You've already forked mariadb-connector-c
mirror of
https://github.com/mariadb-corporation/mariadb-connector-c.git
synced 2025-08-01 06:27:04 +03:00
8804593283
Fixes slow SSL handshakes in network-restricted environments. On Windows, the verification process uses the CertGetCertificateChain API, which may attempt to refresh the CA list or fetch CRLs/OCSP data from the network. This can trigger slow network lookups when no CA or CRL is explicitly specified. This patch disables these unnecessary network calls by using flags like CERT_CHAIN_CACHE_ONLY_URL_RETRIEVAL to prevent external requests during certificate chain validation. Additionally, it applies Microsoft-recommended optimizations to speed up certificate handling and avoid delays in SSL handshakes. Also, unless explicitly requested(via ca_cert or crl_file or similar), do not bother to verify name, CA or CRL for local connections. It saves time. The failures in verification were previously discarded anyway.