from aiomysql import create_pool import pytest @pytest.mark.run_loop async def test_tls_connect(mysql_server, loop): async with create_pool(**mysql_server['conn_params'], loop=loop) as pool: async with pool.get() as conn: async with conn.cursor() as cur: # Run simple command await cur.execute("SHOW DATABASES;") value = await cur.fetchall() values = [item[0] for item in value] # Spot check the answers, we should at least have mysql # and information_schema assert 'mysql' in values, \ 'Could not find the "mysql" table' assert 'information_schema' in values, \ 'Could not find the "mysql" table' # Check TLS variables await cur.execute("SHOW STATUS LIKE 'Ssl_version%';") value = await cur.fetchone() # The context has TLS assert value[1].startswith('TLS'), \ 'Not connected to the database with TLS' # MySQL will get you to renegotiate if sent a cleartext password @pytest.mark.run_loop async def test_auth_plugin_renegotiation(mysql_server, loop): async with create_pool(**mysql_server['conn_params'], auth_plugin='mysql_clear_password', loop=loop) as pool: async with pool.get() as conn: async with conn.cursor() as cur: # Run simple command await cur.execute("SHOW DATABASES;") value = await cur.fetchall() assert len(value), 'No databases found' # Check we tried to use the cleartext plugin assert conn._client_auth_plugin == 'mysql_clear_password', \ 'Client did not try clear password auth' # Check the server asked us to use MySQL's default plugin assert conn._server_auth_plugin in ( 'mysql_native_password', 'caching_sha2_password'), \ 'Server did not ask for native auth' # Check we actually used the servers default plugin assert conn._auth_plugin_used in ( 'mysql_native_password', 'caching_sha2_password'), \ 'Client did not renegotiate with server\'s default auth'