Commit 0cab1b14 authored by unknown's avatar unknown
Browse files

Merge 192.168.0.10:mysql/yassL-import/my50-yassL-import 

into  pilot.mysql.com:/home/msvensson/mysql/mysql-5.0-maint


vio/viosslfactories.c:
  Auto merged
parents 38ae0976 5ccb23ae

extra/yassl/taocrypt/src/asn.cpp

+13 −1
Original line number Diff line number Diff line
@@ -732,9 +732,21 @@ void CertDecoder::GetName(NameType nt) 
            source_.advance(strLen);

        }

        else {

            // skip

            bool email = false;

            if (joint[0] == 0x2a && joint[1] == 0x86)  // email id hdr

                email = true;



            source_.advance(oidSz + 1);

            word32 length = GetLength(source_);



            if (email) {

                memcpy(&ptr[idx], "/emailAddress=", 14);

                idx += 14;



                memcpy(&ptr[idx], source_.get_current(), length);

                idx += length;

            }



            source_.advance(length);

        }

    }

mysql-test/r/openssl_1.result

+2 −2
Original line number Diff line number Diff line
@@ -3,8 +3,8 @@ create table t1(f1 int); 
insert into t1 values (5);

grant select on test.* to ssl_user1@localhost require SSL;

grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";

grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";

grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";

grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com";

grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";

grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";

flush privileges;

connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET);

mysql-test/t/openssl_1.test

+2 −2
Original line number Diff line number Diff line
@@ -10,8 +10,8 @@ insert into t1 values (5); 


grant select on test.* to ssl_user1@localhost require SSL;

grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";

grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";

grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";

grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com";

grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";

grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";

flush privileges;

vio/viosslfactories.c

+14 −9
Original line number Diff line number Diff line
@@ -84,10 +84,10 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file) 
  {

    if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0)

    {

      DBUG_PRINT("error",("unable to get certificate from '%s'\n", cert_file));

      fprintf(stderr,"SSL error: ");

      ERR_print_errors_fp(stderr);

      fprintf(stderr,"Unable to get certificate from '%s'\n", cert_file);

      DBUG_PRINT("error",("unable to get certificate from '%s'", cert_file));

      DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););

      fprintf(stderr, "SSL error: Unable to get certificate from '%s'\n",

              cert_file);

      fflush(stderr);

      DBUG_RETURN(1);

    }
@@ -97,10 +97,10 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file) 


    if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) <= 0)

    {

      DBUG_PRINT("error", ("unable to get private key from '%s'\n", key_file));

      fprintf(stderr,"SSL error: ");

      ERR_print_errors_fp(stderr);

      fprintf(stderr,"Unable to get private key from '%s'\n", key_file);

      DBUG_PRINT("error", ("unable to get private key from '%s'", key_file));

      DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););

      fprintf(stderr, "SSL error: Unable to get private key from '%s'\n",

              key_file);

      fflush(stderr);

      DBUG_RETURN(1);

    }
@@ -112,7 +112,12 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file) 
    if (!SSL_CTX_check_private_key(ctx))

    {

      DBUG_PRINT("error",

		 ("Private key does not match the certificate public key\n"));

		 ("Private key does not match the certificate public key"));

      DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););

      fprintf(stderr,

              "SSL error: "

              "Private key does not match the certificate public key\n");

      fflush(stderr);

      DBUG_RETURN(1);

    }

  }