73 lines
1.6 KiB
Plaintext
73 lines
1.6 KiB
Plaintext
--source include/have_fips.inc
|
|
|
|
--echo # Few positive cases
|
|
SET GLOBAL ssl_fips_mode=0;
|
|
SELECT @@GLOBAL.ssl_fips_mode;
|
|
|
|
SET GLOBAL ssl_fips_mode=1;
|
|
SELECT @@GLOBAL.ssl_fips_mode;
|
|
|
|
SET GLOBAL ssl_fips_mode=2;
|
|
SELECT @@GLOBAL.ssl_fips_mode;
|
|
|
|
SET GLOBAL ssl_fips_mode=off;
|
|
SELECT @@GLOBAL.ssl_fips_mode;
|
|
|
|
SET GLOBAL ssl_fips_mode=on;
|
|
SELECT @@GLOBAL.ssl_fips_mode;
|
|
|
|
SET GLOBAL ssl_fips_mode=strict;
|
|
SELECT @@GLOBAL.ssl_fips_mode;
|
|
|
|
SET GLOBAL ssl_fips_mode='oFf';
|
|
SELECT @@GLOBAL.ssl_fips_mode;
|
|
|
|
SET GLOBAL ssl_fips_mode='oN';
|
|
SELECT @@GLOBAL.ssl_fips_mode;
|
|
|
|
SET GLOBAL ssl_fips_mode='Strict';
|
|
SELECT @@GLOBAL.ssl_fips_mode;
|
|
|
|
--echo # Few negative cases
|
|
--Error ER_WRONG_VALUE_FOR_VAR
|
|
SET GLOBAL ssl_fips_mode='';
|
|
|
|
--Error ER_WRONG_VALUE_FOR_VAR
|
|
SET GLOBAL ssl_fips_mode=3;
|
|
|
|
--Error ER_WRONG_VALUE_FOR_VAR
|
|
SET GLOBAL ssl_fips_mode=-1;
|
|
|
|
--Error ER_GLOBAL_VARIABLE
|
|
SET SESSION ssl_fips_mode=1;
|
|
|
|
CREATE USER u1 IDENTIFIED BY 'pwd';
|
|
|
|
--echo ##Test: User without admin/super privilege
|
|
connect(con1,localhost,u1,pwd,test,,,);
|
|
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
|
|
SET GLOBAL ssl_fips_mode=ON;
|
|
|
|
connection default;
|
|
|
|
--echo ##Test: User with admin privilege
|
|
GRANT SYSTEM_VARIABLES_ADMIN ON *.* TO u1;
|
|
disconnect con1;
|
|
connect(con1,localhost,u1,pwd,test,,,);
|
|
SET GLOBAL ssl_fips_mode=ON;
|
|
connection default;
|
|
REVOKE SYSTEM_VARIABLES_ADMIN ON *.* FROM u1;
|
|
|
|
--echo ##Test: User with SUPER privilege
|
|
GRANT SUPER ON *.* TO u1;
|
|
disconnect con1;
|
|
connect(con1,localhost,u1,pwd,test,,,);
|
|
SET GLOBAL ssl_fips_mode=ON;
|
|
|
|
--echo CLEANUP
|
|
disconnect con1;
|
|
connection default;
|
|
SET GLOBAL ssl_fips_mode=OFF;
|
|
DROP USER u1;
|
|
|