Bug#25309 SSL connections without CA certificate broken since MySQL 5.0.23

- Turn off verification of peer if both ca_path and ca_file is null i.e from only passing --ssl-key=<client_key> and --ssl-cert=<client_cert> to the mysql utility programs. The server will authenticate the client accoring to GRANT tables but the client won't authenticate the server
author: msvensson@pilot.blaudden <> 2007-03-28 12:23:55 +0200
committer: msvensson@pilot.blaudden <> 2007-03-28 12:23:55 +0200
commit: aec7927c8e688ecb42683714f095deb6e95f1384 (patch)
tree: 83f01f8bf5b05a19ce2eeddb01ae4ae52f5e0021 /vio
parent: ab61d07a30b73e3446b6eab9536ba464a0d55f74 (diff)
download: mariadb-git-aec7927c8e688ecb42683714f095deb6e95f1384.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
index 55d3792365f..a12a45df648 100644
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -301,6 +301,14 @@ new_VioSSLConnectorFd(const char *key_file, const char *cert_file,
 {
   struct st_VioSSLFd *ssl_fd;
   int verify= SSL_VERIFY_PEER;
+
+  /*
+    Turn off verification of servers certificate if both
+    ca_file and ca_path is set to NULL
+  */
+  if (ca_file == 0 && ca_path == 0)
+    verify= SSL_VERIFY_NONE;
+
   if (!(ssl_fd= new_VioSSLFd(key_file, cert_file, ca_file,
                              ca_path, cipher, TLSv1_client_method())))
   {
author	msvensson@pilot.blaudden <>	2007-03-28 12:23:55 +0200
committer	msvensson@pilot.blaudden <>	2007-03-28 12:23:55 +0200
commit	aec7927c8e688ecb42683714f095deb6e95f1384 (patch)
tree	83f01f8bf5b05a19ce2eeddb01ae4ae52f5e0021 /vio
parent	ab61d07a30b73e3446b6eab9536ba464a0d55f74 (diff)
download	mariadb-git-aec7927c8e688ecb42683714f095deb6e95f1384.tar.gz