diff options
author | Razvan Becheriu <razvan@isc.org> | 2022-02-08 16:57:13 +0100 |
---|---|---|
committer | Razvan Becheriu <razvan@isc.org> | 2022-02-09 13:08:12 +0100 |
commit | a877676a6325dfa4cab34a3d2b3c91aff3cb73b4 (patch) | |
tree | dc68fddde735a281d9d7e83434de6d7d48083cab /src/lib/mysql | |
parent | [#2250] format else statement (diff) | |
download | kea-a877676a6325dfa4cab34a3d2b3c91aff3cb73b4.tar.xz kea-a877676a6325dfa4cab34a3d2b3c91aff3cb73b4.zip |
[#2294] also check server global variables ssl_ca, ssl_cert and ssl_key
Diffstat (limited to 'src/lib/mysql')
-rw-r--r-- | src/lib/mysql/testutils/mysql_schema.cc | 41 | ||||
-rw-r--r-- | src/lib/mysql/testutils/mysql_schema.h | 9 |
2 files changed, 41 insertions, 9 deletions
diff --git a/src/lib/mysql/testutils/mysql_schema.cc b/src/lib/mysql/testutils/mysql_schema.cc index 6ff194e8d8..0a7677b5dd 100644 --- a/src/lib/mysql/testutils/mysql_schema.cc +++ b/src/lib/mysql/testutils/mysql_schema.cc @@ -93,14 +93,16 @@ string getMySQLTlsEnv() { return (val ? string(val) : ""); } -string getMySQLTlsServer() { - DatabaseConnection::ParameterMap parameters = - DatabaseConnection::parse(validMySQLConnectionString()); - MySqlConnection conn(parameters); +string getMySQLTlsServerVariable(string variable) { MYSQL_RES* result(0); try { + DatabaseConnection::ParameterMap parameters = + DatabaseConnection::parse(validMySQLConnectionString()); + MySqlConnection conn(parameters); conn.openDatabase(); - string sql("SHOW GLOBAL VARIABLES LIKE 'have_ssl'"); + string sql("SHOW GLOBAL VARIABLES LIKE '"); + sql += variable; + sql += "'"; if (mysql_query(conn.mysql_, sql.c_str())) { isc_throw(DbOperationError, sql << ": " << mysql_error(conn.mysql_)); @@ -117,14 +119,12 @@ string getMySQLTlsServer() { } // first column is 'have_ssl', second is the status. string name(row[0]); - if (name != "have_ssl") { + if (name != variable) { isc_throw(DbOperationError, sql << " returned a wrong name '" << name - << "', expected 'have_ssl'"); + << "', expected " << variable); } string value(row[1]); - const string env("KEA_MYSQL_HAVE_SSL"); - static_cast<void>(setenv(env.c_str(), value.c_str(), 1)); mysql_free_result(result); return (value); } catch (...) { @@ -135,6 +135,29 @@ string getMySQLTlsServer() { } } +bool isMySQLTlsConfigured() { + if (getMySQLTlsServerVariable("ssl_ca").find("kea-ca.crt") == string::npos) { + return (false); + } + if (getMySQLTlsServerVariable("ssl_cert").find("kea-server.crt") == string::npos) { + return (false); + } + if (getMySQLTlsServerVariable("ssl_key").find("kea-server.key") == string::npos) { + return (false); + } + return (true); +} + +string getMySQLTlsServer() { + string value = getMySQLTlsServerVariable("have_ssl"); + if (value == "YES" && !isMySQLTlsConfigured()) { + value = "UNCONFIGURED"; + } + const string env("KEA_MYSQL_HAVE_SSL"); + static_cast<void>(setenv(env.c_str(), value.c_str(), 1)); + return (value); +} + } // namespace test } // namespace db } // namespace isc diff --git a/src/lib/mysql/testutils/mysql_schema.h b/src/lib/mysql/testutils/mysql_schema.h index 43aa1ad7cd..a3df21fe38 100644 --- a/src/lib/mysql/testutils/mysql_schema.h +++ b/src/lib/mysql/testutils/mysql_schema.h @@ -107,6 +107,15 @@ std::string getMySQLTlsEnv(); /// @note the returned value is set in the environment std::string getMySQLTlsServer(); +/// @brief Return true if the server has been configured with proper SSL/TLS +/// credentials, false otherwise +bool isMySQLTlsConfigured(); + +/// @brief Get the server global variable value +/// +/// @param variable The server global variable name +std::string getMySQLTlsServerVariable(std::string variable); + } } } |