diff options
| author | unknown <cmiller@zippy.cornsilk.net> | 2006-08-25 11:54:33 -0400 |
|---|---|---|
| committer | unknown <cmiller@zippy.cornsilk.net> | 2006-08-25 11:54:33 -0400 |
| commit | 0c1ccbf014e9d58752a710067b0245b968ace45f (patch) | |
| tree | 15f553bfc1ea8f261a75f1af5aaadd93bfced0e9 /sql-common/client.c | |
| parent | 7dbd43b1a40664d3babdd0afba598fc857ee5984 (diff) | |
| download | mariadb-git-0c1ccbf014e9d58752a710067b0245b968ace45f.tar.gz | |
Bug#21543: 5.0.24 breaks ABI compatibility for python bindings: \
InterfaceError on connect
Removed the bool flag from the st_mysql_options struct, since it adds
another word in size to the memory size and shifts member memory locations
down, both of which break binary-interface compatibility.
Instead, use a flag, 2**30, in the client_options bit-field to represent
that the client should check the SSL certificate of the server.
include/mysql.h:
Do not change the struct size.
include/mysql_com.h:
Add a new bit-flag for client verifying server SSL certificate.
Emphasize that we're not stepping on anyone else's bit/toes.
sql-common/client.c:
Set and read the bit-field for client-side SSL-cert checking of the server.
Diffstat (limited to 'sql-common/client.c')
| -rw-r--r-- | sql-common/client.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/sql-common/client.c b/sql-common/client.c index 31e85475f08..a8e87ff4d2e 100644 --- a/sql-common/client.c +++ b/sql-common/client.c @@ -1502,7 +1502,6 @@ mysql_ssl_set(MYSQL *mysql __attribute__((unused)) , mysql->options.ssl_ca= strdup_if_not_null(ca); mysql->options.ssl_capath= strdup_if_not_null(capath); mysql->options.ssl_cipher= strdup_if_not_null(cipher); - mysql->options.ssl_verify_server_cert= FALSE; /* Off by default */ #endif /* HAVE_OPENSSL */ DBUG_RETURN(0); } @@ -2162,7 +2161,7 @@ CLI_MYSQL_REAL_CONNECT(MYSQL *mysql,const char *host, const char *user, DBUG_PRINT("info", ("IO layer change done!")); /* Verify server cert */ - if (mysql->options.ssl_verify_server_cert && + if ((client_flag & CLIENT_SSL_VERIFY_SERVER_CERT) && ssl_verify_server_cert(mysql->net.vio, mysql->host)) { set_mysql_error(mysql, CR_SSL_CONNECTION_ERROR, unknown_sqlstate); @@ -2909,7 +2908,10 @@ mysql_options(MYSQL *mysql,enum mysql_option option, const char *arg) mysql->reconnect= *(my_bool *) arg; break; case MYSQL_OPT_SSL_VERIFY_SERVER_CERT: - mysql->options.ssl_verify_server_cert= *(my_bool *) arg; + if (!arg || test(*(uint*) arg)) + mysql->options.client_flag|= CLIENT_SSL_VERIFY_SERVER_CERT; + else + mysql->options.client_flag&= ~CLIENT_SSL_VERIFY_SERVER_CERT; break; default: DBUG_RETURN(1); |