summaryrefslogtreecommitdiffstats
path: root/src/lib/mysql
diff options
context:
space:
mode:
authorRazvan Becheriu <razvan@isc.org>2022-02-08 16:57:13 +0100
committerRazvan Becheriu <razvan@isc.org>2022-02-09 13:08:12 +0100
commita877676a6325dfa4cab34a3d2b3c91aff3cb73b4 (patch)
treedc68fddde735a281d9d7e83434de6d7d48083cab /src/lib/mysql
parent[#2250] format else statement (diff)
downloadkea-a877676a6325dfa4cab34a3d2b3c91aff3cb73b4.tar.xz
kea-a877676a6325dfa4cab34a3d2b3c91aff3cb73b4.zip
[#2294] also check server global variables ssl_ca, ssl_cert and ssl_key
Diffstat (limited to 'src/lib/mysql')
-rw-r--r--src/lib/mysql/testutils/mysql_schema.cc41
-rw-r--r--src/lib/mysql/testutils/mysql_schema.h9
2 files changed, 41 insertions, 9 deletions
diff --git a/src/lib/mysql/testutils/mysql_schema.cc b/src/lib/mysql/testutils/mysql_schema.cc
index 6ff194e8d8..0a7677b5dd 100644
--- a/src/lib/mysql/testutils/mysql_schema.cc
+++ b/src/lib/mysql/testutils/mysql_schema.cc
@@ -93,14 +93,16 @@ string getMySQLTlsEnv() {
return (val ? string(val) : "");
}
-string getMySQLTlsServer() {
- DatabaseConnection::ParameterMap parameters =
- DatabaseConnection::parse(validMySQLConnectionString());
- MySqlConnection conn(parameters);
+string getMySQLTlsServerVariable(string variable) {
MYSQL_RES* result(0);
try {
+ DatabaseConnection::ParameterMap parameters =
+ DatabaseConnection::parse(validMySQLConnectionString());
+ MySqlConnection conn(parameters);
conn.openDatabase();
- string sql("SHOW GLOBAL VARIABLES LIKE 'have_ssl'");
+ string sql("SHOW GLOBAL VARIABLES LIKE '");
+ sql += variable;
+ sql += "'";
if (mysql_query(conn.mysql_, sql.c_str())) {
isc_throw(DbOperationError,
sql << ": " << mysql_error(conn.mysql_));
@@ -117,14 +119,12 @@ string getMySQLTlsServer() {
}
// first column is 'have_ssl', second is the status.
string name(row[0]);
- if (name != "have_ssl") {
+ if (name != variable) {
isc_throw(DbOperationError,
sql << " returned a wrong name '" << name
- << "', expected 'have_ssl'");
+ << "', expected " << variable);
}
string value(row[1]);
- const string env("KEA_MYSQL_HAVE_SSL");
- static_cast<void>(setenv(env.c_str(), value.c_str(), 1));
mysql_free_result(result);
return (value);
} catch (...) {
@@ -135,6 +135,29 @@ string getMySQLTlsServer() {
}
}
+bool isMySQLTlsConfigured() {
+ if (getMySQLTlsServerVariable("ssl_ca").find("kea-ca.crt") == string::npos) {
+ return (false);
+ }
+ if (getMySQLTlsServerVariable("ssl_cert").find("kea-server.crt") == string::npos) {
+ return (false);
+ }
+ if (getMySQLTlsServerVariable("ssl_key").find("kea-server.key") == string::npos) {
+ return (false);
+ }
+ return (true);
+}
+
+string getMySQLTlsServer() {
+ string value = getMySQLTlsServerVariable("have_ssl");
+ if (value == "YES" && !isMySQLTlsConfigured()) {
+ value = "UNCONFIGURED";
+ }
+ const string env("KEA_MYSQL_HAVE_SSL");
+ static_cast<void>(setenv(env.c_str(), value.c_str(), 1));
+ return (value);
+}
+
} // namespace test
} // namespace db
} // namespace isc
diff --git a/src/lib/mysql/testutils/mysql_schema.h b/src/lib/mysql/testutils/mysql_schema.h
index 43aa1ad7cd..a3df21fe38 100644
--- a/src/lib/mysql/testutils/mysql_schema.h
+++ b/src/lib/mysql/testutils/mysql_schema.h
@@ -107,6 +107,15 @@ std::string getMySQLTlsEnv();
/// @note the returned value is set in the environment
std::string getMySQLTlsServer();
+/// @brief Return true if the server has been configured with proper SSL/TLS
+/// credentials, false otherwise
+bool isMySQLTlsConfigured();
+
+/// @brief Get the server global variable value
+///
+/// @param variable The server global variable name
+std::string getMySQLTlsServerVariable(std::string variable);
+
}
}
}