Remove server certification verification

Since the server certification option is used by client only, there is no need to have this flag in server and or client capabilities. The server itself validates client certificate depending on the user definition.
2025-08-08 14:02:17 +03:00 · 2023-07-13 09:30:33 +02:00
parent d543bed61b
commit 45feebb99d
8 changed files with 13 additions and 15 deletions
--- a/libmariadb/secure/schannel.c
+++ b/libmariadb/secure/schannel.c
@@ -448,11 +448,11 @@ my_bool ma_tls_connect(MARIADB_TLS *ctls)
    goto end;

   verify_certs =  mysql->options.ssl_ca || mysql->options.ssl_capath ||
-     (mysql->client_flag & CLIENT_SSL_VERIFY_SERVER_CERT);
+     (mysql->options.extension->tls_verify_server_cert);

  if (verify_certs)
  {
-    if (!ma_schannel_verify_certs(ctls, (mysql->client_flag & CLIENT_SSL_VERIFY_SERVER_CERT)))
+    if (!ma_schannel_verify_certs(ctls, mysql->options.extension->tls_verify_server_cert))
      goto end;
  }