| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
* update net_field_length() to match the prototype
* various bug fixes in C/C
|
| |\ |
|
| | |\
| | |
| | | |
no need to set net->vio to zero in mysql_real_connect
|
| | | |
| | |
| | |
| | |
| | | |
because it is zero always in this place as we have check for this above
which checks that net->vio isn't 0 and exit.
|
| | |\ \
| | |/
| |/| |
|
| | | |\ |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
fix for async operations
|
| | | | |
| | | |
| | | |
| | | | |
Support of CLIENT_REMEMBER_OPTIONS and freeing options added.
|
| | | | |
| | | |
| | | |
| | | | |
initial commit to test
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* remove redundant code
* fix tests
* move declarations and defines where they belong
|
| | | | |
| | | |
| | | |
| | | | |
also disable server's client plugins when C/C has the same
|
| |/ / / |
|
| | | |
| | |
| | |
| | | |
This reverts commit 7b89b9f5108c80f4f270da922d7e6c182a663719.
|
| | | | |
|
| |\ \ \
| |/ / |
|
| | |\ \
| | |/ |
|
| | | |\ |
|
| | | | |\ |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
FOUND
Description:- Failure during the validation of CA
certificate path which is provided as an option for 'ssl-ca'
returns two different errors for YaSSL and OPENSSL.
Analysis:- 'ssl-ca', option used for specifying the ssl ca
certificate path. Failing to validate this certificate with
OPENSSL returns an error, "ERROR 2026 (HY000): SSL
connection error: SSL_CTX_set_default_verify_paths failed".
While YASSL returns "ERROR 2026 (HY000): SSL connection
error: ASN: bad other signature confirmation". Error
returned by the OPENSSL is correct since
"SSL_CTX_load_verify_locations()" returns 0 (in case of
OPENSSL) for the failure and sets error as
"SSL_INITERR_BAD_PATHS". In case of YASSL,
"SSL_CTX_load_verify_locations()" returns an error number
which is less than or equal to 0 in case of error. Error
numbers for YASSL is mentioned in the file,
'extra/yassl/include/openssl/ssl.h'(line no : 292). Also
'ssl-ca' does not accept tilde home directory path
substitution.
Fix:- The condition which checks for the error in the
"SSL_CTX_load_verify_locations()" is changed in order to
accommodate YASSL as well. A logic is written in
"mysql_ssl_set()" in order accept the tilde home directory
path substitution for all ssl options.
|
| | | | | | |
|
| |\ \ \ \ \
| |/ / / / |
|
| | |\ \ \ \
| | |/ / / |
|
| | | | | | |
|
| |\ \ \ \ \
| |/ / / / |
|
| | |\ \ \ \
| | |/ / / |
|
| | | |\ \ \
| | | |/ / |
|
| | | | |\ \
| | | | |/
| | | | |
| | | | |
| | | | | |
reverted about half of commits as either not applicable or
outright wrong
|
| | | | | | |
|
| | | |\ \ \
| | | |/ /
| | | | |
| | | | |
| | | | | |
Conflicts:
configure.cmake
|
| |\ \ \ \ \
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Conflicts:
VERSION
cmake/plugin.cmake
config.h.cmake
configure.cmake
plugin/server_audit/server_audit.c
sql/sql_yacc.yy
|
| | |\ \ \ \
| | | |/ /
| | |/| |
| | | | |
| | | | |
| | | | | |
Conflicts:
config.h.cmake
configure.cmake
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The check for UCONTEXT in cmake was somehow become broken, disabling the
fallback to ucontext. This caused the non-blocking client API to not be
available for non-x86 platforms, on which no hand-crafted assembler
implementation of my_context is available.
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
functionality
New capability flags space.
Removed old progress flag, added new one.
|
| |\ \ \ \
| | |/ /
| |/| | |
|
| | |\ \ \
| | |/ / |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Reimplement ssl_verify_server_cert() using the logic
from https://wiki.openssl.org/index.php/Hostname_validation
The bug was discovered by Alex Gaynor.
|
| | | | | |
|
| | | | | |
|
| |\ \ \ \
| |/ / / |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Replaced my_connect() with cross-plattform, timeout aware
vio_socket_connect() function
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Part 5: Removing calls to current_thd in net_read calls, creating fields,
query_cache, acl and some other places where thd was available
|
| |\ \ \ \
| |/ / / |
|
| | | | | |
|
| | |\ \ \
| | |/ / |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Using --ssl-verify-server-cert and --ssl[-*] implies that
the ssl connection is required. The mysql client will now print an error if ssl
is required, but the server can not handle a ssl connection.
|
| |\ \ \ \
| |/ / / |
|
| | |\ \ \
| | |/ / |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Don't use a fixed buffer for X509_NAME_oneline() in the client.
Do as the server does - allocate it dynamically.
For a test - regenerate certificates to have the server cert with
a long subject.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Replaced all references to LINT_INIT with UNINIT_VAR and LINT_INIT_STRUCT.
Removed LINT_INIT macro.
|
