summaryrefslogtreecommitdiff
path: root/vio
diff options
context:
space:
mode:
Diffstat (limited to 'vio')
-rw-r--r--vio/test-ssl.c9
-rw-r--r--vio/test-sslclient.c8
-rw-r--r--vio/test-sslserver.c3
-rw-r--r--vio/viossl.c17
-rw-r--r--vio/viosslfactories.c7
-rw-r--r--vio/viotest-ssl.c9
6 files changed, 32 insertions, 21 deletions
diff --git a/vio/test-ssl.c b/vio/test-ssl.c
index 1e846727d00..4d158ae83f7 100644
--- a/vio/test-ssl.c
+++ b/vio/test-ssl.c
@@ -59,6 +59,9 @@ main(int argc, char** argv)
struct st_VioSSLFd* ssl_acceptor= 0;
struct st_VioSSLFd* ssl_connector= 0;
Vio* client_vio=0, *server_vio=0;
+ enum enum_ssl_init_error ssl_init_error;
+ unsigned long ssl_error;
+
MY_INIT(argv[0]);
DBUG_PROCESS(argv[0]);
DBUG_PUSH(default_dbug_option);
@@ -91,16 +94,16 @@ main(int argc, char** argv)
ssl_acceptor = new_VioSSLAcceptorFd(server_key, server_cert, ca_file,
ca_path, cipher);
ssl_connector = new_VioSSLConnectorFd(client_key, client_cert, ca_file,
- ca_path, cipher);
+ ca_path, cipher, &ssl_init_error);
client_vio = (struct st_vio*)my_malloc(sizeof(struct st_vio),MYF(0));
client_vio->sd = sv[0];
client_vio->vioblocking(client_vio, 0, &unused);
- sslconnect(ssl_connector,client_vio,60L);
+ sslconnect(ssl_connector,client_vio,60L,&ssl_error);
server_vio = (struct st_vio*)my_malloc(sizeof(struct st_vio),MYF(0));
server_vio->sd = sv[1];
server_vio->vioblocking(client_vio, 0, &unused);
- sslaccept(ssl_acceptor,server_vio,60L);
+ sslaccept(ssl_acceptor,server_vio,60L, &ssl_error);
printf("Socketpair: %d , %d\n", client_vio->sd, server_vio->sd);
diff --git a/vio/test-sslclient.c b/vio/test-sslclient.c
index 643dcbf2c8e..9d8a741e313 100644
--- a/vio/test-sslclient.c
+++ b/vio/test-sslclient.c
@@ -50,6 +50,9 @@ main( int argc __attribute__((unused)),
Vio* client_vio=0;
int err;
char xbuf[100]="Ohohhhhoh1234";
+ enum enum_ssl_init_error ssl_init_error;
+ unsigned long ssl_error;
+
MY_INIT(argv[0]);
DBUG_PROCESS(argv[0]);
DBUG_PUSH(default_dbug_option);
@@ -60,7 +63,8 @@ main( int argc __attribute__((unused)),
if (ca_path!=0)
printf("CApath : %s\n", ca_path);
- ssl_connector = new_VioSSLConnectorFd(client_key, client_cert, ca_file, ca_path, cipher);
+ ssl_connector = new_VioSSLConnectorFd(client_key, client_cert, ca_file, ca_path, cipher,
+ &ssl_init_error);
if(!ssl_connector) {
fatal_error("client:new_VioSSLConnectorFd failed");
}
@@ -81,7 +85,7 @@ main( int argc __attribute__((unused)),
/* ----------------------------------------------- */
/* Now we have TCP conncetion. Start SSL negotiation. */
read(client_vio->sd,xbuf, sizeof(xbuf));
- sslconnect(ssl_connector,client_vio,60L);
+ sslconnect(ssl_connector,client_vio,60L,&ssl_error);
err = vio_read(client_vio,xbuf, sizeof(xbuf));
if (err<=0) {
my_free(ssl_connector);
diff --git a/vio/test-sslserver.c b/vio/test-sslserver.c
index 3123a4def2c..35cfa26bd00 100644
--- a/vio/test-sslserver.c
+++ b/vio/test-sslserver.c
@@ -52,6 +52,7 @@ do_ssl_stuff( TH_ARGS* args)
const char* s = "Huhuhuhuuu";
Vio* server_vio;
int err;
+ unsigned long ssl_error;
DBUG_ENTER("do_ssl_stuff");
server_vio = vio_new(args->sd, VIO_TYPE_TCPIP, TRUE);
@@ -60,7 +61,7 @@ do_ssl_stuff( TH_ARGS* args)
/* TCP connection is ready. Do server side SSL. */
err = write(server_vio->sd,(uchar*)s, strlen(s));
- sslaccept(args->ssl_acceptor,server_vio,60L);
+ sslaccept(args->ssl_acceptor,server_vio,60L,&ssl_error);
err = server_vio->write(server_vio,(uchar*)s, strlen(s));
DBUG_VOID_RETURN;
}
diff --git a/vio/viossl.c b/vio/viossl.c
index 5cb5f36f20d..290abf788c2 100644
--- a/vio/viossl.c
+++ b/vio/viossl.c
@@ -144,8 +144,9 @@ void vio_ssl_delete(Vio *vio)
static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
- int (*connect_accept_func)(SSL*))
+ int (*connect_accept_func)(SSL*), unsigned long *errptr)
{
+ int r;
SSL *ssl;
my_bool unused;
my_bool was_blocking;
@@ -160,7 +161,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
if (!(ssl= SSL_new(ptr->ssl_context)))
{
DBUG_PRINT("error", ("SSL_new failure"));
- report_errors(ssl);
+ *errptr= ERR_get_error();
vio_blocking(vio, was_blocking, &unused);
DBUG_RETURN(1);
}
@@ -169,10 +170,10 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
SSL_SESSION_set_timeout(SSL_get_session(ssl), timeout);
SSL_set_fd(ssl, vio->sd);
- if (connect_accept_func(ssl) < 1)
+ if ((r= connect_accept_func(ssl)) < 1)
{
DBUG_PRINT("error", ("SSL_connect/accept failure"));
- report_errors(ssl);
+ *errptr= SSL_get_error(ssl, r);
SSL_free(ssl);
vio_blocking(vio, was_blocking, &unused);
DBUG_RETURN(1);
@@ -220,17 +221,17 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
}
-int sslaccept(struct st_VioSSLFd *ptr, Vio *vio, long timeout)
+int sslaccept(struct st_VioSSLFd *ptr, Vio *vio, long timeout, unsigned long *errptr)
{
DBUG_ENTER("sslaccept");
- DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_accept));
+ DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_accept, errptr));
}
-int sslconnect(struct st_VioSSLFd *ptr, Vio *vio, long timeout)
+int sslconnect(struct st_VioSSLFd *ptr, Vio *vio, long timeout, unsigned long *errptr)
{
DBUG_ENTER("sslconnect");
- DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_connect));
+ DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_connect, errptr));
}
diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
index 4971dec37fb..4f4dd5758ba 100644
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -165,7 +165,7 @@ static struct st_VioSSLFd *
new_VioSSLFd(const char *key_file, const char *cert_file,
const char *ca_file, const char *ca_path,
const char *cipher, SSL_METHOD *method,
- enum enum_ssl_init_error* error)
+ enum enum_ssl_init_error *error)
{
DH *dh;
struct st_VioSSLFd *ssl_fd;
@@ -249,11 +249,10 @@ new_VioSSLFd(const char *key_file, const char *cert_file,
struct st_VioSSLFd *
new_VioSSLConnectorFd(const char *key_file, const char *cert_file,
const char *ca_file, const char *ca_path,
- const char *cipher)
+ const char *cipher, enum enum_ssl_init_error* error)
{
struct st_VioSSLFd *ssl_fd;
int verify= SSL_VERIFY_PEER;
- enum enum_ssl_init_error dummy;
/*
Turn off verification of servers certificate if both
@@ -263,7 +262,7 @@ new_VioSSLConnectorFd(const char *key_file, const char *cert_file,
verify= SSL_VERIFY_NONE;
if (!(ssl_fd= new_VioSSLFd(key_file, cert_file, ca_file,
- ca_path, cipher, TLSv1_client_method(), &dummy)))
+ ca_path, cipher, TLSv1_client_method(), error)))
{
return 0;
}
diff --git a/vio/viotest-ssl.c b/vio/viotest-ssl.c
index 5c68e861d2a..90489b46605 100644
--- a/vio/viotest-ssl.c
+++ b/vio/viotest-ssl.c
@@ -60,6 +60,9 @@ int main(int argc, char **argv)
struct st_VioSSLConnectorFd* ssl_connector=0;
Vio* client_vio=0;
Vio* server_vio=0;
+ enum enum_ssl_init_error ssl_init_error;
+ unsigned long ssl_error;
+
MY_INIT(argv[0]);
DBUG_PROCESS(argv[0]);
DBUG_PUSH(default_dbug_option);
@@ -92,14 +95,14 @@ int main(int argc, char **argv)
ssl_acceptor = new_VioSSLAcceptorFd(server_key, server_cert, ca_file,
ca_path);
ssl_connector = new_VioSSLConnectorFd(client_key, client_cert, ca_file,
- ca_path);
+ ca_path, &ssl_init_error);
client_vio = (Vio*)my_malloc(sizeof(struct st_vio),MYF(0));
client_vio->sd = sv[0];
- sslconnect(ssl_connector,client_vio);
+ sslconnect(ssl_connector,client_vio,&ssl_error);
server_vio = (Vio*)my_malloc(sizeof(struct st_vio),MYF(0));
server_vio->sd = sv[1];
- sslaccept(ssl_acceptor,server_vio);
+ sslaccept(ssl_acceptor,server_vio,&ssl_error);
printf("Socketpair: %d , %d\n", client_vio->sd, server_vio->sd);