2001-12-06 13:10:51 +01:00
|
|
|
/* Copyright (C) 2000 MySQL AB
|
|
|
|
|
|
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
|
|
|
it under the terms of the GNU General Public License as published by
|
2006-12-23 20:17:15 +01:00
|
|
|
the Free Software Foundation; version 2 of the License.
|
2001-12-06 13:10:51 +01:00
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
2001-07-24 08:07:46 +02:00
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
2001-12-06 13:10:51 +01:00
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
GNU General Public License for more details.
|
2001-05-20 14:04:46 +02:00
|
|
|
|
2001-12-06 13:10:51 +01:00
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
|
along with this program; if not, write to the Free Software
|
|
|
|
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */
|
2001-05-20 14:04:46 +02:00
|
|
|
|
2003-08-27 01:51:39 +02:00
|
|
|
#include "vio_priv.h"
|
2001-07-24 08:07:46 +02:00
|
|
|
|
|
|
|
|
#ifdef HAVE_OPENSSL
|
|
|
|
|
|
2008-02-18 23:29:39 +01:00
|
|
|
static my_bool ssl_algorithms_added = FALSE;
|
|
|
|
|
static my_bool ssl_error_strings_loaded= FALSE;
|
2001-05-20 14:04:46 +02:00
|
|
|
|
2002-06-11 10:20:31 +02:00
|
|
|
static unsigned char dh512_p[]=
|
|
|
|
|
{
|
2001-08-31 23:51:52 +02:00
|
|
|
0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
|
|
|
|
|
0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
|
|
|
|
|
0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
|
|
|
|
|
0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
|
|
|
|
|
0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
|
|
|
|
|
0x47,0x74,0xE8,0x33,
|
|
|
|
|
};
|
2002-06-11 10:20:31 +02:00
|
|
|
|
2001-08-31 23:51:52 +02:00
|
|
|
static unsigned char dh512_g[]={
|
|
|
|
|
0x02,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static DH *get_dh512(void)
|
|
|
|
|
{
|
2002-06-11 10:20:31 +02:00
|
|
|
DH *dh;
|
|
|
|
|
if ((dh=DH_new()))
|
|
|
|
|
{
|
|
|
|
|
dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
|
|
|
|
|
dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
|
|
|
|
|
if (! dh->p || ! dh->g)
|
|
|
|
|
{
|
|
|
|
|
DH_free(dh);
|
|
|
|
|
dh=0;
|
|
|
|
|
}
|
|
|
|
|
}
|
2001-08-31 23:51:52 +02:00
|
|
|
return(dh);
|
|
|
|
|
}
|
2001-05-20 14:04:46 +02:00
|
|
|
|
2002-06-11 10:20:31 +02:00
|
|
|
|
2001-05-20 14:04:46 +02:00
|
|
|
static void
|
|
|
|
|
report_errors()
|
|
|
|
|
{
|
|
|
|
|
unsigned long l;
|
|
|
|
|
const char* file;
|
|
|
|
|
const char* data;
|
|
|
|
|
int line,flags;
|
|
|
|
|
|
|
|
|
|
DBUG_ENTER("report_errors");
|
|
|
|
|
|
|
|
|
|
while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0)
|
|
|
|
|
{
|
2002-09-18 20:04:49 +02:00
|
|
|
#ifndef DBUG_OFF /* Avoid warning */
|
2001-05-20 14:04:46 +02:00
|
|
|
char buf[200];
|
|
|
|
|
DBUG_PRINT("error", ("OpenSSL: %s:%s:%d:%s\n", ERR_error_string(l,buf),
|
2002-06-11 10:20:31 +02:00
|
|
|
file,line,(flags & ERR_TXT_STRING) ? data : "")) ;
|
2002-09-18 20:04:49 +02:00
|
|
|
#endif
|
2001-05-20 14:04:46 +02:00
|
|
|
}
|
|
|
|
|
DBUG_VOID_RETURN;
|
|
|
|
|
}
|
|
|
|
|
|
2009-07-23 13:38:11 +02:00
|
|
|
static const char*
|
|
|
|
|
ssl_error_string[] =
|
|
|
|
|
{
|
|
|
|
|
"No error",
|
|
|
|
|
"Unable to get certificate",
|
|
|
|
|
"Unable to get private key",
|
|
|
|
|
"Private key does not match the certificate public key"
|
|
|
|
|
"SSL_CTX_set_default_verify_paths failed",
|
|
|
|
|
"Failed to set ciphers to use",
|
|
|
|
|
"SSL_CTX_new failed"
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const char*
|
|
|
|
|
sslGetErrString(enum enum_ssl_init_error e)
|
|
|
|
|
{
|
|
|
|
|
DBUG_ASSERT(SSL_INITERR_NOERROR < e && e < SSL_INITERR_LASTERR);
|
|
|
|
|
return ssl_error_string[e];
|
|
|
|
|
}
|
2001-05-20 14:04:46 +02:00
|
|
|
|
|
|
|
|
static int
|
2009-07-23 13:38:11 +02:00
|
|
|
vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file,
|
|
|
|
|
enum enum_ssl_init_error* error)
|
2001-05-20 14:04:46 +02:00
|
|
|
{
|
|
|
|
|
DBUG_ENTER("vio_set_cert_stuff");
|
2006-11-20 21:42:06 +01:00
|
|
|
DBUG_PRINT("enter", ("ctx: 0x%lx cert_file: %s key_file: %s",
|
|
|
|
|
(long) ctx, cert_file, key_file));
|
2006-03-10 16:41:14 +01:00
|
|
|
if (cert_file)
|
2001-05-20 14:04:46 +02:00
|
|
|
{
|
2006-03-10 16:41:14 +01:00
|
|
|
if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0)
|
2001-05-20 14:04:46 +02:00
|
|
|
{
|
2009-07-23 13:38:11 +02:00
|
|
|
*error= SSL_INITERR_CERT;
|
|
|
|
|
DBUG_PRINT("error",("%s from file '%s'", sslGetErrString(*error), cert_file));
|
2007-02-06 17:33:11 +01:00
|
|
|
DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););
|
2009-07-23 13:38:11 +02:00
|
|
|
fprintf(stderr, "SSL error: %s from '%s'\n", sslGetErrString(*error),
|
2007-02-06 17:33:11 +01:00
|
|
|
cert_file);
|
2002-11-05 09:05:58 +01:00
|
|
|
fflush(stderr);
|
2006-03-10 16:41:14 +01:00
|
|
|
DBUG_RETURN(1);
|
2001-05-20 14:04:46 +02:00
|
|
|
}
|
2006-03-10 16:41:14 +01:00
|
|
|
|
|
|
|
|
if (!key_file)
|
|
|
|
|
key_file= cert_file;
|
|
|
|
|
|
|
|
|
|
if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) <= 0)
|
2001-05-20 14:04:46 +02:00
|
|
|
{
|
2009-07-23 13:38:11 +02:00
|
|
|
*error= SSL_INITERR_KEY;
|
|
|
|
|
DBUG_PRINT("error", ("%s from file '%s'", sslGetErrString(*error), key_file));
|
2007-02-06 17:33:11 +01:00
|
|
|
DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););
|
2009-07-23 13:38:11 +02:00
|
|
|
fprintf(stderr, "SSL error: %s from '%s'\n", sslGetErrString(*error),
|
2007-02-06 17:33:11 +01:00
|
|
|
key_file);
|
2006-03-10 16:41:14 +01:00
|
|
|
fflush(stderr);
|
|
|
|
|
DBUG_RETURN(1);
|
2001-05-20 14:04:46 +02:00
|
|
|
}
|
|
|
|
|
|
2002-06-11 10:20:31 +02:00
|
|
|
/*
|
|
|
|
|
If we are using DSA, we can copy the parameters from the private key
|
|
|
|
|
Now we know that a key and cert have been set against the SSL context
|
|
|
|
|
*/
|
2001-05-20 14:04:46 +02:00
|
|
|
if (!SSL_CTX_check_private_key(ctx))
|
|
|
|
|
{
|
2009-07-23 13:38:11 +02:00
|
|
|
*error= SSL_INITERR_NOMATCH;
|
|
|
|
|
DBUG_PRINT("error", ("%s",sslGetErrString(*error)));
|
2007-02-06 17:33:11 +01:00
|
|
|
DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););
|
2009-07-23 13:38:11 +02:00
|
|
|
fprintf(stderr, "SSL error: %s\n", sslGetErrString(*error));
|
2007-02-06 17:33:11 +01:00
|
|
|
fflush(stderr);
|
2006-03-10 16:41:14 +01:00
|
|
|
DBUG_RETURN(1);
|
2001-05-20 14:04:46 +02:00
|
|
|
}
|
|
|
|
|
}
|
2006-03-10 16:41:14 +01:00
|
|
|
DBUG_RETURN(0);
|
2001-05-20 14:04:46 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2004-05-25 21:00:14 +02:00
|
|
|
#ifdef __NETWARE__
|
|
|
|
|
|
|
|
|
|
/* NetWare SSL cleanup */
|
|
|
|
|
void netware_ssl_cleanup()
|
|
|
|
|
{
|
|
|
|
|
/* free memory from SSL_library_init() */
|
|
|
|
|
EVP_cleanup();
|
|
|
|
|
|
2006-10-24 10:43:15 +02:00
|
|
|
/* OpenSSL NetWare port specific functions */
|
|
|
|
|
#ifndef HAVE_YASSL
|
|
|
|
|
|
2004-05-25 21:00:14 +02:00
|
|
|
/* free global X509 method */
|
|
|
|
|
X509_STORE_method_cleanup();
|
|
|
|
|
|
|
|
|
|
/* free the thread_hash error table */
|
|
|
|
|
ERR_free_state_table();
|
2006-10-24 10:43:15 +02:00
|
|
|
#endif
|
2004-05-25 21:00:14 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* NetWare SSL initialization */
|
|
|
|
|
static void netware_ssl_init()
|
|
|
|
|
{
|
|
|
|
|
/* cleanup OpenSSL library */
|
|
|
|
|
NXVmRegisterExitHandler(netware_ssl_cleanup, NULL);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endif /* __NETWARE__ */
|
|
|
|
|
|
|
|
|
|
|
2006-03-10 16:41:14 +01:00
|
|
|
static void check_ssl_init()
|
2001-05-20 14:04:46 +02:00
|
|
|
{
|
|
|
|
|
if (!ssl_algorithms_added)
|
|
|
|
|
{
|
2006-03-10 16:41:14 +01:00
|
|
|
ssl_algorithms_added= TRUE;
|
2005-11-29 09:15:48 +01:00
|
|
|
SSL_library_init();
|
2001-07-24 08:07:46 +02:00
|
|
|
OpenSSL_add_all_algorithms();
|
2006-03-10 16:41:14 +01:00
|
|
|
|
2001-05-20 14:04:46 +02:00
|
|
|
}
|
2006-03-10 16:41:14 +01:00
|
|
|
|
2005-11-29 09:15:48 +01:00
|
|
|
#ifdef __NETWARE__
|
|
|
|
|
netware_ssl_init();
|
|
|
|
|
#endif
|
|
|
|
|
|
2001-05-20 14:04:46 +02:00
|
|
|
if (!ssl_error_strings_loaded)
|
|
|
|
|
{
|
2006-03-10 16:41:14 +01:00
|
|
|
ssl_error_strings_loaded= TRUE;
|
2001-05-20 14:04:46 +02:00
|
|
|
SSL_load_error_strings();
|
|
|
|
|
}
|
2006-03-10 16:41:14 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/************************ VioSSLFd **********************************/
|
2006-05-08 17:14:06 +02:00
|
|
|
static struct st_VioSSLFd *
|
2006-03-10 16:41:14 +01:00
|
|
|
new_VioSSLFd(const char *key_file, const char *cert_file,
|
|
|
|
|
const char *ca_file, const char *ca_path,
|
2009-07-23 13:38:11 +02:00
|
|
|
const char *cipher, SSL_METHOD *method,
|
|
|
|
|
enum enum_ssl_init_error* error)
|
2006-03-10 16:41:14 +01:00
|
|
|
{
|
|
|
|
|
DH *dh;
|
|
|
|
|
struct st_VioSSLFd *ssl_fd;
|
|
|
|
|
DBUG_ENTER("new_VioSSLFd");
|
2007-02-23 12:13:55 +01:00
|
|
|
DBUG_PRINT("enter",
|
|
|
|
|
("key_file: '%s' cert_file: '%s' ca_file: '%s' ca_path: '%s' "
|
|
|
|
|
"cipher: '%s'",
|
|
|
|
|
key_file ? key_file : "NULL",
|
|
|
|
|
cert_file ? cert_file : "NULL",
|
|
|
|
|
ca_file ? ca_file : "NULL",
|
|
|
|
|
ca_path ? ca_path : "NULL",
|
|
|
|
|
cipher ? cipher : "NULL"));
|
2006-03-10 16:41:14 +01:00
|
|
|
|
|
|
|
|
check_ssl_init();
|
|
|
|
|
|
|
|
|
|
if (!(ssl_fd= ((struct st_VioSSLFd*)
|
|
|
|
|
my_malloc(sizeof(struct st_VioSSLFd),MYF(0)))))
|
|
|
|
|
DBUG_RETURN(0);
|
|
|
|
|
|
|
|
|
|
if (!(ssl_fd->ssl_context= SSL_CTX_new(method)))
|
2001-05-20 14:04:46 +02:00
|
|
|
{
|
2009-07-23 13:38:11 +02:00
|
|
|
*error= SSL_INITERR_MEMFAIL;
|
|
|
|
|
DBUG_PRINT("error", ("%s", sslGetErrString(*error)));
|
2001-05-20 14:04:46 +02:00
|
|
|
report_errors();
|
2006-03-10 16:41:14 +01:00
|
|
|
my_free((void*)ssl_fd,MYF(0));
|
|
|
|
|
DBUG_RETURN(0);
|
2001-09-30 04:46:20 +02:00
|
|
|
}
|
2006-03-10 16:41:14 +01:00
|
|
|
|
2007-04-02 13:12:59 +02:00
|
|
|
/*
|
|
|
|
|
Set the ciphers that can be used
|
|
|
|
|
NOTE: SSL_CTX_set_cipher_list will return 0 if
|
|
|
|
|
none of the provided ciphers could be selected
|
|
|
|
|
*/
|
|
|
|
|
if (cipher &&
|
|
|
|
|
SSL_CTX_set_cipher_list(ssl_fd->ssl_context, cipher) == 0)
|
2001-05-20 14:04:46 +02:00
|
|
|
{
|
2009-07-23 13:38:11 +02:00
|
|
|
*error= SSL_INITERR_CIPHERS;
|
|
|
|
|
DBUG_PRINT("error", ("%s", sslGetErrString(*error)));
|
2001-05-20 14:04:46 +02:00
|
|
|
report_errors();
|
2006-11-07 15:20:24 +01:00
|
|
|
SSL_CTX_free(ssl_fd->ssl_context);
|
2006-03-10 16:41:14 +01:00
|
|
|
my_free((void*)ssl_fd,MYF(0));
|
|
|
|
|
DBUG_RETURN(0);
|
2001-05-20 14:04:46 +02:00
|
|
|
}
|
2006-03-10 16:41:14 +01:00
|
|
|
|
2006-05-03 14:09:08 +02:00
|
|
|
/* Load certs from the trusted ca */
|
2006-03-10 16:41:14 +01:00
|
|
|
if (SSL_CTX_load_verify_locations(ssl_fd->ssl_context, ca_file, ca_path) == 0)
|
2001-05-20 14:04:46 +02:00
|
|
|
{
|
|
|
|
|
DBUG_PRINT("warning", ("SSL_CTX_load_verify_locations failed"));
|
2006-03-10 16:41:14 +01:00
|
|
|
if (SSL_CTX_set_default_verify_paths(ssl_fd->ssl_context) == 0)
|
2001-05-20 14:04:46 +02:00
|
|
|
{
|
2009-07-23 13:38:11 +02:00
|
|
|
*error= SSL_INITERR_BAD_PATHS;
|
|
|
|
|
DBUG_PRINT("error", ("%s", sslGetErrString(*error)));
|
2001-05-20 14:04:46 +02:00
|
|
|
report_errors();
|
2006-11-07 15:20:24 +01:00
|
|
|
SSL_CTX_free(ssl_fd->ssl_context);
|
2006-03-10 16:41:14 +01:00
|
|
|
my_free((void*)ssl_fd,MYF(0));
|
|
|
|
|
DBUG_RETURN(0);
|
2001-05-20 14:04:46 +02:00
|
|
|
}
|
2006-03-10 16:41:14 +01:00
|
|
|
}
|
2001-08-31 23:51:52 +02:00
|
|
|
|
2009-07-23 13:38:11 +02:00
|
|
|
if (vio_set_cert_stuff(ssl_fd->ssl_context, cert_file, key_file, error))
|
2006-05-03 14:09:08 +02:00
|
|
|
{
|
|
|
|
|
DBUG_PRINT("error", ("vio_set_cert_stuff failed"));
|
|
|
|
|
report_errors();
|
2006-11-07 15:20:24 +01:00
|
|
|
SSL_CTX_free(ssl_fd->ssl_context);
|
2006-05-03 14:09:08 +02:00
|
|
|
my_free((void*)ssl_fd,MYF(0));
|
|
|
|
|
DBUG_RETURN(0);
|
|
|
|
|
}
|
2001-08-31 23:51:52 +02:00
|
|
|
|
|
|
|
|
/* DH stuff */
|
|
|
|
|
dh=get_dh512();
|
2006-03-10 16:41:14 +01:00
|
|
|
SSL_CTX_set_tmp_dh(ssl_fd->ssl_context, dh);
|
2001-08-31 23:51:52 +02:00
|
|
|
DH_free(dh);
|
|
|
|
|
|
2006-03-10 16:41:14 +01:00
|
|
|
DBUG_PRINT("exit", ("OK 1"));
|
|
|
|
|
|
|
|
|
|
DBUG_RETURN(ssl_fd);
|
2001-05-20 14:04:46 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2006-03-10 16:41:14 +01:00
|
|
|
/************************ VioSSLConnectorFd **********************************/
|
|
|
|
|
struct st_VioSSLFd *
|
|
|
|
|
new_VioSSLConnectorFd(const char *key_file, const char *cert_file,
|
|
|
|
|
const char *ca_file, const char *ca_path,
|
|
|
|
|
const char *cipher)
|
2001-05-20 14:04:46 +02:00
|
|
|
{
|
2006-03-10 16:41:14 +01:00
|
|
|
struct st_VioSSLFd *ssl_fd;
|
2006-04-18 17:58:27 +02:00
|
|
|
int verify= SSL_VERIFY_PEER;
|
2009-07-23 13:38:11 +02:00
|
|
|
enum enum_ssl_init_error dummy;
|
2007-03-28 12:23:55 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
Turn off verification of servers certificate if both
|
|
|
|
|
ca_file and ca_path is set to NULL
|
|
|
|
|
*/
|
|
|
|
|
if (ca_file == 0 && ca_path == 0)
|
|
|
|
|
verify= SSL_VERIFY_NONE;
|
|
|
|
|
|
2006-03-10 16:41:14 +01:00
|
|
|
if (!(ssl_fd= new_VioSSLFd(key_file, cert_file, ca_file,
|
2009-07-23 13:38:11 +02:00
|
|
|
ca_path, cipher, TLSv1_client_method(), &dummy)))
|
2006-03-10 16:41:14 +01:00
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2001-05-20 14:04:46 +02:00
|
|
|
|
2006-05-03 14:09:08 +02:00
|
|
|
/* Init the VioSSLFd as a "connector" ie. the client side */
|
2001-05-20 14:04:46 +02:00
|
|
|
|
2009-10-27 14:11:06 +01:00
|
|
|
SSL_CTX_set_verify(ssl_fd->ssl_context, verify, NULL);
|
2001-07-24 08:07:46 +02:00
|
|
|
|
2006-03-10 16:41:14 +01:00
|
|
|
return ssl_fd;
|
|
|
|
|
}
|
2005-11-29 09:15:48 +01:00
|
|
|
|
|
|
|
|
|
2006-03-10 16:41:14 +01:00
|
|
|
/************************ VioSSLAcceptorFd **********************************/
|
2006-05-09 19:50:29 +02:00
|
|
|
struct st_VioSSLFd *
|
2006-03-10 16:41:14 +01:00
|
|
|
new_VioSSLAcceptorFd(const char *key_file, const char *cert_file,
|
|
|
|
|
const char *ca_file, const char *ca_path,
|
2009-07-23 13:38:11 +02:00
|
|
|
const char *cipher, enum enum_ssl_init_error* error)
|
2006-03-10 16:41:14 +01:00
|
|
|
{
|
|
|
|
|
struct st_VioSSLFd *ssl_fd;
|
|
|
|
|
int verify= SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
|
|
|
|
|
if (!(ssl_fd= new_VioSSLFd(key_file, cert_file, ca_file,
|
2009-07-23 13:38:11 +02:00
|
|
|
ca_path, cipher, TLSv1_server_method(), error)))
|
2001-09-30 04:46:20 +02:00
|
|
|
{
|
2006-03-10 16:41:14 +01:00
|
|
|
return 0;
|
2001-09-30 04:46:20 +02:00
|
|
|
}
|
2006-03-10 16:41:14 +01:00
|
|
|
/* Init the the VioSSLFd as a "acceptor" ie. the server side */
|
2001-05-20 14:04:46 +02:00
|
|
|
|
2006-03-10 16:41:14 +01:00
|
|
|
/* Set max number of cached sessions, returns the previous size */
|
|
|
|
|
SSL_CTX_sess_set_cache_size(ssl_fd->ssl_context, 128);
|
2001-05-20 14:04:46 +02:00
|
|
|
|
2009-10-27 14:11:06 +01:00
|
|
|
SSL_CTX_set_verify(ssl_fd->ssl_context, verify, NULL);
|
2002-06-11 10:20:31 +02:00
|
|
|
|
2006-03-10 16:41:14 +01:00
|
|
|
/*
|
|
|
|
|
Set session_id - an identifier for this server session
|
|
|
|
|
Use the ssl_fd pointer
|
|
|
|
|
*/
|
|
|
|
|
SSL_CTX_set_session_id_context(ssl_fd->ssl_context,
|
2006-05-04 10:30:08 +02:00
|
|
|
(const unsigned char *)ssl_fd,
|
2006-03-10 16:41:14 +01:00
|
|
|
sizeof(ssl_fd));
|
2006-05-03 14:59:17 +02:00
|
|
|
|
2006-03-10 16:41:14 +01:00
|
|
|
return ssl_fd;
|
2001-05-20 14:04:46 +02:00
|
|
|
}
|
2006-05-03 14:59:17 +02:00
|
|
|
|
2006-05-09 19:50:29 +02:00
|
|
|
void free_vio_ssl_acceptor_fd(struct st_VioSSLFd *fd)
|
2006-05-03 14:59:17 +02:00
|
|
|
{
|
|
|
|
|
SSL_CTX_free(fd->ssl_context);
|
WL#3817: Simplify string / memory area types and make things more consistent (first part)
The following type conversions was done:
- Changed byte to uchar
- Changed gptr to uchar*
- Change my_string to char *
- Change my_size_t to size_t
- Change size_s to size_t
Removed declaration of byte, gptr, my_string, my_size_t and size_s.
Following function parameter changes was done:
- All string functions in mysys/strings was changed to use size_t
instead of uint for string lengths.
- All read()/write() functions changed to use size_t (including vio).
- All protocoll functions changed to use size_t instead of uint
- Functions that used a pointer to a string length was changed to use size_t*
- Changed malloc(), free() and related functions from using gptr to use void *
as this requires fewer casts in the code and is more in line with how the
standard functions work.
- Added extra length argument to dirname_part() to return the length of the
created string.
- Changed (at least) following functions to take uchar* as argument:
- db_dump()
- my_net_write()
- net_write_command()
- net_store_data()
- DBUG_DUMP()
- decimal2bin() & bin2decimal()
- Changed my_compress() and my_uncompress() to use size_t. Changed one
argument to my_uncompress() from a pointer to a value as we only return
one value (makes function easier to use).
- Changed type of 'pack_data' argument to packfrm() to avoid casts.
- Changed in readfrm() and writefrom(), ha_discover and handler::discover()
the type for argument 'frmdata' to uchar** to avoid casts.
- Changed most Field functions to use uchar* instead of char* (reduced a lot of
casts).
- Changed field->val_xxx(xxx, new_ptr) to take const pointers.
Other changes:
- Removed a lot of not needed casts
- Added a few new cast required by other changes
- Added some cast to my_multi_malloc() arguments for safety (as string lengths
needs to be uint, not size_t).
- Fixed all calls to hash-get-key functions to use size_t*. (Needed to be done
explicitely as this conflict was often hided by casting the function to
hash_get_key).
- Changed some buffers to memory regions to uchar* to avoid casts.
- Changed some string lengths from uint to size_t.
- Changed field->ptr to be uchar* instead of char*. This allowed us to
get rid of a lot of casts.
- Some changes from true -> TRUE, false -> FALSE, unsigned char -> uchar
- Include zlib.h in some files as we needed declaration of crc32()
- Changed MY_FILE_ERROR to be (size_t) -1.
- Changed many variables to hold the result of my_read() / my_write() to be
size_t. This was needed to properly detect errors (which are
returned as (size_t) -1).
- Removed some very old VMS code
- Changed packfrm()/unpackfrm() to not be depending on uint size
(portability fix)
- Removed windows specific code to restore cursor position as this
causes slowdown on windows and we should not mix read() and pread()
calls anyway as this is not thread safe. Updated function comment to
reflect this. Changed function that depended on original behavior of
my_pwrite() to itself restore the cursor position (one such case).
- Added some missing checking of return value of malloc().
- Changed definition of MOD_PAD_CHAR_TO_FULL_LENGTH to avoid 'long' overflow.
- Changed type of table_def::m_size from my_size_t to ulong to reflect that
m_size is the number of elements in the array, not a string/memory
length.
- Moved THD::max_row_length() to table.cc (as it's not depending on THD).
Inlined max_row_length_blob() into this function.
- More function comments
- Fixed some compiler warnings when compiled without partitions.
- Removed setting of LEX_STRING() arguments in declaration (portability fix).
- Some trivial indentation/variable name changes.
- Some trivial code simplifications:
- Replaced some calls to alloc_root + memcpy to use
strmake_root()/strdup_root().
- Changed some calls from memdup() to strmake() (Safety fix)
- Simpler loops in client-simple.c
2007-05-10 11:59:39 +02:00
|
|
|
my_free((uchar*) fd, MYF(0));
|
2006-05-03 14:59:17 +02:00
|
|
|
}
|
2001-05-20 14:04:46 +02:00
|
|
|
#endif /* HAVE_OPENSSL */
|