SSL fixes

2025-08-07 00:04:31 +03:00 · 2001-09-01 05:18:01 +08:00
parent de70f2c6df
commit 921cae2c5c
4 changed files with 46 additions and 24 deletions
--- a/client/mysql.cc
+++ b/client/mysql.cc
@@ -329,7 +329,7 @@ int main(int argc,char *argv[])
  put_info((char*) glob_buffer.ptr(),INFO_INFO);

 #ifdef HAVE_OPENSSL
-  if(SSL_get_cipher(mysql.net.vio->ssl_)) {
+  if(mysql.net.vio->ssl_ && SSL_get_cipher(mysql.net.vio->ssl_)) {
    sprintf((char*) glob_buffer.ptr(),
  	  "SSL cipher in use is %s\n", SSL_get_cipher(mysql.net.vio->ssl_));
    put_info((char*) glob_buffer.ptr(),INFO_INFO);
--- a/mysql-test/r/ssl.result
+++ b/mysql-test/r/ssl.result
@@ -0,0 +1,16 @@
+Variable_name	Value
+SSL_CTX_sess_accept	0
+SSL_CTX_sess_accept_good	0
+SSL_CTX_sess_accept_renegotiate	0
+SSL_CTX_sess_cb_hits	0
+SSL_CTX_sess_number	0
+SSL_CTX_get_session_cache_mode	SERVER
+SSL_CTX_sess_get_cache_size	128
+SSL_CTX_get_verify_mode	7
+SSL_CTX_get_verify_depth	4294967295
+SSL_get_verify_mode	0
+SSL_get_verify_depth	0
+SSL_session_reused	0
+SSL_get_version	
+SSL_get_cipher	
+SSL_get_default_timeout	0
--- a/mysql-test/t/ssl.test
+++ b/mysql-test/t/ssl.test
@@ -0,0 +1,4 @@
+
+
+SHOW STATUS LIKE 'SSL%';
+
--- a/sql/sql_show.cc
+++ b/sql/sql_show.cc
@@ -1155,6 +1155,7 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables)
          break;
        }
 #ifdef HAVE_OPENSSL
+	/* First group - functions relying on CTX */
      case SHOW_SSL_CTX_SESS_ACCEPT:
 	net_store_data(&packet2,(uint32) 
 			SSL_CTX_sess_accept(ssl_acceptor_fd->ssl_context_));
@@ -1167,10 +1168,6 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables)
 	net_store_data(&packet2,(uint32) 
 			SSL_CTX_sess_accept_renegotiate(ssl_acceptor_fd->ssl_context_));
        break;
-      case SHOW_SSL_GET_VERSION:
-	net_store_data(&packet2,
-			SSL_get_version(thd->net.vio->ssl_));
-        break;
      case SHOW_SSL_CTX_SESS_CB_HITS:
 	net_store_data(&packet2,(uint32) 
 			SSL_CTX_sess_cb_hits(ssl_acceptor_fd->ssl_context_));
@@ -1179,14 +1176,6 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables)
 	net_store_data(&packet2,(uint32) 
 			SSL_CTX_sess_number(ssl_acceptor_fd->ssl_context_));
        break;
-      case SHOW_SSL_SESSION_REUSED:
-	net_store_data(&packet2,(uint32) 
-			SSL_session_reused(thd->net.vio->ssl_));
-        break;
-      case SHOW_SSL_GET_DEFAULT_TIMEOUT:
-	net_store_data(&packet2,(uint32) 
-			SSL_get_default_timeout(thd->net.vio->ssl_));
-        break;
      case SHOW_SSL_CTX_SESS_GET_CACHE_SIZE:
 	net_store_data(&packet2,(uint32) 
 			SSL_CTX_sess_get_cache_size(ssl_acceptor_fd->ssl_context_));
@@ -1195,21 +1184,10 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables)
 	net_store_data(&packet2,(uint32) 
 			SSL_CTX_get_verify_mode(ssl_acceptor_fd->ssl_context_));
        break;
-      case SHOW_SSL_GET_VERIFY_MODE:
-	net_store_data(&packet2,(uint32) 
-			SSL_get_verify_mode(thd->net.vio->ssl_));
-        break;
      case SHOW_SSL_CTX_GET_VERIFY_DEPTH:
 	net_store_data(&packet2,(uint32) 
 			SSL_CTX_get_verify_depth(ssl_acceptor_fd->ssl_context_));
        break;
-      case SHOW_SSL_GET_VERIFY_DEPTH:
-	net_store_data(&packet2,(uint32) 
-			SSL_get_verify_depth(thd->net.vio->ssl_));
-        break;
-      case SHOW_SSL_GET_CIPHER:
-	net_store_data(&packet2, SSL_get_cipher(thd->net.vio->ssl_));
-        break;
      case SHOW_SSL_CTX_GET_SESSION_CACHE_MODE:
 	switch(SSL_CTX_get_session_cache_mode(ssl_acceptor_fd->ssl_context_))
 	{
@@ -1236,6 +1214,30 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables)
 	    break;
 	}
        break;
+	/* First group - functions relying on SSL */
+      case SHOW_SSL_GET_VERSION:
+	net_store_data(&packet2, thd->net.vio->ssl_ ? 
+			SSL_get_version(thd->net.vio->ssl_) : "");
+        break;
+      case SHOW_SSL_SESSION_REUSED:
+	net_store_data(&packet2,(uint32) (thd->net.vio->ssl_ ? 
+			SSL_session_reused(thd->net.vio->ssl_) : 0));
+        break;
+      case SHOW_SSL_GET_DEFAULT_TIMEOUT:
+	net_store_data(&packet2,(uint32) (thd->net.vio->ssl_ ?
+			SSL_get_default_timeout(thd->net.vio->ssl_):0));
+        break;
+      case SHOW_SSL_GET_VERIFY_MODE:
+	net_store_data(&packet2,(uint32) (thd->net.vio->ssl_ ?
+			SSL_get_verify_mode(thd->net.vio->ssl_):0));
+        break;
+      case SHOW_SSL_GET_VERIFY_DEPTH:
+	net_store_data(&packet2,(uint32) (thd->net.vio->ssl_ ?
+			SSL_get_verify_depth(thd->net.vio->ssl_):0));
+        break;
+      case SHOW_SSL_GET_CIPHER:
+	net_store_data(&packet2, thd->net.vio->ssl_ ? SSL_get_cipher(thd->net.vio->ssl_) : "");
+        break;

 #endif /* HAVE_OPENSSL */
      }