-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MDEV-33863: New mysqladmin command tls-info #3247
base: 11.4
Are you sure you want to change the base?
Conversation
Since TLSv1.0 is no longer supported in C/C 3.4, TLS1.0 tests which were expected to fail are removed.
Added new command tls-info which provides the following information: Cipher suite in use TLS protocol version Peer certificate information: - Version - Subject - Issuer - Valid not before/after - SHA256 finger print
Since TLSv1.0 is no longer supported in C/C 3.4, TLS1.0 tests which were expected to fail are removed.
Added new command tls-info which provides the following information: Cipher suite in use TLS protocol version Peer certificate information: - Version - Subject - Issuer - Valid not before/after - SHA256 finger print
…o bb-11.4-georg
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cosmetic changes but otherwise ok.
So as a new feature this will go into testing for the 11.6 release.
new_line=1; | ||
char *version; | ||
|
||
printf("Cipher suite:\t%s\n", mysql_get_ssl_cipher(mysql)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is calling the same pure function a second time, but I guess its ok since the C/C function is so shallow.
info->not_after.tm_hour, info->not_after.tm_min); | ||
printf("SHA256 fingerprint: %s\n", info->fingerprint); | ||
} else { | ||
my_printf_error(0, "Unable to retrieve peer certificate", 0); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
indenting error. And style would say {
on the next line.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just for verbosity the CODING STANDARDS link in the PR template provides the coding style guideline and coding standards in general.
my_printf_error(0, "Unable to retrieve peer certificate", 0); | ||
return 1; | ||
} | ||
} else { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same here.
@@ -1 +1 @@ | |||
--tls_version=TLSv1.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice 😄
Description
Added a new command tls-info for mysqladmin client tool, which provides information for the TLS connection in use.
Release Notes
mysqladmin: Added a new command
tls-info
which returns the following information:How can this PR be tested?
There is no test for, since the output depends on the certificate used by peer.
Feature can be tested by executing mysqladmin with command tls-info.
Basing the PR against the correct MariaDB version
PR quality check