diff options
| author | Oleksandr Byelkin <sanja@mariadb.com> | 2015-11-15 10:44:20 +0100 |
|---|---|---|
| committer | Oleksandr Byelkin <sanja@mariadb.com> | 2015-11-15 10:44:20 +0100 |
| commit | 0dfa0eef596ee677b55976793d632dc9b36928c7 (patch) | |
| tree | 244bfe3d08ab86a74f1b451cd9f0c4f3db719769 /vio | |
| parent | d85490afab99e31a2221043a7c1d546a57901995 (diff) | |
| download | mariadb-git-0dfa0eef596ee677b55976793d632dc9b36928c7.tar.gz | |
MDEV-8957 [PATCH] Useless ssl_ctx_set_tmp_dh call in libmysql
Accepted patch of Georg: do not setup Differ-Hellman parameters on client.
Diffstat (limited to 'vio')
| -rw-r--r-- | vio/viosslfactories.c | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c index 96275b95f68..ca4669f81ba 100644 --- a/vio/viosslfactories.c +++ b/vio/viosslfactories.c @@ -259,14 +259,17 @@ new_VioSSLFd(const char *key_file, const char *cert_file, } /* DH stuff */ - dh=get_dh2048(); - if (!SSL_CTX_set_tmp_dh(ssl_fd->ssl_context, dh)) + if (!is_client_method) { - *error= SSL_INITERR_DH; - goto err3; - } + dh=get_dh2048(); + if (!SSL_CTX_set_tmp_dh(ssl_fd->ssl_context, dh)) + { + *error= SSL_INITERR_DH; + goto err3; + } - DH_free(dh); + DH_free(dh); + } DBUG_PRINT("exit", ("OK 1")); |