diff options
author | Julius Goryavsky <julius.goryavsky@mariadb.com> | 2021-12-17 04:44:43 +0100 |
---|---|---|
committer | Julius Goryavsky <julius.goryavsky@mariadb.com> | 2021-12-17 04:44:43 +0100 |
commit | 85defc4764860613742af23acf954cfdd9397553 (patch) | |
tree | da393c01db9d265d965d46051ae5355849ea84d2 /vio | |
parent | fff8ac2e966ac123a091a3e1be22b59cbc1c7e9b (diff) | |
download | mariadb-git-85defc4764860613742af23acf954cfdd9397553.tar.gz |
MDEV-27181 fixup: compatibility with Windows + small correctionsbb-10.2-MDEV-27181-fix
1) Removed symlinks that are not very well supported in tar under Windows.
2) Added comment + changed code formatting in viosslfactories.c
3) Fixed a small bug in the yassl code.
4) Fixed a typo in the script code.
Diffstat (limited to 'vio')
-rw-r--r-- | vio/viosslfactories.c | 81 |
1 files changed, 69 insertions, 12 deletions
diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c index 08f0905e044..fe980322736 100644 --- a/vio/viosslfactories.c +++ b/vio/viosslfactories.c @@ -179,10 +179,29 @@ new_VioSSLFd(const char *key_file, const char *cert_file, long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3; DBUG_ENTER("new_VioSSLFd"); - if (ca_file && ! ca_file[0]) ca_file = NULL; - if (ca_path && ! ca_path[0]) ca_path = NULL; - if (crl_file && ! crl_file[0]) crl_file = NULL; - if (crl_path && ! crl_path[0]) crl_path = NULL; + /* + If some optional parameters indicate empty strings, then + for compatibility with SSL libraries, replace them with NULL, + otherwise these libraries will try to open files with an empty + name, etc., and they will return an error code instead performing + the necessary operations: + */ + if (ca_file && !ca_file[0]) + { + ca_file = NULL; + } + if (ca_path && !ca_path[0]) + { + ca_path = NULL; + } + if (crl_file && !crl_file[0]) + { + crl_file = NULL; + } + if (crl_path && !crl_path[0]) + { + crl_path = NULL; + } DBUG_PRINT("enter", ("key_file: '%s' cert_file: '%s' ca_file: '%s' ca_path: '%s' " @@ -314,10 +333,29 @@ new_VioSSLConnectorFd(const char *key_file, const char *cert_file, struct st_VioSSLFd *ssl_fd; int verify= SSL_VERIFY_PEER; - if (ca_file && ! ca_file[0]) ca_file = NULL; - if (ca_path && ! ca_path[0]) ca_path = NULL; - if (crl_file && ! crl_file[0]) crl_file = NULL; - if (crl_path && ! crl_path[0]) crl_path = NULL; + /* + If some optional parameters indicate empty strings, then + for compatibility with SSL libraries, replace them with NULL, + otherwise these libraries will try to open files with an empty + name, etc., and they will return an error code instead performing + the necessary operations: + */ + if (ca_file && !ca_file[0]) + { + ca_file = NULL; + } + if (ca_path && !ca_path[0]) + { + ca_path = NULL; + } + if (crl_file && !crl_file[0]) + { + crl_file = NULL; + } + if (crl_path && !crl_path[0]) + { + crl_path = NULL; + } /* Turn off verification of servers certificate if both @@ -351,10 +389,29 @@ new_VioSSLAcceptorFd(const char *key_file, const char *cert_file, struct st_VioSSLFd *ssl_fd; int verify= SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE; - if (ca_file && ! ca_file[0]) ca_file = NULL; - if (ca_path && ! ca_path[0]) ca_path = NULL; - if (crl_file && ! crl_file[0]) crl_file = NULL; - if (crl_path && ! crl_path[0]) crl_path = NULL; + /* + If some optional parameters indicate empty strings, then + for compatibility with SSL libraries, replace them with NULL, + otherwise these libraries will try to open files with an empty + name, etc., and they will return an error code instead performing + the necessary operations: + */ + if (ca_file && !ca_file[0]) + { + ca_file = NULL; + } + if (ca_path && !ca_path[0]) + { + ca_path = NULL; + } + if (crl_file && !crl_file[0]) + { + crl_file = NULL; + } + if (crl_path && !crl_path[0]) + { + crl_path = NULL; + } if (!(ssl_fd= new_VioSSLFd(key_file, cert_file, ca_file, ca_path, cipher, FALSE, error, |