This reverts 395641549ac7..536d9e2b9e5b, in particular:
8dffd56936 MDEV-31857 enable MYSQL_OPT_SSL_VERIFY_SERVER_CERT by default
a99570c118 MDEV-31855 SSL cert validation protocol extension
9aa15e72a7 TLS fingerprint
and related commits
* extend the client auth plugin API with a new callback
* relax the plugin version check to allow load a plugin with the
same major version, even if the minor versions differ
* implement the protocol extension:
- don't abort at once if the certificate is self signed and
no CA was explicitly specified
- allow it if it passes fingerprint check
- allow it if plugin has hash_password_bin callback, password was
non-empty and the control hash matches server's
Plugin configuration happens now in CMakeLists.txt files in corresponding plugin directories.
plugins.cmake now contains REGISTER_PLUGIN_FUNCTION which accepts the following parameters:
- TARGET: the name of the plugin (dynamic plugins will be named ${TARGET}.so (or .dll)
- SOURCES: source files
- LIBRARIES: additional libraries for linking
- INCLUDES: include directories
- CONFIGURATIONS: possible plugin configurations: valid arguments are DYNAMIC, STATIC, OFF
- DEFAULT: default configuration (see CONFIGURATIONS)
- COMPILE_OPTIONS: compiler flags
The default plugin configuration can be specified via cmake parameter -DCLIENT_PLUGIN_${TARGET}=[DYNAMIC|STATIC|OFF]
1) packet_length must be signed, for <0 comparison to ever succeed
2) after type=type>>1, one can no longer know whether the original
type has the first bit set.
- changed plugin API to avoid crashes: Oracle/MariaDB changed
structure several times without updating interface version.
- ABI fixes: moved additional net items to net->extension (connection
handler and com_multi buffer)
changed type of length parameter in mysql_stmt_prepare,
mysql_real_query, mysql_stmt_send_long_data (incl. async _start
functions) from unsigned long to size_t.
Fixed warnings
to load plugins from a different destination than PLUGINDIR.
- added dialog plugin for authentication (e.g. PAM). If an application provides
it's own dialog function, the name must be mariadb_auth_dialog (or for libmysql
compatibility mysql_authentication_dialog_ask).
Windows-Todo:
1. provide a simple GUI dialog on windows, in case opening the console failed.
2. convert data from console code page to character set of current connection
