diff options
| author | unknown <msvensson@pilot.blaudden> | 2007-03-29 11:38:48 +0200 |
|---|---|---|
| committer | unknown <msvensson@pilot.blaudden> | 2007-03-29 11:38:48 +0200 |
| commit | 8cdaf6ef1c783e466769c4e3a7ac258cb3b23e4a (patch) | |
| tree | 4b3bc285f56cfa295ed268ca03ffff1150edc101 | |
| parent | 4000a6a6fbc73847d9a4ec8ed7cba73cacee26fe (diff) | |
| parent | 40df5f68b53b67514cf45c4b7d241b8f31d5f368 (diff) | |
| download | mariadb-git-8cdaf6ef1c783e466769c4e3a7ac258cb3b23e4a.tar.gz | |
Merge pilot.blaudden:/home/msvensson/mysql/bug25309/my50-bug25309
into pilot.blaudden:/home/msvensson/mysql/bug25309/my51-bug25309
vio/viosslfactories.c:
Auto merged
| -rw-r--r-- | mysql-test/r/openssl_1.result | 2 | ||||
| -rw-r--r-- | mysql-test/t/openssl_1.test | 9 | ||||
| -rw-r--r-- | vio/viosslfactories.c | 8 |
3 files changed, 18 insertions, 1 deletions
diff --git a/mysql-test/r/openssl_1.result b/mysql-test/r/openssl_1.result index 34d8e3ab768..92900ac1a83 100644 --- a/mysql-test/r/openssl_1.result +++ b/mysql-test/r/openssl_1.result @@ -51,3 +51,5 @@ SSL error: Unable to get private key from '' mysqltest: Could not open connection 'default': 2026 SSL connection error SSL error: Unable to get certificate from '' mysqltest: Could not open connection 'default': 2026 SSL connection error +Variable_name Value +Ssl_cipher DHE-RSA-AES256-SHA diff --git a/mysql-test/t/openssl_1.test b/mysql-test/t/openssl_1.test index 3d614514de3..2eb3251c862 100644 --- a/mysql-test/t/openssl_1.test +++ b/mysql-test/t/openssl_1.test @@ -95,4 +95,11 @@ drop table t1; --error 1 --exec $MYSQL_TEST --ssl-cert= --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 - +# +# Bug#25309 SSL connections without CA certificate broken since MySQL 5.0.23 +# +# Test that we can open encrypted connection to server without +# verification of servers certificate by setting both ca certificate +# and ca path to NULL +# +--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1 diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c index 9b407d08b3b..5d7d722f0c9 100644 --- a/vio/viosslfactories.c +++ b/vio/viosslfactories.c @@ -301,6 +301,14 @@ new_VioSSLConnectorFd(const char *key_file, const char *cert_file, { struct st_VioSSLFd *ssl_fd; int verify= SSL_VERIFY_PEER; + + /* + Turn off verification of servers certificate if both + ca_file and ca_path is set to NULL + */ + if (ca_file == 0 && ca_path == 0) + verify= SSL_VERIFY_NONE; + if (!(ssl_fd= new_VioSSLFd(key_file, cert_file, ca_file, ca_path, cipher, TLSv1_client_method()))) { |