summaryrefslogtreecommitdiff
path: root/vio
diff options
context:
space:
mode:
Diffstat (limited to 'vio')
-rw-r--r--vio/viosslfactories.c81
1 files changed, 69 insertions, 12 deletions
diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
index a1fc14b9083..fbc673f2097 100644
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -233,10 +233,29 @@ new_VioSSLFd(const char *key_file, const char *cert_file,
long ssl_ctx_options;
DBUG_ENTER("new_VioSSLFd");
- if (ca_file && ! ca_file[0]) ca_file = NULL;
- if (ca_path && ! ca_path[0]) ca_path = NULL;
- if (crl_file && ! crl_file[0]) crl_file = NULL;
- if (crl_path && ! crl_path[0]) crl_path = NULL;
+ /*
+ If some optional parameters indicate empty strings, then
+ for compatibility with SSL libraries, replace them with NULL,
+ otherwise these libraries will try to open files with an empty
+ name, etc., and they will return an error code instead performing
+ the necessary operations:
+ */
+ if (ca_file && !ca_file[0])
+ {
+ ca_file = NULL;
+ }
+ if (ca_path && !ca_path[0])
+ {
+ ca_path = NULL;
+ }
+ if (crl_file && !crl_file[0])
+ {
+ crl_file = NULL;
+ }
+ if (crl_path && !crl_path[0])
+ {
+ crl_path = NULL;
+ }
DBUG_PRINT("enter",
("key_file: '%s' cert_file: '%s' ca_file: '%s' ca_path: '%s' "
@@ -384,10 +403,29 @@ new_VioSSLConnectorFd(const char *key_file, const char *cert_file,
struct st_VioSSLFd *ssl_fd;
int verify= SSL_VERIFY_PEER;
- if (ca_file && ! ca_file[0]) ca_file = NULL;
- if (ca_path && ! ca_path[0]) ca_path = NULL;
- if (crl_file && ! crl_file[0]) crl_file = NULL;
- if (crl_path && ! crl_path[0]) crl_path = NULL;
+ /*
+ If some optional parameters indicate empty strings, then
+ for compatibility with SSL libraries, replace them with NULL,
+ otherwise these libraries will try to open files with an empty
+ name, etc., and they will return an error code instead performing
+ the necessary operations:
+ */
+ if (ca_file && !ca_file[0])
+ {
+ ca_file = NULL;
+ }
+ if (ca_path && !ca_path[0])
+ {
+ ca_path = NULL;
+ }
+ if (crl_file && !crl_file[0])
+ {
+ crl_file = NULL;
+ }
+ if (crl_path && !crl_path[0])
+ {
+ crl_path = NULL;
+ }
/*
Turn off verification of servers certificate if both
@@ -422,10 +460,29 @@ new_VioSSLAcceptorFd(const char *key_file, const char *cert_file,
struct st_VioSSLFd *ssl_fd;
int verify= SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
- if (ca_file && ! ca_file[0]) ca_file = NULL;
- if (ca_path && ! ca_path[0]) ca_path = NULL;
- if (crl_file && ! crl_file[0]) crl_file = NULL;
- if (crl_path && ! crl_path[0]) crl_path = NULL;
+ /*
+ If some optional parameters indicate empty strings, then
+ for compatibility with SSL libraries, replace them with NULL,
+ otherwise these libraries will try to open files with an empty
+ name, etc., and they will return an error code instead performing
+ the necessary operations:
+ */
+ if (ca_file && !ca_file[0])
+ {
+ ca_file = NULL;
+ }
+ if (ca_path && !ca_path[0])
+ {
+ ca_path = NULL;
+ }
+ if (crl_file && !crl_file[0])
+ {
+ crl_file = NULL;
+ }
+ if (crl_path && !crl_path[0])
+ {
+ crl_path = NULL;
+ }
if (!(ssl_fd= new_VioSSLFd(key_file, cert_file, ca_file,
ca_path, cipher, FALSE, error,
View Lorry Controller Status