CONC-224: Allow to build Connector/C without TLS/SSL support.

- CMake option -DWITH_SSL=OFF disables TLS/SSL support for connector/c - Fixed warning when building with OpenSSL 1.1.0c
2025-08-07 02:42:49 +03:00 · 2017-01-11 15:17:53 +01:00
parent ee6f05cc73
commit 65d2c41921
3 changed files with 16 additions and 7 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -61,6 +61,7 @@ ADD_OPTION(WITH_DYNCOL "Enables support of dynamic coluumns" ON)
 ADD_OPTION(WITH_EXTERNAL_ZLIB "Enables use of external zlib" OFF)
 ADD_OPTION(WITH_CURL "Enables use of curl" ON)
 ADD_OPTION(WITH_SQLITE "Experimental" OFF)
+ADD_OPTION(WITH_SSL "Enables use of TLS/SSL library" ON)
 MARK_AS_ADVANCED(${OPT}WITH_SQLITE)
 ###############

@@ -231,7 +232,7 @@ INCLUDE(${CC_SOURCE_DIR}/cmake/CheckFunctions.cmake)
 # check for various types
 INCLUDE(${CC_SOURCE_DIR}/cmake/CheckTypes.cmake)

-IF(NOT WITH_SSL OR WITH_SSL STREQUAL "OFF")
+IF(WITH_SSL STREQUAL "ON")
  IF(WIN32)
    SET(WITH_SSL "SCHANNEL")
  ELSE()
--- a/libmariadb/mariadb_lib.c
+++ b/libmariadb/mariadb_lib.c
@@ -1008,8 +1008,12 @@ error:
 }

 int STDCALL
-mysql_ssl_set(MYSQL *mysql, const char *key, const char *cert,
-        const char *ca, const char *capath, const char *cipher)
+mysql_ssl_set(MYSQL *mysql __attribute__((unused)), 
+              const char *key __attribute__((unused)),
+              const char *cert __attribute__((unused)),
+              const char *ca __attribute__((unused)),
+              const char *capath __attribute__((unused)),
+              const char *cipher __attribute__((unused)))
 {
 #ifdef HAVE_TLS
  char enable= 1;
@@ -1028,7 +1032,7 @@ mysql_ssl_set(MYSQL *mysql, const char *key, const char *cert,
 **************************************************************************/

 const char * STDCALL
-mysql_get_ssl_cipher(MYSQL *mysql)
+mysql_get_ssl_cipher(MYSQL *mysql __attribute__((unused)))
 {
 #ifdef HAVE_TLS
  if (mysql->net.pvio && mysql->net.pvio->ctls)
--- a/libmariadb/secure/openssl.c
+++ b/libmariadb/secure/openssl.c
@@ -669,7 +669,11 @@ int ma_tls_verify_server_cert(MARIADB_TLS *ctls)
  if (!(cn_asn1 = X509_NAME_ENTRY_get_data(cn_entry)))
    goto error;

+#if OPENSSL_VERSION_NUMBER < 0x10100000L
  cn_str = (char *)ASN1_STRING_data(cn_asn1);
+#else
+  cn_str = (char *)ASN1_STRING_get0_data(cn_asn1);
+#endif

  /* Make sure there is no embedded \0 in the CN */
  if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn_str))