diff options
| author | unknown <tonu@x153.internalnet> | 2001-09-01 06:30:05 +0800 |
|---|---|---|
| committer | unknown <tonu@x153.internalnet> | 2001-09-01 06:30:05 +0800 |
| commit | bf10717a71af1f4b1ecb2e8145b2d75e45a8e74c (patch) | |
| tree | 189bf47e7765b6b38a61fa4e3d46e598c420cb94 | |
| parent | 3e899543d63fca2db4a1966bdfe616b02155f709 (diff) | |
| download | mariadb-git-bf10717a71af1f4b1ecb2e8145b2d75e45a8e74c.tar.gz | |
OpenSSL fixes
SSL/NOTES:
Comments added
| -rw-r--r-- | SSL/NOTES | 27 | ||||
| -rw-r--r-- | mysql-test/include/have_openssl.inc | 4 | ||||
| -rw-r--r-- | mysql-test/t/openssl_2.test | 3 | ||||
| -rw-r--r-- | sql/mysqld.cc | 6 |
4 files changed, 27 insertions, 13 deletions
diff --git a/SSL/NOTES b/SSL/NOTES index 7d7e68b8593..413c724c583 100644 --- a/SSL/NOTES +++ b/SSL/NOTES @@ -1,8 +1,24 @@ Quick notes: - +-------------------------------------------- +[tonu@x153 mysql-4.0]$ cat /etc/my.cnf +[mysqld] +ssl-ca=SSL/cacert.pem +ssl-cert=SSL/server-cert.pem +ssl-key=SSL/server-key.pem + +[mysql] +ssl-ca=SSL/cacert.pem +ssl-cert=SSL/client-cert.pem +ssl-key=SSL/client-key.pem + +[mysqldump] +ssl-ca=SSL/cacert.pem +ssl-cert=SSL/client-cert.pem +ssl-key=SSL/client-key.pem + +[tonu@x153 mysql-4.0]$ +-------------------------------------------- To remove passwords from keyfiles: - - [tonu@x153 SSL]$ openssl rsa -inform pem < server-req.pem > server-key.pem read RSA key Enter PEM pass phrase: @@ -12,12 +28,10 @@ writing RSA key To run server: sql/mysqld --ssl-ca=SSL/cacert.pem --ssl-cert=SSL/server-cert.pem --ssl-key=SSL/server-key.pem --skip-grant --debug='d:t:O,-' > /tmp/mysqld.trace - -------------------------------------------- To run client: client/mysql --ssl-ca=SSL/cacert.pem --ssl-cert=SSL/server-cert.pem --ssl-key=SSL/server-key.pem --debug='d:t:O,/tmp/client.trace' -h 127.0.0.1 - -------------------------------------------- openssl s_client -host 127.0.0.1 -port 1111 -debug -verify 1 -cert ../SSL/client-cert.pem -key ../SSL/client-key.pem -CAfile ../SSL/cacert.pem -pause -showcerts -state @@ -27,8 +41,9 @@ openssl s_server -port 1111 -cert ../SSL/server-cert.pem -key ../SSL/server-key. +-------------------------------------------- - +CA stuff: [tonu@x153 bin]$ pwd /usr/local/ssl/bin diff --git a/mysql-test/include/have_openssl.inc b/mysql-test/include/have_openssl.inc index f0eded81b59..b9aa2dadb9e 100644 --- a/mysql-test/include/have_openssl.inc +++ b/mysql-test/include/have_openssl.inc @@ -1,2 +1,2 @@ --- require r/have_ssl.require -show variables like "have_ssl"; +-- require r/have_openssl.require +show variables like "have_openssl"; diff --git a/mysql-test/t/openssl_2.test b/mysql-test/t/openssl_2.test index 2195d7302e2..3bdf619890f 100644 --- a/mysql-test/t/openssl_2.test +++ b/mysql-test/t/openssl_2.test @@ -1,6 +1,5 @@ --- source include/have_openssl.inc - # We want to test everything with SSL turned on. +-- source include/have_openssl.inc SHOW STATUS LIKE 'SSL%'; diff --git a/sql/mysqld.cc b/sql/mysqld.cc index df3d30adfce..3448fea55f8 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -202,9 +202,9 @@ SHOW_COMP_OPTION have_raid=SHOW_OPTION_YES; SHOW_COMP_OPTION have_raid=SHOW_OPTION_NO; #endif #ifdef HAVE_OPENSSL -SHOW_COMP_OPTION have_ssl=SHOW_OPTION_YES; +SHOW_COMP_OPTION have_openssl=SHOW_OPTION_YES; #else -SHOW_COMP_OPTION have_ssl=SHOW_OPTION_NO; +SHOW_COMP_OPTION have_openssl=SHOW_OPTION_NO; #endif SHOW_COMP_OPTION have_symlink=SHOW_OPTION_YES; @@ -2894,7 +2894,7 @@ struct show_var_st init_vars[]= { {"have_isam", (char*) &have_isam, SHOW_HAVE}, {"have_raid", (char*) &have_raid, SHOW_HAVE}, {"have_symlink", (char*) &have_symlink, SHOW_HAVE}, - {"have_ssl", (char*) &have_ssl, SHOW_HAVE}, + {"have_openssl", (char*) &have_openssl, SHOW_HAVE}, {"init_file", (char*) &opt_init_file, SHOW_CHAR_PTR}, #ifdef HAVE_INNOBASE_DB {"innodb_data_file_path", (char*) &innobase_data_file_path, SHOW_CHAR_PTR}, |