Some test items assume the default SSL cipher is DHE-RSA-AES256-SHA,

which is no longer the case as of openssl 1.0.1.

This patch enhances connect command by an option to specify a cipher

and tests are adjusted to specify the expected cipher explicitly.

Upstream bug report: http://bugs.mysql.com/bug.php?id=64461

diff --git a/client/mysqltest.cc b/client/mysqltest.cc

index 2def9bd..128dc00 100644

--- a/client/mysqltest.cc

+++ b/client/mysqltest.cc

@@ -5503,6 +5503,7 @@ void do_connect(struct st_command *command)

   my_bool con_pipe= 0, con_shm= 0, con_cleartext_enable= 0;

   my_bool con_secure_auth= 1;

   struct st_connection* con_slot;

+  char *con_cipher=NULL;

   static DYNAMIC_STRING ds_connection_name;

   static DYNAMIC_STRING ds_host;

@@ -5595,6 +5596,8 @@ void do_connect(struct st_command *command)

       con_cleartext_enable= 1;

     else if (!strncmp(con_options, "SKIPSECUREAUTH",14))

       con_secure_auth= 0;

+    else if (!strncmp(con_options, "CIPHER:", 7))

+      con_cipher = con_options + 7;

     else

       die("Illegal option to connect: %.*s", 

           (int) (end - con_options), con_options);

@@ -5642,8 +5645,11 @@ void do_connect(struct st_command *command)

   if (con_ssl)

   {

 #if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)

+    /* default cipher */

+    if (con_cipher == NULL && opt_ssl_cipher != NULL)

+      con_cipher = opt_ssl_cipher;

     mysql_ssl_set(&con_slot->mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,

-		  opt_ssl_capath, opt_ssl_cipher);

+		  opt_ssl_capath, con_cipher);

     mysql_options(&con_slot->mysql, MYSQL_OPT_SSL_CRL, opt_ssl_crl);

     mysql_options(&con_slot->mysql, MYSQL_OPT_SSL_CRLPATH, opt_ssl_crlpath);

 #if MYSQL_VERSION_ID >= 50000

diff --git a/mysql-test/r/openssl_1.result b/mysql-test/r/openssl_1.result

index a767a71..3c1ee27 100644

--- a/mysql-test/r/openssl_1.result

+++ b/mysql-test/r/openssl_1.result

@@ -197,8 +197,6 @@ Variable_name	Value

 Ssl_cipher	EDH-RSA-DES-CBC3-SHA

 Variable_name	Value

 Ssl_cipher	AES256-SHA

-Variable_name	Value

-Ssl_cipher	RC4-SHA

 select 'is still running; no cipher request crashed the server' as result from dual;

 result

 is still running; no cipher request crashed the server

diff --git a/mysql-test/t/openssl_1.test b/mysql-test/t/openssl_1.test

index 426de1e..f8c6203 100644

--- a/mysql-test/t/openssl_1.test

+++ b/mysql-test/t/openssl_1.test

@@ -20,13 +20,13 @@ grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA

 grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";

 flush privileges;

-connect (con1,localhost,ssl_user1,,,,,SSL);

-connect (con2,localhost,ssl_user2,,,,,SSL);

-connect (con3,localhost,ssl_user3,,,,,SSL);

-connect (con4,localhost,ssl_user4,,,,,SSL);

+connect (con1,localhost,ssl_user1,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);

+connect (con2,localhost,ssl_user2,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);

+connect (con3,localhost,ssl_user3,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);

+connect (con4,localhost,ssl_user4,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);

 --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT

 --error ER_ACCESS_DENIED_ERROR

-connect (con5,localhost,ssl_user5,,,,,SSL);

+connect (con5,localhost,ssl_user5,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);

 connection con1;

 # Check ssl turned on

@@ -125,7 +125,7 @@ drop table t1;

 # verification of servers certificate by setting both ca certificate

 # and ca path to NULL

 #

---exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1

+--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem --ssl-cipher=DHE-RSA-AES256-SHA -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1

 --echo End of 5.0 tests

 #

@@ -215,7 +215,6 @@ DROP TABLE t1;

 --exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=DHE-RSA-AES256-SHA

 --exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC3-SHA

 --exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES256-SHA

---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=RC4-SHA

 --disable_query_log

 --disable_result_log

@@ -250,7 +249,7 @@ select 'is still running; no cipher request crashed the server' as result from d

 GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509;

 FLUSH PRIVILEGES;

-connect(con1,localhost,bug42158,,,,,SSL);

+connect(con1,localhost,bug42158,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);

 SHOW STATUS LIKE 'Ssl_cipher';

 disconnect con1;

 connection default;

diff --git a/mysql-test/t/plugin_auth_sha256_tls.test b/mysql-test/t/plugin_auth_sha256_tls.test

index f99df8a..1b38fda 100644

--- a/mysql-test/t/plugin_auth_sha256_tls.test

+++ b/mysql-test/t/plugin_auth_sha256_tls.test

@@ -1,7 +1,7 @@

 --source include/not_embedded.inc

 --source include/have_ssl.inc

-connect (ssl_con,localhost,root,,,,,SSL);

+connect (ssl_con,localhost,root,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);

 SHOW STATUS LIKE 'Ssl_cipher';

 CREATE USER 'kristofer' IDENTIFIED WITH 'sha256_password';

diff --git a/mysql-test/t/ssl.test b/mysql-test/t/ssl.test

index ea8be39..c61ca8b 100644

--- a/mysql-test/t/ssl.test

+++ b/mysql-test/t/ssl.test

@@ -8,7 +8,7 @@

 # Save the initial number of concurrent sessions

 --source include/count_sessions.inc

-connect (ssl_con,localhost,root,,,,,SSL);

+connect (ssl_con,localhost,root,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);

 # Check ssl turned on

 SHOW STATUS LIKE 'Ssl_cipher';

diff --git a/mysql-test/t/ssl_8k_key.test b/mysql-test/t/ssl_8k_key.test

index d94c2fc..c27ca58 100644

--- a/mysql-test/t/ssl_8k_key.test

+++ b/mysql-test/t/ssl_8k_key.test

@@ -4,7 +4,7 @@

 #

 # Bug#29784 YaSSL assertion failure when reading 8k key.

 #

---exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1

+--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem --ssl-cipher=DHE-RSA-AES256-SHA -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1

 ##  This test file is for testing encrypted communication only, not other

 ##  encryption routines that the SSL library happens to provide!

diff --git a/mysql-test/t/ssl_compress.test b/mysql-test/t/ssl_compress.test

index 2cb4c0d..feaa0e7 100644

--- a/mysql-test/t/ssl_compress.test

+++ b/mysql-test/t/ssl_compress.test

@@ -9,7 +9,7 @@

 # Save the initial number of concurrent sessions

 --source include/count_sessions.inc

-connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS);

+connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS CIPHER:DHE-RSA-AES256-SHA);

 # Check ssl turned on

 SHOW STATUS LIKE 'Ssl_cipher';