# This test should work in embedded server after we fix mysqltest -- source include/not_embedded.inc -- source include/have_ssl_communication.inc -- source include/have_openssl.inc let $crllen=`select length(trim(coalesce(@@ssl_crl, ''))) + length(trim(coalesce(@@ssl_crlpath, '')))`; if (!$crllen) { skip Needs OpenSSL; } --echo # test --crl for the client : should connect --replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR --exec $MYSQL --ssl-mode=VERIFY_CA --ssl-ca=$MYSQL_TEST_DIR/std_data/crl-ca-cert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/crl-client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/crl-client-cert.pem test --ssl-crl=$MYSQL_TEST_DIR/std_data/crl-client-revoked.crl -e "SHOW VARIABLES like '%ssl%';" --echo # test --crlpath for the client : should connect --replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR --exec $MYSQL --ssl-mode=VERIFY_CA --ssl-ca=$MYSQL_TEST_DIR/std_data/crl-ca-cert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/crl-client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/crl-client-cert.pem --ssl-crlpath=$MYSQL_TEST_DIR/std_data/crldir test -e "SHOW VARIABLES like '%ssl%';" --echo # try logging in with a certificate in the server's --ssl-crlpath : should fail --replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR --error 1 --exec $MYSQL --ssl-mode=VERIFY_CA --ssl-ca=$MYSQL_TEST_DIR/std_data/crl-ca-cert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/crl-client-revoked-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/crl-client-revoked-cert.pem test -e "SHOW VARIABLES like '%ssl%';"