Merge 10.3 into 10.4

author: Marko Mäkelä <marko.makela@mariadb.com> 2021-03-19 11:42:44 +0200
committer: Marko Mäkelä <marko.makela@mariadb.com> 2021-03-19 11:42:44 +0200
commit: 44d70c01f0aef419bc1325f0cba6a46085042646 (patch)
tree: d12df15e2f47fbc884591bfec0e14fcb613fd7d3 /vio/viossl.c
parent: 126725421e56293d7c8b816e066271606b59dcd5 (diff)
parent: 867724fd304caf714d3cd2aa825f2c8b3b724017 (diff)
download: mariadb-git-44d70c01f0aef419bc1325f0cba6a46085042646.tar.gz
1 files changed, 15 insertions, 0 deletions
diff --git a/vio/viossl.c b/vio/viossl.c
index a5b3396953e..91529ad31f7 100644
--- a/vio/viossl.c
+++ b/vio/viossl.c
@@ -97,6 +97,21 @@ static my_bool ssl_should_retry(Vio *vio, int ret, enum enum_vio_io_event *event
   SSL *ssl= vio->ssl_arg;
   my_bool should_retry= TRUE;
 
+#if defined(ERR_LIB_X509) && defined(X509_R_CERT_ALREADY_IN_HASH_TABLE)
+  /*
+    Ignore error X509_R_CERT_ALREADY_IN_HASH_TABLE.
+    This is a workaround for an OpenSSL bug in an older (< 1.1.1)
+    OpenSSL version.
+  */
+  unsigned long err = ERR_peek_error();
+  if (ERR_GET_LIB(err) == ERR_LIB_X509 &&
+      ERR_GET_REASON(err) == X509_R_CERT_ALREADY_IN_HASH_TABLE)
+  {
+    ERR_clear_error();
+    return TRUE;
+  }
+#endif
+
   /* Retrieve the result for the SSL I/O operation. */
   ssl_error= SSL_get_error(ssl, ret);
author	Marko Mäkelä <marko.makela@mariadb.com>	2021-03-19 11:42:44 +0200
committer	Marko Mäkelä <marko.makela@mariadb.com>	2021-03-19 11:42:44 +0200
commit	44d70c01f0aef419bc1325f0cba6a46085042646 (patch)
tree	d12df15e2f47fbc884591bfec0e14fcb613fd7d3 /vio/viossl.c
parent	126725421e56293d7c8b816e066271606b59dcd5 (diff)
parent	867724fd304caf714d3cd2aa825f2c8b3b724017 (diff)
download	mariadb-git-44d70c01f0aef419bc1325f0cba6a46085042646.tar.gz