
CONNECTION_TYPE
SSL/TLS
0 rows affected
RUN SELECT USER()
USER()
user5_mysqlx@localhost
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_version'
Variable_name	Value
Mysqlx_ssl_version	TLSv1
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_accepts'
Variable_name	Value
Mysqlx_ssl_accepts	9
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_finished_accepts'
Variable_name	Value
Mysqlx_ssl_finished_accepts	9
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_cipher'
Variable_name	Value
Mysqlx_ssl_cipher	DHE-RSA-AES256-SHA
0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
RUN SELECT CONNECTION_TYPE from performance_schema.threads where processlist_command='Query'
CONNECTION_TYPE
SSL/TLS
0 rows affected
RUN SELECT USER()
USER()
user5_mysqlx@localhost
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_version'
Variable_name	Value
Mysqlx_ssl_version	TLSv1
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_accepts'
Variable_name	Value
Mysqlx_ssl_accepts	10
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_finished_accepts'
Variable_name	Value
Mysqlx_ssl_finished_accepts	10
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_cipher'
Variable_name	Value
Mysqlx_ssl_cipher	DHE-RSA-AES256-SHA
0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
RUN SELECT CONNECTION_TYPE from performance_schema.threads where processlist_command='Query'
CONNECTION_TYPE
SSL/TLS
0 rows affected
RUN SELECT USER()
USER()
user6_mysqlx@localhost
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_version'
Variable_name	Value
Mysqlx_ssl_version	TLSv1
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_accepts'
Variable_name	Value
Mysqlx_ssl_accepts	11
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_finished_accepts'
Variable_name	Value
Mysqlx_ssl_finished_accepts	11
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_cipher'
Variable_name	Value
Mysqlx_ssl_cipher	DHE-RSA-AES256-SHA
0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
Application terminated with expected error: Current account requires TLS to be activate. (code 1045)
not ok
Application terminated with expected error: Current account requires TLS to be activate. (code 1045)
not ok
Application terminated with expected error: Current user cipher isn't allowed. (code 1045)
not ok
RUN SELECT CONNECTION_TYPE from performance_schema.threads where processlist_command='Query'
CONNECTION_TYPE
SSL/TLS
0 rows affected
RUN SELECT USER()
USER()
user7_mysqlx@localhost
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_version'
Variable_name	Value
Mysqlx_ssl_version	TLSv1
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_accepts'
Variable_name	Value
Mysqlx_ssl_accepts	14
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_finished_accepts'
Variable_name	Value
Mysqlx_ssl_finished_accepts	14
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_cipher'
Variable_name	Value
Mysqlx_ssl_cipher	AES256-SHA
0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
Cert needed
Application terminated with expected error: Current account requires TLS to be activate. (code 1045)
not ok
SHOW GLOBAL STATUS WHERE `Variable_name` RLIKE '^Mysqlx_ssl_(cipher_list|ctx_verify_(depth|mode)|server_not_(after|before)|verify_(depth|mode))$';
Variable_name	Value
Mysqlx_ssl_cipher_list	
Mysqlx_ssl_ctx_verify_depth	-1
Mysqlx_ssl_ctx_verify_mode	5
Mysqlx_ssl_server_not_after	Dec  1 04:48:40 2029 GMT
Mysqlx_ssl_server_not_before	Dec  5 04:48:40 2014 GMT
Mysqlx_ssl_verify_depth	
Mysqlx_ssl_verify_mode	
RUN SHOW STATUS WHERE `Variable_name` RLIKE '^Mysqlx_ssl_(cipher_list|ctx_verify_(depth|mode)|server_not_(after|before)|verify_(depth|mode))$'
Variable_name	Value
Mysqlx_ssl_cipher_list	DHE-RSA-AES256-SHA:AES256-SHA
Mysqlx_ssl_ctx_verify_depth	-1
Mysqlx_ssl_ctx_verify_mode	5
Mysqlx_ssl_server_not_after	Dec  1 04:48:40 2029 GMT
Mysqlx_ssl_server_not_before	Dec  5 04:48:40 2014 GMT
Mysqlx_ssl_verify_depth	-1
Mysqlx_ssl_verify_mode	5
0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
call mtr.add_suppression("Plugin mysqlx reported: '.+: Unsuccessful login attempt: Secure transport required. To log in you must use TCP.SSL or UNIX socket connection.");
SET GLOBAL require_secure_transport:=1;
Application terminated with expected error: Secure transport required. To log in you must use TCP+SSL or UNIX socket connection. (code 1045)
not ok
RUN SELECT CONNECTION_TYPE from performance_schema.threads where processlist_command='Query'
CONNECTION_TYPE
SSL/TLS
0 rows affected
RUN SELECT USER()
USER()
root@localhost
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_version'
Variable_name	Value
Mysqlx_ssl_version	TLSv1
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_accepts'
Variable_name	Value
Mysqlx_ssl_accepts	17
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_finished_accepts'
Variable_name	Value
Mysqlx_ssl_finished_accepts	17
0 rows affected
RUN SHOW STATUS LIKE 'Mysqlx_ssl_cipher'
Variable_name	Value
Mysqlx_ssl_cipher	DHE-RSA-AES256-SHA
0 rows affected
Mysqlx.Ok {
  msg: "bye!"
}
ok
SET GLOBAL require_secure_transport:=0;
UNINSTALL PLUGIN mysqlx;
SHOW STATUS LIKE 'mysqlx%';
Variable_name	Value
DROP USER user1_mysqlx@localhost, user2_mysqlx@localhost, user3_mysqlx@localhost,
user4_mysqlx@localhost, user5_mysqlx@localhost, user6_mysqlx@localhost,
user7_mysqlx@localhost;

Man Man