Commit f7acb850 authored by unknown's avatar unknown

Bug#24121 Incorrect test for SSL_VERIFY_SERVER_CERT

 - Interpret the pointer passed to 'mysql_options' for
   MYSQL_OPT_SSL_VERIFY_SERVER_CERT as a my_bool
 - In 5.1 the mysql_options signature will be chanegd to take
   a 'void*' in order to further emphasize the need for a pointer
   to correct type


client/mysqltest.c:
  Turn on ssl_verify_server_cert for all connections to "localhost"
  in mysqltest
sql-common/client.c:
  The pointer passed to 'mysql_options' for MYSQL_OPT_SSL_VERIFY_SERVER_CERT
  should be interpreted as a my_bool pointer (aka char*).
parent 9b2e0127
......@@ -3534,7 +3534,7 @@ void do_connect(struct st_command *command)
opt_ssl_capath, opt_ssl_cipher);
#if MYSQL_VERSION_ID >= 50000
/* Turn on ssl_verify_server_cert only if host is "localhost" */
opt_ssl_verify_server_cert= !strcmp(ds_connection_name.str, "localhost");
opt_ssl_verify_server_cert= !strcmp(ds_host.str, "localhost");
mysql_options(&next_con->mysql, MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
&opt_ssl_verify_server_cert);
#endif
......@@ -6002,15 +6002,13 @@ int main(int argc, char **argv)
#ifdef HAVE_OPENSSL
#if MYSQL_VERSION_ID >= 50000
opt_ssl_verify_server_cert= TRUE; /* Always on in mysqltest */
#endif
if (opt_use_ssl)
{
mysql_ssl_set(&cur_con->mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
opt_ssl_capath, opt_ssl_cipher);
#if MYSQL_VERSION_ID >= 50000
/* Turn on ssl_verify_server_cert only if host is "localhost" */
opt_ssl_verify_server_cert= opt_host && !strcmp(opt_host, "localhost");
mysql_options(&cur_con->mysql, MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
&opt_ssl_verify_server_cert);
#endif
......
......@@ -3022,7 +3022,7 @@ mysql_options(MYSQL *mysql,enum mysql_option option, const char *arg)
mysql->reconnect= *(my_bool *) arg;
break;
case MYSQL_OPT_SSL_VERIFY_SERVER_CERT:
if (!arg || test(*(uint*) arg))
if (*(my_bool*) arg)
mysql->options.client_flag|= CLIENT_SSL_VERIFY_SERVER_CERT;
else
mysql->options.client_flag&= ~CLIENT_SSL_VERIFY_SERVER_CERT;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment