SSL compiles and works as far as can see. Continue testing..

Docs/manual.ja.texi: e-mail address fixed include/mysqld_error.h: Added 3 new errormessages related to SSL mysql-test/install_test_db.sh: SSL fix scripts/mysql_install_db.sh: mysql.user table changes to conform SSL ACL sql/lex.h: Fixed GRANT+SSL clause sql/share/czech/errmsg.txt: Added 3 new errormessages related to SSL sql/share/danish/errmsg.txt: Added 3 new errormessages related to SSL sql/share/dutch/errmsg.txt: Added 3 new errormessages related to SSL sql/share/english/errmsg.txt: Added 3 new errormessages related to SSL sql/share/estonian/errmsg.txt: Added 3 new errormessages related to SSL sql/share/french/errmsg.txt: Added 3 new errormessages related to SSL sql/share/german/errmsg.txt: Added 3 new errormessages related to SSL sql/share/greek/errmsg.txt: Added 3 new errormessages related to SSL sql/share/hungarian/errmsg.txt: Added 3 new errormessages related to SSL sql/share/italian/errmsg.txt: Added 3 new errormessages related to SSL sql/share/japanese/errmsg.txt: Added 3 new errormessages related to SSL sql/share/korean/errmsg.txt: Added 3 new errormessages related to SSL sql/share/norwegian-ny/errmsg.txt: Added 3 new errormessages related to SSL sql/share/norwegian/errmsg.txt: Added 3 new errormessages related to SSL sql/share/polish/errmsg.txt: Added 3 new errormessages related to SSL sql/share/portuguese/errmsg.txt: Added 3 new errormessages related to SSL sql/share/romanian/errmsg.txt: Added 3 new errormessages related to SSL sql/share/russian/errmsg.txt: Added 3 new errormessages related to SSL sql/share/slovak/errmsg.txt: Added 3 new errormessages related to SSL sql/share/spanish/errmsg.txt: Added 3 new errormessages related to SSL sql/share/swedish/errmsg.txt: Added 3 new errormessages related to SSL sql/share/ukrainian/errmsg.txt: Added 3 new errormessages related to SSL Docs/manual.texi: SSL fixes BUILD/compile-pentium-max: SSL was missing here acinclude.m4: typo fix alignment fix client/mysql.cc: SSL fixes client/mysqladmin.c: SSL fixes client/mysqlcheck.c: SSL fixes client/mysqldump.c: SSL fixes client/mysqlimport.c: SSL fixes client/mysqlshow.c: SSL fixes include/mysql.h: SSL fixes include/sslopt-case.h: SSL fixes include/sslopt-longopts.h: SSL fixes include/sslopt-usage.h: SSL fixes include/sslopt-vars.h: SSL fixes include/violite.h: SSL fixes cleanups libmysql/libmysql.c: SSL fixes libmysqld/lib_sql.cc: SSL fixes sql/mini_client.cc: SSL fixes sql/mysqld.cc: SSL fixes cleanup new variables to SHOW STATUS sql/sql_acl.cc: SSL fixes sql/sql_acl.h: SSL fixes sql/sql_lex.h: SSL fixes sql/sql_parse.cc: SSL fixes sql/sql_show.cc: New functions added sql/structs.h: New functions added vio/test-ssl.c: SSL fixes vio/test-sslclient.c: SSL fixes vio/test-sslserver.c: SSL fixes vio/viosocket.c: SSL fixes vio/viossl.c: SSL fixes cleanup vio/viosslfactories.c: SSL fixes sql/sql_yacc.yy: SSL fixes
author: unknown <tonu@volk.internalnet> 2001-09-30 10:46:20 +0800
committer: unknown <tonu@volk.internalnet> 2001-09-30 10:46:20 +0800
commit: d13f2dfdeb2b23c6abfb608885e8717878122a7b (patch)
tree: c8e33b443fde74ad722536829cd56fa9403617cd /vio/viosslfactories.c
parent: 5e0851e1b37debb59dbe184fcc3485470872ac64 (diff)
download: mariadb-git-d13f2dfdeb2b23c6abfb608885e8717878122a7b.tar.gz
1 files changed, 22 insertions, 23 deletions
diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
index 077807726fe..579f37f3dda 100644
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -168,15 +168,17 @@ vio_verify_callback(int ok, X509_STORE_CTX *ctx)
 struct st_VioSSLConnectorFd* new_VioSSLConnectorFd(const char* key_file,
 				     const char* cert_file,
 				     const char* ca_file,
-				     const char* ca_path)
+				     const char* ca_path,
+				     const char* cipher)
 {
   int	verify = SSL_VERIFY_PEER;
   struct st_VioSSLConnectorFd* ptr;
+  int result;
   DH *dh=NULL; 
   DBUG_ENTER("new_VioSSLConnectorFd");
   DBUG_PRINT("enter",
-	     ("key_file=%s, cert_file=%s, ca_path=%s, ca_file=%s",
-	      key_file, cert_file, ca_path, ca_file));
+	     ("key_file=%s, cert_file=%s, ca_path=%s, ca_file=%s, cipher=%s",
+	      key_file, cert_file, ca_path, ca_file, cipher));
   ptr=(struct st_VioSSLConnectorFd*)my_malloc(sizeof(struct st_VioSSLConnectorFd),MYF(0));
   ptr->ssl_context_=0;
   ptr->ssl_method_=0;
@@ -206,8 +208,12 @@ struct st_VioSSLConnectorFd* new_VioSSLConnectorFd(const char* key_file,
   /*
    * SSL_CTX_set_options
    * SSL_CTX_set_info_callback
-   * SSL_CTX_set_cipher_list
    */
+  if(cipher)
+  {
+    result=SSL_CTX_set_cipher_list(ptr->ssl_context_, cipher);
+    DBUG_PRINT("info",("SSL_set_cipher_list() returned %d",result));
+  }
   SSL_CTX_set_verify(ptr->ssl_context_, verify, vio_verify_callback);
   if (vio_set_cert_stuff(ptr->ssl_context_, cert_file, key_file) == -1)
   {
@@ -231,14 +237,6 @@ struct st_VioSSLConnectorFd* new_VioSSLConnectorFd(const char* key_file,
   SSL_CTX_set_tmp_dh(ptr->ssl_context_,dh);
   DH_free(dh);
 
-/*if (cipher != NULL)
-    if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
-    BIO_printf(bio_err,"error setting cipher list\n");
-    ERR_print_errors(bio_err);
-    goto end;
-  }
-*/
-  
   DBUG_RETURN(ptr);
 ctor_failure:
   DBUG_PRINT("exit", ("there was an error"));
@@ -253,18 +251,20 @@ struct st_VioSSLAcceptorFd*
 new_VioSSLAcceptorFd(const char*	key_file,
 				   const char*	cert_file,
 				   const char*	ca_file,
-				   const char*	ca_path)
+				   const char*	ca_path,
+				   const char* cipher)
 {
   int	verify = (SSL_VERIFY_PEER			|
 		  SSL_VERIFY_FAIL_IF_NO_PEER_CERT	|
 		  SSL_VERIFY_CLIENT_ONCE);
 
   struct st_VioSSLAcceptorFd* ptr;
+  int result;
   DH *dh=NULL; 
   DBUG_ENTER("new_VioSSLAcceptorFd");
   DBUG_PRINT("enter",
-	     ("key_file=%s, cert_file=%s, ca_path=%s, ca_file=%s",
-	      key_file, cert_file, ca_path, ca_file));
+	     ("key_file=%s, cert_file=%s, ca_path=%s, ca_file=%s, cipher=%s",
+	      key_file, cert_file, ca_path, ca_file, cipher));
 
   ptr=(struct st_VioSSLAcceptorFd*)my_malloc(sizeof(struct st_VioSSLAcceptorFd),MYF(0));
   ptr->ssl_context_=0;
@@ -293,12 +293,19 @@ new_VioSSLAcceptorFd(const char*	key_file,
     report_errors();
     goto ctor_failure;
   }
+  if(cipher)
+  {
+    result=SSL_CTX_set_cipher_list(ptr->ssl_context_, cipher);
+    DBUG_PRINT("info",("SSL_set_cipher_list() returned %d",result));
+  }
   /*
    * SSL_CTX_set_quiet_shutdown(ctx,1);
    * 
    */
   SSL_CTX_sess_set_cache_size(ptr->ssl_context_,128);
 
+
+
   /* DH?
    */
   SSL_CTX_set_verify(ptr->ssl_context_, verify, vio_verify_callback);
@@ -328,14 +335,6 @@ new_VioSSLAcceptorFd(const char*	key_file,
   SSL_CTX_set_tmp_dh(ptr->ssl_context_,dh);
   DH_free(dh);
 
-/*if (cipher != NULL)
-    if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
-    BIO_printf(bio_err,"error setting cipher list\n");
-    ERR_print_errors(bio_err);
-    goto end;
-  }
-*/
- 
   DBUG_RETURN(ptr);
 ctor_failure:
   DBUG_PRINT("exit", ("there was an error"));
author	unknown <tonu@volk.internalnet>	2001-09-30 10:46:20 +0800
committer	unknown <tonu@volk.internalnet>	2001-09-30 10:46:20 +0800
commit	d13f2dfdeb2b23c6abfb608885e8717878122a7b (patch)
tree	c8e33b443fde74ad722536829cd56fa9403617cd /vio/viosslfactories.c
parent	5e0851e1b37debb59dbe184fcc3485470872ac64 (diff)
download	mariadb-git-d13f2dfdeb2b23c6abfb608885e8717878122a7b.tar.gz