3 files changed, 18 insertions, 1 deletions

diff --git a/mysql-test/r/openssl_1.result b/mysql-test/r/openssl_1.result
index 34d8e3ab768..92900ac1a83 100644
--- a/mysql-test/r/openssl_1.result
+++ b/mysql-test/r/openssl_1.result
@@ -51,3 +51,5 @@ SSL error: Unable to get private key from ''
 mysqltest: Could not open connection 'default': 2026 SSL connection error
 SSL error: Unable to get certificate from ''
 mysqltest: Could not open connection 'default': 2026 SSL connection error
+Variable_name	Value
+Ssl_cipher	DHE-RSA-AES256-SHA
diff --git a/mysql-test/t/openssl_1.test b/mysql-test/t/openssl_1.test
index 8772b8157e3..362443023e1 100644
--- a/mysql-test/t/openssl_1.test
+++ b/mysql-test/t/openssl_1.test
@@ -96,4 +96,11 @@ drop table t1;
 --error 1
 --exec $MYSQL_TEST --ssl-cert= --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
 
-
+#
+# Bug#25309 SSL connections without CA certificate broken since MySQL 5.0.23
+#
+# Test that we can open encrypted connection to server without
+# verification of servers certificate by setting both ca certificate
+# and ca path to NULL
+#
+--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
index e4d856624d3..d318f1b0122 100644
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -309,6 +309,14 @@ new_VioSSLConnectorFd(const char *key_file, const char *cert_file,
 {
   struct st_VioSSLFd *ssl_fd;
   int verify= SSL_VERIFY_PEER;
+
+  /*
+    Turn off verification of servers certificate if both
+    ca_file and ca_path is set to NULL
+  */
+  if (ca_file == 0 && ca_path == 0)
+    verify= SSL_VERIFY_NONE;
+
   if (!(ssl_fd= new_VioSSLFd(key_file, cert_file, ca_file,
                              ca_path, cipher, TLSv1_client_method())))
   {