From 4c6426fc751374aaa89c54d9d4d616c026cdd725 Mon Sep 17 00:00:00 2001
From: Vladislav Vaintroub <wlad@montyprogram.com>
Date: Tue, 27 Dec 2011 01:14:54 +0100
Subject: Fix LPBUG# : allow chain certificate files to work.

Contributed by Maarten Vanraes (AL13N)

Fix things so that chains of certificates work in the server and client
certificate files.

This only really works for OpenSSL-based builds, as yassl is unable to read
multiple certificates from a file.  The patch below to yassl/src/ssl.cpp
doesn't fix that, but just arranges that the viosslfactories.c patch won't
have any ill effects in a yassl build.
---
 vio/viosslfactories.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'vio')

diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
index d71021452d1..7c9269de853 100644
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -100,7 +100,7 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file,
 		       (long) ctx, cert_file, key_file));
   if (cert_file)
   {
-    if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0)
+    if (SSL_CTX_use_certificate_chain_file(ctx, cert_file) <= 0)
     {
       *error= SSL_INITERR_CERT;
       DBUG_PRINT("error",("%s from file '%s'", sslGetErrString(*error), cert_file));
-- 
cgit v1.2.1