database/mariadb-connector-c
1
0
Fork 0
mirror of https://github.com/mariadb-corporation/mariadb-connector-c.git synced 2025-08-08 14:02:17 +03:00
Code Activity

renamed MARIADB_OPT_SSL_PASSWORD to PASSPHRASE

Browse Source 
Since MySQL server is picky about cipher suites, cipher suites in GnuTLS
switched back to default (NORMAL) without RHE_DSA
This commit is contained in:
Georg Richter
2016-01-05 09:49:49 +01:00
parent b5cf443681
commit 4cb9b79ced
5 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/mysql.h
View File

@@ -213,7 +213,7 @@ extern unsigned int mariadb_deinitialize_ssl;
MYSQL_DATABASE_DRIVER=7000, MYSQL_DATABASE_DRIVER=7000,
MARIADB_OPT_SSL_FP, /* single finger print for server certificate verification */ MARIADB_OPT_SSL_FP, /* single finger print for server certificate verification */
MARIADB_OPT_SSL_FP_LIST, /* finger print white list for server certificate verification */ MARIADB_OPT_SSL_FP_LIST, /* finger print white list for server certificate verification */
MARIADB_OPT_SSL_PASSWORD, /* password for encrypted certificates */ MARIADB_OPT_SSL_PASSPHRASE, /* passphrase for encrypted certificates */
MARIADB_OPT_CONNECTION_READ_ONLY, MARIADB_OPT_CONNECTION_READ_ONLY,
MYSQL_OPT_CONNECT_ATTRS, /* for mysql_get_optionv */ MYSQL_OPT_CONNECT_ATTRS, /* for mysql_get_optionv */
MARIADB_OPT_USERDATA MARIADB_OPT_USERDATA

4
libmariadb/libmariadb.c
View File

@@ -2948,7 +2948,7 @@ mysql_optionsv(MYSQL *mysql,enum mysql_option option, ...)
case MARIADB_OPT_SSL_FP_LIST: case MARIADB_OPT_SSL_FP_LIST:
OPT_SET_EXTENDED_VALUE_STR(&mysql->options, ssl_fp_list, (char *)arg1); OPT_SET_EXTENDED_VALUE_STR(&mysql->options, ssl_fp_list, (char *)arg1);
break; break;
case MARIADB_OPT_SSL_PASSWORD: case MARIADB_OPT_SSL_PASSPHRASE:
OPT_SET_EXTENDED_VALUE_STR(&mysql->options, ssl_pw, (char *)arg1); OPT_SET_EXTENDED_VALUE_STR(&mysql->options, ssl_pw, (char *)arg1);
break; break;
case MARIADB_OPT_CONNECTION_READ_ONLY: case MARIADB_OPT_CONNECTION_READ_ONLY:
@@ -3119,7 +3119,7 @@ mysql_get_optionv(MYSQL *mysql, enum mysql_option option, void *arg, ...)
case MARIADB_OPT_SSL_FP_LIST: case MARIADB_OPT_SSL_FP_LIST:
*((char **)arg)= mysql->options.extension ? mysql->options.extension->ssl_fp_list : NULL; *((char **)arg)= mysql->options.extension ? mysql->options.extension->ssl_fp_list : NULL;
break; break;
case MARIADB_OPT_SSL_PASSWORD: case MARIADB_OPT_SSL_PASSPHRASE:
*((char **)arg)= mysql->options.extension ? mysql->options.extension->ssl_pw : NULL; *((char **)arg)= mysql->options.extension ? mysql->options.extension->ssl_pw : NULL;
break; break;
/* todo /* todo

2
libmariadb/secure/gnutls.c
View File

@@ -204,7 +204,7 @@ void *ma_ssl_init(MYSQL *mysql)
goto error; goto error;
gnutls_session_set_ptr(ssl, (void *)mysql); gnutls_session_set_ptr(ssl, (void *)mysql);
ssl_error= gnutls_priority_set_direct(ssl, "NORMAL:-DHE-RSA", &err); ssl_error= gnutls_priority_set_direct(ssl, "NORMAL", &err);
if (ssl_error < 0) if (ssl_error < 0)
goto error; goto error;

2
unittest/libmariadb/connection.c
View File

@@ -755,7 +755,7 @@ static int test_get_options(MYSQL *my)
int options_char[]= {MYSQL_READ_DEFAULT_FILE, MYSQL_READ_DEFAULT_GROUP, MYSQL_SET_CHARSET_NAME, int options_char[]= {MYSQL_READ_DEFAULT_FILE, MYSQL_READ_DEFAULT_GROUP, MYSQL_SET_CHARSET_NAME,
MYSQL_OPT_SSL_KEY, MYSQL_OPT_SSL_CA, MYSQL_OPT_SSL_CERT, MYSQL_OPT_SSL_CAPATH, MYSQL_OPT_SSL_KEY, MYSQL_OPT_SSL_CA, MYSQL_OPT_SSL_CERT, MYSQL_OPT_SSL_CAPATH,
MYSQL_OPT_SSL_CIPHER, MYSQL_OPT_BIND, MARIADB_OPT_SSL_FP, MARIADB_OPT_SSL_FP_LIST, MYSQL_OPT_SSL_CIPHER, MYSQL_OPT_BIND, MARIADB_OPT_SSL_FP, MARIADB_OPT_SSL_FP_LIST,
MARIADB_OPT_SSL_PASSWORD, 0}; MARIADB_OPT_SSL_PASSPHRASE, 0};
char *init_command[3]= {"SET @a:=1", "SET @b:=2", "SET @c:=3"}; char *init_command[3]= {"SET @a:=1", "SET @b:=2", "SET @c:=3"};
int elements= 0; int elements= 0;

4
unittest/libmariadb/ssl.c.in
View File

@@ -55,7 +55,7 @@ static int check_cipher(MYSQL *mysql)
#ifdef HAVE_GNUTLS #ifdef HAVE_GNUTLS
{ {
return strcmp(cipher, "AES-128-GCM"); return strcmp(cipher, "AES-256-CBC");
} }
#elif HAVE_OPENSSL #elif HAVE_OPENSSL
if (!strcmp(cipher, "DHE-RSA-AES256-SHA") || if (!strcmp(cipher, "DHE-RSA-AES256-SHA") ||
@@ -388,7 +388,7 @@ static int test_password_protected(MYSQL *my)
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/client-cert.pem", "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/client-cert.pem",
"@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0); "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca-cert.pem", 0, 0);
mysql_options(mysql, MARIADB_OPT_SSL_PASSWORD, "qwerty"); mysql_options(mysql, MARIADB_OPT_SSL_PASSPHRASE, "qwerty");
FAIL_IF(!mysql_real_connect(mysql, hostname, ssluser, sslpw, schema, FAIL_IF(!mysql_real_connect(mysql, hostname, ssluser, sslpw, schema,
port, socketname, 0), mysql_error(mysql)); port, socketname, 0), mysql_error(mysql));