12 files changed, 157 insertions, 54 deletions

diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt
index a90238dbd42..8ff613155d3 100644
--- a/include/CMakeLists.txt
+++ b/include/CMakeLists.txt
@@ -24,6 +24,7 @@ SET(HEADERS_GEN_CONFIGURE
 SET(HEADERS 
   mysql.h 
   mysql_com.h
+  mysql_com_server.h
   mysql_time.h 
   ma_dyncol.h
   my_list.h
diff --git a/include/my_global.h b/include/my_global.h
index 6fcaa258f21..fa9ce649543 100644
--- a/include/my_global.h
+++ b/include/my_global.h
@@ -90,17 +90,6 @@
 #define IF_WIN(A,B) B
 #endif
 
-#ifndef EMBEDDED_LIBRARY
-#ifdef WITH_NDB_BINLOG
-#define HAVE_NDB_BINLOG 1
-#endif
-#endif /* !EMBEDDED_LIBRARY */
-
-#ifndef EMBEDDED_LIBRARY
-#define HAVE_REPLICATION
-#define HAVE_EXTERNAL_CLIENT
-#endif
-
 #if defined (_WIN32)
 /*
  off_t is 32 bit long. We do not use C runtime functions
@@ -1018,6 +1007,7 @@ typedef struct st_mysql_lex_string LEX_STRING;
 #define SOCKET_ETIMEDOUT WSAETIMEDOUT
 #define SOCKET_EWOULDBLOCK WSAEWOULDBLOCK
 #define SOCKET_EADDRINUSE WSAEADDRINUSE
+#define SOCKET_ECONNRESET WSAECONNRESET
 #define SOCKET_ENFILE	ENFILE
 #define SOCKET_EMFILE	EMFILE
 #else /* Unix */
@@ -1028,6 +1018,7 @@ typedef struct st_mysql_lex_string LEX_STRING;
 #define SOCKET_ETIMEDOUT SOCKET_EINTR
 #define SOCKET_EWOULDBLOCK EWOULDBLOCK
 #define SOCKET_EADDRINUSE EADDRINUSE
+#define SOCKET_ECONNRESET ECONNRESET
 #define SOCKET_ENFILE	ENFILE
 #define SOCKET_EMFILE	EMFILE
 #endif
@@ -1541,6 +1532,12 @@ static inline double rint(double x)
 
 #undef HAVE_SMEM				/* No shared memory */
 
+#else
+#ifdef WITH_NDB_BINLOG
+#define HAVE_NDB_BINLOG 1
+#endif
+#define HAVE_REPLICATION
+#define HAVE_EXTERNAL_CLIENT
 #endif /* EMBEDDED_LIBRARY */
 
 #endif /* my_global_h */
diff --git a/include/my_net.h b/include/my_net.h
index ce2ee6ce8ca..8c62790bf51 100644
--- a/include/my_net.h
+++ b/include/my_net.h
@@ -61,13 +61,15 @@ C_MODE_START
   #define SD_BOTH 0x02
 */
 #define SHUT_RDWR 0x02
-
+#else
+#include <netdb.h>     /* getaddrinfo() & co */
 #endif
 
 /*
-  On OSes which don't have the in_addr_t, we guess that using uint32 is the best
-  possible choice. We guess this from the fact that on HP-UX64bit & FreeBSD64bit
-  & Solaris64bit, in_addr_t is equivalent to uint32. And on Linux32bit too.
+  On OSes which don't have the in_addr_t, we guess that using uint32
+  is the best possible choice. We guess this from the fact that on
+  HP-UX64bit & FreeBSD64bit & Solaris64bit, in_addr_t is equivalent to
+  uint32. And on Linux32bit too.
 */
 #ifndef HAVE_IN_ADDR_T
 #define in_addr_t uint32
diff --git a/include/my_sys.h b/include/my_sys.h
index 94c57a93e73..d6ed4f29e72 100644
--- a/include/my_sys.h
+++ b/include/my_sys.h
@@ -490,6 +490,11 @@ typedef struct st_io_cache		/* Used when cacheing files */
 
 typedef int (*qsort2_cmp)(const void *, const void *, const void *);
 
+typedef void (*my_error_reporter)(enum loglevel level, const char *format, ...)
+  ATTRIBUTE_FORMAT_FPTR(printf, 2, 3);
+
+extern my_error_reporter my_charset_error_reporter;
+
 	/* defines for mf_iocache */
 
 	/* Test if buffer is inited */
@@ -1000,6 +1005,7 @@ char* my_cgets(char *string, size_t clen, size_t* plen);
 
 #ifdef HAVE_PSI_INTERFACE
 extern MYSQL_PLUGIN_IMPORT struct PSI_bootstrap *PSI_hook;
+extern void set_psi_server(PSI *psi);
 void my_init_mysys_psi_keys(void);
 #endif
 
diff --git a/include/mysql.h b/include/mysql.h
index d71d049f69d..4144b6c1ca4 100644
--- a/include/mysql.h
+++ b/include/mysql.h
@@ -168,9 +168,13 @@ enum mysql_option
   MYSQL_OPT_GUESS_CONNECTION, MYSQL_SET_CLIENT_IP, MYSQL_SECURE_AUTH,
   MYSQL_REPORT_DATA_TRUNCATION, MYSQL_OPT_RECONNECT,
   MYSQL_OPT_SSL_VERIFY_SERVER_CERT, MYSQL_PLUGIN_DIR, MYSQL_DEFAULT_AUTH,
-  MYSQL_PROGRESS_CALLBACK,
+  MYSQL_OPT_BIND,
+  MYSQL_OPT_SSL_KEY, MYSQL_OPT_SSL_CERT,
+  MYSQL_OPT_SSL_CA, MYSQL_OPT_SSL_CAPATH, MYSQL_OPT_SSL_CIPHER,
+  MYSQL_OPT_SSL_CRL, MYSQL_OPT_SSL_CRLPATH,
   /* MariaDB options */
-  MYSQL_OPT_NONBLOCK=6000
+  MYSQL_OPT_NONBLOCK=6000,
+  MYSQL_PROGRESS_CALLBACK
 };
 
 /**
diff --git a/include/mysql.h.pp b/include/mysql.h.pp
index ce577146581..b177c36f90c 100644
--- a/include/mysql.h.pp
+++ b/include/mysql.h.pp
@@ -262,8 +262,12 @@ enum mysql_option
   MYSQL_OPT_GUESS_CONNECTION, MYSQL_SET_CLIENT_IP, MYSQL_SECURE_AUTH,
   MYSQL_REPORT_DATA_TRUNCATION, MYSQL_OPT_RECONNECT,
   MYSQL_OPT_SSL_VERIFY_SERVER_CERT, MYSQL_PLUGIN_DIR, MYSQL_DEFAULT_AUTH,
-  MYSQL_PROGRESS_CALLBACK,
-  MYSQL_OPT_NONBLOCK=6000
+  MYSQL_OPT_BIND,
+  MYSQL_OPT_SSL_KEY, MYSQL_OPT_SSL_CERT,
+  MYSQL_OPT_SSL_CA, MYSQL_OPT_SSL_CAPATH, MYSQL_OPT_SSL_CIPHER,
+  MYSQL_OPT_SSL_CRL, MYSQL_OPT_SSL_CRLPATH,
+  MYSQL_OPT_NONBLOCK=6000,
+  MYSQL_PROGRESS_CALLBACK
 };
 struct st_mysql_options_extention;
 struct st_mysql_options {
diff --git a/include/mysql_com_server.h b/include/mysql_com_server.h
new file mode 100644
index 00000000000..1ea040207d4
--- /dev/null
+++ b/include/mysql_com_server.h
@@ -0,0 +1,41 @@
+/* Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 of the License.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
+
+/*
+  Definitions private to the server,
+  used in the networking layer to notify specific events.
+*/
+
+#ifndef _mysql_com_server_h
+#define _mysql_com_server_h
+
+struct st_net_server;
+
+typedef void (*before_header_callback_fn)
+  (struct st_net *net, void *user_data, size_t count);
+
+typedef void (*after_header_callback_fn)
+  (struct st_net *net, void *user_data, size_t count, my_bool rc);
+
+struct st_net_server
+{
+  before_header_callback_fn m_before_header;
+  after_header_callback_fn m_after_header;
+  void *m_user_data;
+};
+
+typedef struct st_net_server NET_SERVER;
+
+#endif
diff --git a/include/sql_common.h b/include/sql_common.h
index cd32a77f86e..99abdb2bf72 100644
--- a/include/sql_common.h
+++ b/include/sql_common.h
@@ -32,6 +32,8 @@ struct mysql_async_context;
 struct st_mysql_options_extention {
   char *plugin_dir;
   char *default_auth;
+  char *ssl_crl;				/* PEM CRL file */
+  char *ssl_crlpath;				/* PEM directory of CRL-s? */
   void (*report_progress)(const MYSQL *mysql,
                           unsigned int stage,
                           unsigned int max_stage,
diff --git a/include/sslopt-case.h b/include/sslopt-case.h
index 2da5ff317e1..4a8c65948cb 100644
--- a/include/sslopt-case.h
+++ b/include/sslopt-case.h
@@ -22,11 +22,18 @@
     case OPT_SSL_CA:
     case OPT_SSL_CAPATH:
     case OPT_SSL_CIPHER:
+    case OPT_SSL_CRL:
+    case OPT_SSL_CRLPATH:
     /*
       Enable use of SSL if we are using any ssl option
       One can disable SSL later by using --skip-ssl or --ssl=0
     */
       opt_use_ssl= 1;
+    /* crl has no effect in yaSSL */  
+#ifdef HAVE_YASSL
+      opt_ssl_crl= NULL;
+      opt_ssl_crlpath= NULL;
+#endif
       break;
 #endif
 #endif /* SSLOPT_CASE_INCLUDED */
diff --git a/include/sslopt-longopts.h b/include/sslopt-longopts.h
index 81d03e54016..e605d0134e7 100644
--- a/include/sslopt-longopts.h
+++ b/include/sslopt-longopts.h
@@ -39,6 +39,13 @@
   {"ssl-key", OPT_SSL_KEY, "X509 key in PEM format (implies --ssl).",
    &opt_ssl_key, &opt_ssl_key, 0, GET_STR, REQUIRED_ARG,
    0, 0, 0, 0, 0, 0},
+  {"ssl-crl", OPT_SSL_KEY, "Certificate revocation list (implies --ssl).",
+   &opt_ssl_crl, &opt_ssl_crl, 0, GET_STR, REQUIRED_ARG,
+   0, 0, 0, 0, 0, 0},
+  {"ssl-crlpath", OPT_SSL_KEY, 
+    "Certificate revocation list path (implies --ssl).",
+   &opt_ssl_crlpath, &opt_ssl_crlpath, 0, GET_STR, REQUIRED_ARG,
+   0, 0, 0, 0, 0, 0},
 #ifdef MYSQL_CLIENT
   {"ssl-verify-server-cert", OPT_SSL_VERIFY_SERVER_CERT,
    "Verify server's \"Common Name\" in its cert against hostname used "
diff --git a/include/sslopt-vars.h b/include/sslopt-vars.h
index 01093feceaf..8e669760faf 100644
--- a/include/sslopt-vars.h
+++ b/include/sslopt-vars.h
@@ -22,12 +22,14 @@
 #else
 #define SSL_STATIC static
 #endif
-SSL_STATIC my_bool opt_use_ssl  = 0;
-SSL_STATIC char *opt_ssl_ca     = 0;
-SSL_STATIC char *opt_ssl_capath = 0;
-SSL_STATIC char *opt_ssl_cert   = 0;
-SSL_STATIC char *opt_ssl_cipher = 0;
-SSL_STATIC char *opt_ssl_key    = 0;
+SSL_STATIC my_bool opt_use_ssl   = 0;
+SSL_STATIC char *opt_ssl_ca      = 0;
+SSL_STATIC char *opt_ssl_capath  = 0;
+SSL_STATIC char *opt_ssl_cert    = 0;
+SSL_STATIC char *opt_ssl_cipher  = 0;
+SSL_STATIC char *opt_ssl_key     = 0;
+SSL_STATIC char *opt_ssl_crl     = 0;
+SSL_STATIC char *opt_ssl_crlpath = 0;
 #ifdef MYSQL_CLIENT
 SSL_STATIC my_bool opt_ssl_verify_server_cert= 0;
 #endif
diff --git a/include/violite.h b/include/violite.h
index 18df848d8b8..838fc7ee096 100644
--- a/include/violite.h
+++ b/include/violite.h
@@ -1,4 +1,5 @@
-/* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+/* Copyright (c) 2000, 2012, Oracle and/or its affiliates.
+   Copyright (c) 2012 Monty Program Ab
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -10,8 +11,8 @@
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software Foundation, Inc.,
-   51 Franklin Street, Suite 500, Boston, MA 02110-1335 USA */
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
 
 /*
  * Vio Lite.
@@ -21,8 +22,8 @@
 #ifndef vio_violite_h_
 #define	vio_violite_h_
 
-#include "my_net.h"			/* needed because of struct in_addr */
-
+#include "my_net.h"   /* needed because of struct in_addr */
+#include <mysql/psi/mysql_socket.h>
 
 /* Simple vio interface in C;  The functions are implemented in violite.c */
 
@@ -40,12 +41,23 @@ enum enum_vio_type
   VIO_TYPE_SSL, VIO_TYPE_SHARED_MEMORY
 };
 
+/**
+  VIO I/O events.
+*/
+enum enum_vio_io_event
+{
+  VIO_IO_EVENT_READ,
+  VIO_IO_EVENT_WRITE,
+  VIO_IO_EVENT_CONNECT
+};
 
 #define VIO_LOCALHOST 1                         /* a localhost connection */
 #define VIO_BUFFERED_READ 2                     /* use buffered read */
 #define VIO_READ_BUFFER_SIZE 16384              /* size of read buffer */
+#define VIO_DESCRIPTION_SIZE 30                 /* size of description */
 
-Vio*	vio_new(my_socket sd, enum enum_vio_type type, uint flags);
+Vio* vio_new(my_socket sd, enum enum_vio_type type, uint flags);
+Vio*  mysql_socket_vio_new(MYSQL_SOCKET mysql_socket, enum enum_vio_type type, uint flags);
 #ifdef __WIN__
 Vio* vio_new_win32pipe(HANDLE hPipe);
 Vio* vio_new_win32shared_memory(HANDLE handle_file_map,
@@ -59,13 +71,10 @@ Vio* vio_new_win32shared_memory(HANDLE handle_file_map,
 #define HANDLE void *
 #endif /* __WIN__ */
 
-/* backport from 5.6 where it is part of PSI, not vio_*() */
-int	mysql_socket_shutdown(my_socket mysql_socket, int how);
-
 void	vio_delete(Vio* vio);
 int	vio_close(Vio* vio);
-void    vio_reset(Vio* vio, enum enum_vio_type type,
-                  my_socket sd, HANDLE hPipe, uint flags);
+my_bool vio_reset(Vio* vio, enum enum_vio_type type,
+                  my_socket sd, void *ssl, uint flags);
 size_t	vio_read(Vio *vio, uchar *	buf, size_t size);
 size_t  vio_read_buff(Vio *vio, uchar * buf, size_t size);
 size_t	vio_write(Vio *vio, const uchar * buf, size_t size);
@@ -78,6 +87,7 @@ int	vio_keepalive(Vio *vio, my_bool	onoff);
 /* Whenever we should retry the last read/write operation. */
 my_bool	vio_should_retry(Vio *vio);
 /* Check that operation was timed out */
+my_bool vio_was_timeout(Vio *vio);
 my_bool	vio_was_interrupted(Vio *vio);
 /* Short text description of the socket for those, who are curious.. */
 const char* vio_description(Vio *vio);
@@ -89,9 +99,17 @@ int	vio_errno(Vio*vio);
 my_socket vio_fd(Vio*vio);
 /* Remote peer's address and name in text form */
 my_bool vio_peer_addr(Vio *vio, char *buf, uint16 *port, size_t buflen);
-my_bool vio_poll_read(Vio *vio, uint timeout);
+/* Wait for an I/O event notification. */
+int vio_io_wait(Vio *vio, enum enum_vio_io_event event, int timeout);
 my_bool vio_is_connected(Vio *vio);
+#ifndef DBUG_OFF
 ssize_t vio_pending(Vio *vio);
+#endif
+/* Set timeout for a network operation. */
+int vio_timeout(Vio *vio, uint which, int timeout_sec);
+/* Connect to a peer. */
+my_bool vio_socket_connect(Vio *vio, struct sockaddr *addr, socklen_t len,
+                           int timeout);
 
 my_bool vio_get_normalized_ip_string(const struct sockaddr *addr, int addr_length,
                                      char *ip_string, size_t ip_string_size);
@@ -111,6 +129,10 @@ int vio_getnameinfo(const struct sockaddr *sa,
 #define DES_set_key_unchecked(k,ks) des_set_key_unchecked((k),*(ks))
 #define DES_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e) des_ede3_cbc_encrypt((i),(o),(l),*(k1),*(k2),*(k3),(iv),(e))
 #endif
+/* apple deprecated openssl in MacOSX Lion */
+#ifdef __APPLE__
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
 
 #define HEADER_DES_LOCL_H dummy_something
 #define YASSL_MYSQL_COMPATIBLE
@@ -142,11 +164,13 @@ int sslconnect(struct st_VioSSLFd*, Vio *, long timeout, unsigned long *errptr);
 struct st_VioSSLFd
 *new_VioSSLConnectorFd(const char *key_file, const char *cert_file,
 		       const char *ca_file,  const char *ca_path,
-		       const char *cipher, enum enum_ssl_init_error* error);
+		       const char *cipher, enum enum_ssl_init_error *error,
+                       const char *crl_file, const char *crl_path);
 struct st_VioSSLFd
 *new_VioSSLAcceptorFd(const char *key_file, const char *cert_file,
 		      const char *ca_file,const char *ca_path,
-		      const char *cipher, enum enum_ssl_init_error* error);
+		      const char *cipher, enum enum_ssl_init_error *error,
+                      const char *crl_file, const char *crl_path);
 void free_vio_ssl_acceptor_fd(struct st_VioSSLFd *fd);
 #endif /* HAVE_OPENSSL */
 
@@ -167,12 +191,13 @@ void vio_end(void);
 #define vio_fastsend(vio)			(vio)->fastsend(vio)
 #define vio_keepalive(vio, set_keep_alive)	(vio)->viokeepalive(vio, set_keep_alive)
 #define vio_should_retry(vio) 			(vio)->should_retry(vio)
+#define vio_was_timeout(vio)                    (vio)->was_timeout(vio)
 #define vio_was_interrupted(vio) 		(vio)->was_interrupted(vio)
 #define vio_close(vio)				((vio)->vioclose)(vio)
 #define vio_shutdown(vio,how)			((vio)->shutdown)(vio,how)
 #define vio_peer_addr(vio, buf, prt, buflen)	(vio)->peer_addr(vio, buf, prt, buflen)
+#define vio_io_wait(vio, event, timeout)        (vio)->io_wait(vio, event, timeout)
 #define vio_timeout(vio, which, seconds)	(vio)->timeout(vio, which, seconds)
-#define vio_poll_read(vio, timeout)             (vio)->poll_read(vio, timeout)
 #define vio_is_connected(vio)                   (vio)->is_connected(vio)
 #endif /* !defined(DONT_MAP_VIO) */
 
@@ -202,26 +227,31 @@ enum SSL_type
 /* This structure is for every connection on both sides */
 struct st_vio
 {
-  my_socket		sd;		/* my_socket - real or imaginary */
-  HANDLE hPipe;
+  MYSQL_SOCKET  mysql_socket;     /* Instrumented socket */
   my_bool		localhost;	/* Are we from localhost? */
   int			fcntl_mode;	/* Buffered fcntl(sd,F_GETFL) */
-  struct sockaddr_storage	local;		/* Local internet address */
-  struct sockaddr_storage	remote;		/* Remote internet address */
+  struct sockaddr_storage local;	/* Local internet address */
+  struct sockaddr_storage remote;	/* Remote internet address */
   int addrLen;                          /* Length of remote address */
   enum enum_vio_type	type;		/* Type of connection */
-  char			desc[30];	/* String description */
+  /*
+    Description string. This member MUST NOT be used directly, but only
+    via function "vio_description"
+  */
+  char			desc[VIO_DESCRIPTION_SIZE];
   char                  *read_buffer;   /* buffer for vio_read_buff */
   char                  *read_pos;      /* start of unfetched data in the
                                            read buffer */
   char                  *read_end;      /* end of unfetched data */
   struct mysql_async_context *async_context; /* For non-blocking API */
-  uint read_timeout, write_timeout;
+  int                   read_timeout;   /* Timeout value (ms) for read ops. */
+  int                   write_timeout;  /* Timeout value (ms) for write ops. */
   /* function pointers. They are similar for socket/SSL/whatever */
   void    (*viodelete)(Vio*);
   int     (*vioerrno)(Vio*);
   size_t  (*read)(Vio*, uchar *, size_t);
   size_t  (*write)(Vio*, const uchar *, size_t);
+  int     (*timeout)(Vio*, uint, my_bool);
   int     (*vioblocking)(Vio*, my_bool, my_bool *);
   my_bool (*is_blocking)(Vio*);
   int     (*viokeepalive)(Vio*, my_bool);
@@ -229,13 +259,19 @@ struct st_vio
   my_bool (*peer_addr)(Vio*, char *, uint16*, size_t);
   void    (*in_addr)(Vio*, struct sockaddr_storage*);
   my_bool (*should_retry)(Vio*);
+  my_bool (*was_timeout)(Vio*);
   my_bool (*was_interrupted)(Vio*);
   int     (*vioclose)(Vio*);
-  void	  (*timeout)(Vio*, unsigned int which, unsigned int timeout);
-  my_bool (*poll_read)(Vio *vio, uint timeout);
   my_bool (*is_connected)(Vio*);
   int (*shutdown)(Vio *, int);
   my_bool (*has_data) (Vio*);
+  int (*io_wait)(Vio*, enum enum_vio_io_event, int);
+  my_bool (*connect)(Vio*, struct sockaddr *, socklen_t, int);
+#ifdef _WIN32
+  HANDLE hPipe;
+  DWORD thread_id; /* Used on XP only by vio_shutdown() */
+  OVERLAPPED overlapped;
+#endif
 #ifdef HAVE_OPENSSL
   void	  *ssl_arg;
 #endif
@@ -250,11 +286,5 @@ struct st_vio
   size_t  shared_memory_remain;
   char    *shared_memory_pos;
 #endif /* HAVE_SMEM */
-#ifdef _WIN32
-  DWORD thread_id; /* Used on XP only by vio_shutdown() */
-  OVERLAPPED pipe_overlapped;
-  DWORD read_timeout_ms;
-  DWORD write_timeout_ms;
-#endif
 };
 #endif /* vio_violite_h_ */