Merge pull request #796 from sdann/mysql_standard_cipher

Catch MySQL (yaSSL) server bug when testing standard cipher categories
This commit is contained in:
Dirk Wetter 2017-09-15 14:02:26 +02:00 committed by GitHub
commit 90cd8cd3e2
1 changed files with 65 additions and 52 deletions

View File

@ -2317,6 +2317,17 @@ std_cipherlists() {
fi
fi
fi
if [[ $sclient_success -ne 0 ]] && $BAD_SERVER_HELLO_CIPHER; then
# If server failed with a known error, raise it to the user.
if [[ $STARTTLS_PROTOCOL == "mysql" ]]; then
pr_warning "SERVER_ERROR: test inconclusive due to MySQL Community Edition (yaSSL) bug."
fileout "std_$4" "WARN" "SERVER_ERROR: test inconclusive due to MySQL Community Edition (yaSSL) bug."
else
pr_warning "SERVER_ERROR: test inconclusive."
fileout "std_$4" "WARN" "SERVER_ERROR: test inconclusive."
fi
else
# Otherwise the error means the server doesn't support that cipher list.
case $3 in
2) if [[ $sclient_success -eq 0 ]]; then
# Strong is excellent to offer
@ -2352,6 +2363,7 @@ std_cipherlists() {
pr_svrty_high "offered (NOT ok)"
fileout "std_$4" "HIGH" "$2 offered - bad"
else
# need a check for -eq 1 here
pr_done_good "not offered (OK)"
fileout "std_$4" "OK" "$2 not offered"
fi
@ -2370,6 +2382,7 @@ std_cipherlists() {
fileout "std_$4" "WARN" "return condition $3 unclear"
;;
esac
fi
tmpfile_handle $FUNCNAME.$debugname.txt
[[ $DEBUG -ge 1 ]] && tm_out " -- $1"
outln