Merge work.mysql.com:/home/bk/mysql-4.0

into volk.internalnet:/home/tonu/mysql-4.0 acinclude.m4: Auto merged sql/mysqld.cc: Auto merged sql/sql_lex.h: Auto merged sql/sql_parse.cc: Auto merged sql/structs.h: Auto merged Docs/manual.texi: Auto merged
2026-04-21 07:45:32 +02:00 · 2001-09-30 10:47:32 +08:00 · 2001-09-30 10:47:32 +08:00 · 6e8704ee09
commit 6e8704ee09
parent ad9c7236a0 d13f2dfdeb
59 changed files with 646 additions and 267 deletions
--- a/include/mysql.h
+++ b/include/mysql.h
@ -135,6 +135,7 @@ struct st_mysql_options {
  char *ssl_cert;				/* PEM cert file */
  char *ssl_ca;					/* PEM CA file */
  char *ssl_capath;				/* PEM directory of CA-s? */
+  char *ssl_cipher;				/* cipher to use */
  my_bool use_ssl;				/* if to use SSL or not */
  my_bool compress,named_pipe;
 /*
@ -262,7 +263,7 @@ const char * STDCALL mysql_character_set_name(MYSQL *mysql);
 MYSQL *		STDCALL mysql_init(MYSQL *mysql);
 int		STDCALL mysql_ssl_set(MYSQL *mysql, const char *key,
 				      const char *cert, const char *ca,
-				      const char *capath);
+				      const char *capath, const char *cipher);
 int		STDCALL mysql_ssl_clear(MYSQL *mysql);
 my_bool		STDCALL mysql_change_user(MYSQL *mysql, const char *user, 
 					  const char *passwd, const char *db);
--- a/include/mysqld_error.h
+++ b/include/mysqld_error.h
@ -221,4 +221,7 @@
 #define ER_WRONG_NUMBER_OF_COLUMNS_IN_SELECT 1218
 #define ER_CANT_UPDATE_WITH_READLOCK 1219
 #define ER_MIXING_NOT_ALLOWED 1220
-#define ER_ERROR_MESSAGES 221
+#define ER_GRANT_DUPL_SUBJECT 1221
+#define ER_GRANT_DUPL_ISSUER 1222
+#define ER_GRANT_DUPL_CIPHER 1223
+#define ER_ERROR_MESSAGES 224
--- a/include/sslopt-case.h
+++ b/include/sslopt-case.h
@ -39,4 +39,10 @@
      my_free(opt_ssl_ca, MYF(MY_ALLOW_ZERO_PTR));
      opt_ssl_ca = my_strdup(optarg, MYF(0));
      break;
+    case OPT_SSL_CIPHER:
+      opt_use_ssl = 1;				/* true */
+      my_free(opt_ssl_cipher, MYF(MY_ALLOW_ZERO_PTR));
+      opt_ssl_cipher = my_strdup(optarg, MYF(0));
+      break;
+
 #endif
--- a/include/sslopt-longopts.h
+++ b/include/sslopt-longopts.h
@ -22,10 +22,12 @@
 #define OPT_SSL_CERT	202
 #define OPT_SSL_CA	203
 #define OPT_SSL_CAPATH  204
+#define OPT_SSL_CIPHER  205
  {"ssl",           no_argument,           0, OPT_SSL_SSL},
  {"ssl-key",       required_argument,     0, OPT_SSL_KEY},
  {"ssl-cert",      required_argument,     0, OPT_SSL_CERT},
  {"ssl-ca",        required_argument,     0, OPT_SSL_CA},
  {"ssl-capath",    required_argument,     0, OPT_SSL_CAPATH},
+  {"ssl-cipher",    required_argument,     0, OPT_SSL_CIPHER},

 #endif /* HAVE_OPENSSL */
--- a/include/sslopt-usage.h
+++ b/include/sslopt-usage.h
@ -21,5 +21,6 @@
   --ssl-key            X509 key in PEM format (implies --ssl)\n\
   --ssl-cert           X509 cert in PEM format (implies --ssl)\n\
   --ssl-ca             CA file in PEM format (check OpenSSL docs, implies --ssl)\n\
-   --ssl-capath         CA directory (check OpenSSL docs, implies --ssl)");
+   --ssl-capath         CA directory (check OpenSSL docs, implies --ssl)\n\
+   --ssl-cipher         SSL cipher to use (implies --ssl)");
 #endif
--- a/include/sslopt-vars.h
+++ b/include/sslopt-vars.h
@ -21,4 +21,5 @@ static char *opt_ssl_key    = 0;
 static char *opt_ssl_cert   = 0;
 static char *opt_ssl_ca     = 0;
 static char *opt_ssl_capath = 0;
+static char *opt_ssl_cipher = 0;
 #endif
--- a/include/violite.h
+++ b/include/violite.h
@ -169,9 +169,6 @@ struct st_VioSSLAcceptorFd
    state_connect       = 1,
    state_accept        = 2
  };
-//  BIO* bio_;
-//  char desc_[100];
-//  Vio* sd_;

  /* function pointers which are only once for SSL server 
  Vio*(*sslaccept)(struct st_VioSSLAcceptorFd*,Vio*); */
@ -184,15 +181,17 @@ struct st_VioSSLConnectorFd
  SSL_METHOD* ssl_method_;
  /* function pointers which are only once for SSL client */ 
 };
-void sslaccept(struct st_VioSSLAcceptorFd*, Vio*);
-void sslconnect(struct st_VioSSLConnectorFd*, Vio*);
+void sslaccept(struct st_VioSSLAcceptorFd*, Vio*, long timeout);
+void sslconnect(struct st_VioSSLConnectorFd*, Vio*, long timeout);

 struct st_VioSSLConnectorFd
 *new_VioSSLConnectorFd(const char* key_file, const char* cert_file,
-		       const char* ca_file,  const char* ca_path);
+		       const char* ca_file,  const char* ca_path,
+		       const char* cipher);
 struct st_VioSSLAcceptorFd
 *new_VioSSLAcceptorFd(const char* key_file, const char* cert_file,
-		      const char* ca_file,const char* ca_path);
+		      const char* ca_file,const char* ca_path,
+		      const char* cipher);
 Vio* new_VioSSL(struct st_VioSSLAcceptorFd* fd, Vio* sd,int state);

 #ifdef	__cplusplus
@ -200,6 +199,9 @@ Vio* new_VioSSL(struct st_VioSSLAcceptorFd* fd, Vio* sd,int state);
 #endif
 #endif /* HAVE_OPENSSL */

+/* This enumerator is used in parser - should be always visible */
+enum SSL_type {SSL_TYPE_NONE, SSL_TYPE_ANY, SSL_TYPE_X509, SSL_TYPE_SPECIFIED};
+
 #ifndef EMBEDDED_LIBRARY
 /* This structure is for every connection on both sides */
 struct st_vio
@ -229,10 +231,8 @@ struct st_vio
  my_bool (*poll_read)(Vio*,uint);

 #ifdef HAVE_OPENSSL
-  BIO* bio_;
  SSL* ssl_;
  my_bool open_;
-  char *ssl_cip_;
 #endif /* HAVE_OPENSSL */
 #endif /* HAVE_VIO */
 };