Bug#25309 SSL connections without CA certificate broken since MySQL 5.0.23

- Turn off verification of peer if both ca_path and ca_file is null i.e from only passing --ssl-key=<client_key> and --ssl-cert=<client_cert> to the mysql utility programs. The server will authenticate the client accoring to GRANT tables but the client won't authenticate the server mysql-test/r/openssl_1.result: Update result file mysql-test/t/openssl_1.test: Test that it's possible to connect with --ssl-ca set to /dev/null vio/viosslfactories.c: Turn off verification of peer if both ca_file and ca_path is NULL
author: unknown <msvensson@pilot.blaudden> 2007-03-28 12:23:55 +0200
committer: unknown <msvensson@pilot.blaudden> 2007-03-28 12:23:55 +0200
commit: 40df5f68b53b67514cf45c4b7d241b8f31d5f368 (patch)
tree: 83f01f8bf5b05a19ce2eeddb01ae4ae52f5e0021 /vio
parent: b9c36948f44b39cb2a9d4c80ea3bbb321ec1e045 (diff)
download: mariadb-git-40df5f68b53b67514cf45c4b7d241b8f31d5f368.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
index 55d3792365f..a12a45df648 100644
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -301,6 +301,14 @@ new_VioSSLConnectorFd(const char *key_file, const char *cert_file,
 {
   struct st_VioSSLFd *ssl_fd;
   int verify= SSL_VERIFY_PEER;
+
+  /*
+    Turn off verification of servers certificate if both
+    ca_file and ca_path is set to NULL
+  */
+  if (ca_file == 0 && ca_path == 0)
+    verify= SSL_VERIFY_NONE;
+
   if (!(ssl_fd= new_VioSSLFd(key_file, cert_file, ca_file,
                              ca_path, cipher, TLSv1_client_method())))
   {
author	unknown <msvensson@pilot.blaudden>	2007-03-28 12:23:55 +0200
committer	unknown <msvensson@pilot.blaudden>	2007-03-28 12:23:55 +0200
commit	40df5f68b53b67514cf45c4b7d241b8f31d5f368 (patch)
tree	83f01f8bf5b05a19ce2eeddb01ae4ae52f5e0021 /vio
parent	b9c36948f44b39cb2a9d4c80ea3bbb321ec1e045 (diff)
download	mariadb-git-40df5f68b53b67514cf45c4b7d241b8f31d5f368.tar.gz