diff options
| author | Sergei Golubchik <serg@mariadb.org> | 2015-06-27 20:35:26 +0200 |
|---|---|---|
| committer | Sergei Golubchik <serg@mariadb.org> | 2015-06-27 20:35:26 +0200 |
| commit | 658992699b204da04382142e77af042c8a33a334 (patch) | |
| tree | 464bc87eae9ffb0fd1a7ba6fa11148b50a295d6b /sql-common | |
| parent | fe7e334f3e238368e18fc2ccb98b3357ecb1e03e (diff) | |
| parent | a6087e7dc1ef3561d8189c8db15e9591d0f9b520 (diff) | |
| download | mariadb-git-658992699b204da04382142e77af042c8a33a334.tar.gz | |
Merge tag 'mariadb-10.0.20' into 10.1
Diffstat (limited to 'sql-common')
| -rw-r--r-- | sql-common/client.c | 26 | ||||
| -rw-r--r-- | sql-common/my_time.c | 12 |
2 files changed, 21 insertions, 17 deletions
diff --git a/sql-common/client.c b/sql-common/client.c index 3816a4ea135..9f4225ec6ae 100644 --- a/sql-common/client.c +++ b/sql-common/client.c @@ -1848,6 +1848,7 @@ mysql_ssl_set(MYSQL *mysql __attribute__((unused)) , mysql_options(mysql, MYSQL_OPT_SSL_CAPATH, capath) | mysql_options(mysql, MYSQL_OPT_SSL_CIPHER, cipher) ? 1 : 0); + mysql->options.use_ssl= TRUE; #endif /* HAVE_OPENSSL && !EMBEDDED_LIBRARY */ DBUG_RETURN(result); } @@ -2652,16 +2653,10 @@ static int send_client_reply_packet(MCPVIO_EXT *mpvio, mysql->client_flag|= CLIENT_MULTI_RESULTS; #if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY) - if (mysql->options.ssl_key || mysql->options.ssl_cert || - mysql->options.ssl_ca || mysql->options.ssl_capath || - mysql->options.ssl_cipher || - (mysql->options.extension && - (mysql->options.extension->ssl_crl || - mysql->options.extension->ssl_crlpath))) - mysql->options.use_ssl= 1; if (mysql->options.use_ssl) mysql->client_flag|= CLIENT_SSL; #endif /* HAVE_OPENSSL && !EMBEDDED_LIBRARY*/ + if (mpvio->db) mysql->client_flag|= CLIENT_CONNECT_WITH_DB; @@ -2690,6 +2685,23 @@ static int send_client_reply_packet(MCPVIO_EXT *mpvio, end= buff+5; } #ifdef HAVE_OPENSSL + + /* + If client uses ssl and client also has to verify the server + certificate, a ssl connection is required. + If the server does not support ssl, we abort the connection. + */ + if (mysql->options.use_ssl && + (mysql->client_flag & CLIENT_SSL_VERIFY_SERVER_CERT) && + !(mysql->server_capabilities & CLIENT_SSL)) + { + set_mysql_extended_error(mysql, CR_SSL_CONNECTION_ERROR, unknown_sqlstate, + ER(CR_SSL_CONNECTION_ERROR), + "SSL is required, but the server does not " + "support it"); + goto error; + } + if (mysql->client_flag & CLIENT_SSL) { /* Do the SSL layering. */ diff --git a/sql-common/my_time.c b/sql-common/my_time.c index 6a011df795a..28757a2c96c 100644 --- a/sql-common/my_time.c +++ b/sql-common/my_time.c @@ -1314,16 +1314,8 @@ int number_to_time(my_bool neg, ulonglong nr, ulong sec_part, MYSQL_TIME *ltime, int *was_cut) { if (nr > 9999999 && nr < 99991231235959ULL && neg == 0) - { - if (number_to_datetime(nr, sec_part, ltime, - TIME_INVALID_DATES, was_cut) < 0) - return -1; - - ltime->year= ltime->month= ltime->day= 0; - ltime->time_type= MYSQL_TIMESTAMP_TIME; - *was_cut= MYSQL_TIME_NOTE_TRUNCATED; - return 0; - } + return number_to_datetime(nr, sec_part, ltime, + TIME_INVALID_DATES, was_cut) < 0 ? -1 : 0; *was_cut= 0; ltime->year= ltime->month= ltime->day= 0; |