database/mariadb-connector-c
1
0
Fork 0
mirror of https://github.com/mariadb-corporation/mariadb-connector-c.git synced 2025-08-08 14:02:17 +03:00
Code Activity
2,334 Commits 93 Branches 92 Tags
3.4-ci
Commit Graph

75 Commits

Author SHA1 Message Date
Georg Richter
3b297e08c9 Revert "MDEV-14027: Determine TLS/SSL library version" 
This reverts commit 7b02cbb721.
 2017-10-15 09:30:24 +02:00
Georg Richter
7b02cbb721 MDEV-14027: Determine TLS/SSL library version 2017-10-15 06:07:54 +02:00
Georg Richter
7bcd78f93b CONC-286: 
- Force TLS/SSL connection if finger print options were specified
- Allow hex finger prints with colon separated 2 digit numbers
 2017-10-10 12:25:27 +02:00
Georg Richter
967b2830d8 renamed ma_errmsg.h back to errmsg.h 2016-11-16 18:13:59 +01:00
Georg Richter
468cda3cfb Fixed compilation errors introduced by 629ec646303.. 2016-10-18 10:53:31 +02:00
Georg Richter
c20974b039 - removed global context for tls, so code can be used also with no yassl branch in 10.2 
- added new gnutls cipher mapping
- fixed ssl test case: skip hostname verification if both server and client run on localhost
- added server certificates
 2016-10-17 16:02:51 +02:00
Georg Richter
9b436eaaf7 TLS fixes: 
- don't use password in global context
  - load keys and certs via callback functions
  - don't use gnutls_bye since server is not able to detect dead socket
  - fixed valgrind errors in gnutls
 2016-09-13 16:12:34 +02:00
Georg Richter
571dc5f397 Fixed crash in gnutls: 
In case handshake will fail a further call to gnutls_bye function will lead in a crash.
Therefore we free the ssl handle immediately after handshake failed.
 2016-09-08 09:45:37 +02:00
Georg Richter
7d26557cbc GnuTLS: Added support for cipher mapping 
The following openssl cipher names are supported and will be mapped to gnutls priority:
DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA AES256-GCM-SHA384 AES256-SHA256 AES256-SHA CAMELLIA256-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-CAMELLIA128-SHA AES128-GCM-SHA256 AES128-SHA256 AES128-SHA CAMELLIA128-SHA EDH-RSA-DES-CBC3-SHA DES-CBC3-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA AES256-SHA CAMELLIA256-SHA
 2016-09-08 08:36:07 +02:00
Georg Richter
9f88e25fd6 Compiler warning fixes 2016-09-03 12:46:50 +02:00
Georg Richter
4b1e94bccc Since we use TLS and not SSL functions and structures were renamed 
from SSL to TLS
 2016-03-16 18:20:08 +01:00
Georg Richter
ee004a83d3 GnuTLS fix: we need to check server certificate if no ca was specified 
but verify_server flag was set
 2016-02-29 15:47:50 +01:00
Georg Richter
85525c2ba7 Merge remote-tracking branch 'origin/3.1' 2016-02-16 17:40:03 +01:00
Georg Richter
509b948e7d SSL fixes: 
- added MARIADB_OPT_SSL_CIPHER_STRENGTH (value uint) for Schannel
- fixed mutes in all ssl variants
 2016-02-16 13:04:16 +01:00
Georg Richter
4ca933bb81 Global cleanup: 
removed global locks
  removed dead code and files
  removed dbug
 2016-02-08 18:43:02 +01:00
Georg Richter
88015678c9 removed my_vsnprintf 
removed llstr.c
renamed int2string function with prefix ma_
 2016-02-04 14:22:27 +01:00
Georg Richter
c5ca735dd3 Renamed prefixes for 10.2 integration 2016-02-02 12:12:04 +01:00
Georg Richter
f62a2e0270 Fixed several memory leaks in ma_ssl.c 2016-01-07 13:23:28 +01:00
Georg Richter
4cb9b79ced renamed MARIADB_OPT_SSL_PASSWORD to PASSPHRASE 
Since MySQL server is picky about cipher suites, cipher suites in GnuTLS
switched back to default (NORMAL) without RHE_DSA
 2016-01-05 09:49:49 +01:00
Georg Richter
d73e4c23a2 Added new API function mysql_get_info/mysql_get_infov which retrieves 
global or connection dependent information:

mysql_get_infov(MYSQL *mysql, enum mariadb_value value, void *arg, ...)

the following value types are supported:
    MARIADB_CHARSET_ID (requires numeric 4th parameter)
    MARIADB_CHARSET_INFO (requires string 4th parameter)
    MARIADB_CHARSET_NAME
    MARIADB_CLIENT_ERRORS
    MARIADB_CLIENT_VERSION
    MARIADB_CLIENT_VERSION_ID
    MARIADB_CONNECTION_ASYNC_TIMEOUT
    MARIADB_CONNECTION_ASYNC_TIMEOUT_MS
    MARIADB_CONNECTION_HOST
    MARIADB_CONNECTION_INFO
    MARIADB_CONNECTION_PORT
    MARIADB_CONNECTION_PROTOCOL_VERSION_ID
    MARIADB_CONNECTION_PVIO_TYPE
    MARIADB_CONNECTION_SCHEMA
    MARIADB_CONNECTION_SERVER_TYPE
    MARIADB_CONNECTION_SERVER_VERSION
    MARIADB_CONNECTION_SERVER_VERSION_ID
    MARIADB_CONNECTION_SOCKET
    MARIADB_CONNECTION_SSL_CIPHER
    MARIADB_CONNECTION_SSL_VERSION
    MARIADB_CONNECTION_SSL_VERSION_ID
    MARIADB_CONNECTION_TYPE
    MARIADB_CONNECTION_UNIX_SOCKET
    MARIADB_CONNECTION_USER
    MARIADB_MAX_ALLOWED_PACKET
    MARIADB_NET_BUFFER_LENGTH

MARIADB_CONNECTION prefix indicates that a valid connection handle has
to be passed as first parameter.
 2015-12-28 07:32:53 +01:00
Georg Richter
f30bb95c6a Fix for asynchronous (reconnect) 
Fixed memory leak after reconnect/change user
 2015-11-19 16:55:25 +01:00
Georg Richter
32f1903f97 Added new option MARIADB_OPT_SSL_PASSWORD which allows use of 
decrypted client certificate (private key only).
Currently this option is supported by GnuTLS and OpenSSL only
 2015-11-13 12:41:29 +01:00
Georg Richter
7500f37150 - Renamed cio to pvio (pluggable virtual IO) 
- minor fixes in windows schannel
 2015-10-27 10:24:48 +01:00
Georg Richter
4597cd6a80 Various ssl and schannel fixes 2015-09-10 17:16:21 +02:00
Georg Richter
23895fbd4f Fixed gnutls support 2015-08-13 14:01:33 +02:00