Commit 5fb52a19 authored by unknown's avatar unknown

SSL fixes

parent a485f382
...@@ -329,7 +329,7 @@ int main(int argc,char *argv[]) ...@@ -329,7 +329,7 @@ int main(int argc,char *argv[])
put_info((char*) glob_buffer.ptr(),INFO_INFO); put_info((char*) glob_buffer.ptr(),INFO_INFO);
#ifdef HAVE_OPENSSL #ifdef HAVE_OPENSSL
if(SSL_get_cipher(mysql.net.vio->ssl_)) { if(mysql.net.vio->ssl_ && SSL_get_cipher(mysql.net.vio->ssl_)) {
sprintf((char*) glob_buffer.ptr(), sprintf((char*) glob_buffer.ptr(),
"SSL cipher in use is %s\n", SSL_get_cipher(mysql.net.vio->ssl_)); "SSL cipher in use is %s\n", SSL_get_cipher(mysql.net.vio->ssl_));
put_info((char*) glob_buffer.ptr(),INFO_INFO); put_info((char*) glob_buffer.ptr(),INFO_INFO);
......
Variable_name Value
SSL_CTX_sess_accept 0
SSL_CTX_sess_accept_good 0
SSL_CTX_sess_accept_renegotiate 0
SSL_CTX_sess_cb_hits 0
SSL_CTX_sess_number 0
SSL_CTX_get_session_cache_mode SERVER
SSL_CTX_sess_get_cache_size 128
SSL_CTX_get_verify_mode 7
SSL_CTX_get_verify_depth 4294967295
SSL_get_verify_mode 0
SSL_get_verify_depth 0
SSL_session_reused 0
SSL_get_version
SSL_get_cipher
SSL_get_default_timeout 0
SHOW STATUS LIKE 'SSL%';
...@@ -1155,6 +1155,7 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables) ...@@ -1155,6 +1155,7 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables)
break; break;
} }
#ifdef HAVE_OPENSSL #ifdef HAVE_OPENSSL
/* First group - functions relying on CTX */
case SHOW_SSL_CTX_SESS_ACCEPT: case SHOW_SSL_CTX_SESS_ACCEPT:
net_store_data(&packet2,(uint32) net_store_data(&packet2,(uint32)
SSL_CTX_sess_accept(ssl_acceptor_fd->ssl_context_)); SSL_CTX_sess_accept(ssl_acceptor_fd->ssl_context_));
...@@ -1167,10 +1168,6 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables) ...@@ -1167,10 +1168,6 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables)
net_store_data(&packet2,(uint32) net_store_data(&packet2,(uint32)
SSL_CTX_sess_accept_renegotiate(ssl_acceptor_fd->ssl_context_)); SSL_CTX_sess_accept_renegotiate(ssl_acceptor_fd->ssl_context_));
break; break;
case SHOW_SSL_GET_VERSION:
net_store_data(&packet2,
SSL_get_version(thd->net.vio->ssl_));
break;
case SHOW_SSL_CTX_SESS_CB_HITS: case SHOW_SSL_CTX_SESS_CB_HITS:
net_store_data(&packet2,(uint32) net_store_data(&packet2,(uint32)
SSL_CTX_sess_cb_hits(ssl_acceptor_fd->ssl_context_)); SSL_CTX_sess_cb_hits(ssl_acceptor_fd->ssl_context_));
...@@ -1179,14 +1176,6 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables) ...@@ -1179,14 +1176,6 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables)
net_store_data(&packet2,(uint32) net_store_data(&packet2,(uint32)
SSL_CTX_sess_number(ssl_acceptor_fd->ssl_context_)); SSL_CTX_sess_number(ssl_acceptor_fd->ssl_context_));
break; break;
case SHOW_SSL_SESSION_REUSED:
net_store_data(&packet2,(uint32)
SSL_session_reused(thd->net.vio->ssl_));
break;
case SHOW_SSL_GET_DEFAULT_TIMEOUT:
net_store_data(&packet2,(uint32)
SSL_get_default_timeout(thd->net.vio->ssl_));
break;
case SHOW_SSL_CTX_SESS_GET_CACHE_SIZE: case SHOW_SSL_CTX_SESS_GET_CACHE_SIZE:
net_store_data(&packet2,(uint32) net_store_data(&packet2,(uint32)
SSL_CTX_sess_get_cache_size(ssl_acceptor_fd->ssl_context_)); SSL_CTX_sess_get_cache_size(ssl_acceptor_fd->ssl_context_));
...@@ -1195,21 +1184,10 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables) ...@@ -1195,21 +1184,10 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables)
net_store_data(&packet2,(uint32) net_store_data(&packet2,(uint32)
SSL_CTX_get_verify_mode(ssl_acceptor_fd->ssl_context_)); SSL_CTX_get_verify_mode(ssl_acceptor_fd->ssl_context_));
break; break;
case SHOW_SSL_GET_VERIFY_MODE:
net_store_data(&packet2,(uint32)
SSL_get_verify_mode(thd->net.vio->ssl_));
break;
case SHOW_SSL_CTX_GET_VERIFY_DEPTH: case SHOW_SSL_CTX_GET_VERIFY_DEPTH:
net_store_data(&packet2,(uint32) net_store_data(&packet2,(uint32)
SSL_CTX_get_verify_depth(ssl_acceptor_fd->ssl_context_)); SSL_CTX_get_verify_depth(ssl_acceptor_fd->ssl_context_));
break; break;
case SHOW_SSL_GET_VERIFY_DEPTH:
net_store_data(&packet2,(uint32)
SSL_get_verify_depth(thd->net.vio->ssl_));
break;
case SHOW_SSL_GET_CIPHER:
net_store_data(&packet2, SSL_get_cipher(thd->net.vio->ssl_));
break;
case SHOW_SSL_CTX_GET_SESSION_CACHE_MODE: case SHOW_SSL_CTX_GET_SESSION_CACHE_MODE:
switch(SSL_CTX_get_session_cache_mode(ssl_acceptor_fd->ssl_context_)) switch(SSL_CTX_get_session_cache_mode(ssl_acceptor_fd->ssl_context_))
{ {
...@@ -1236,6 +1214,30 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables) ...@@ -1236,6 +1214,30 @@ int mysqld_show(THD *thd, const char *wild, show_var_st *variables)
break; break;
} }
break; break;
/* First group - functions relying on SSL */
case SHOW_SSL_GET_VERSION:
net_store_data(&packet2, thd->net.vio->ssl_ ?
SSL_get_version(thd->net.vio->ssl_) : "");
break;
case SHOW_SSL_SESSION_REUSED:
net_store_data(&packet2,(uint32) (thd->net.vio->ssl_ ?
SSL_session_reused(thd->net.vio->ssl_) : 0));
break;
case SHOW_SSL_GET_DEFAULT_TIMEOUT:
net_store_data(&packet2,(uint32) (thd->net.vio->ssl_ ?
SSL_get_default_timeout(thd->net.vio->ssl_):0));
break;
case SHOW_SSL_GET_VERIFY_MODE:
net_store_data(&packet2,(uint32) (thd->net.vio->ssl_ ?
SSL_get_verify_mode(thd->net.vio->ssl_):0));
break;
case SHOW_SSL_GET_VERIFY_DEPTH:
net_store_data(&packet2,(uint32) (thd->net.vio->ssl_ ?
SSL_get_verify_depth(thd->net.vio->ssl_):0));
break;
case SHOW_SSL_GET_CIPHER:
net_store_data(&packet2, thd->net.vio->ssl_ ? SSL_get_cipher(thd->net.vio->ssl_) : "");
break;
#endif /* HAVE_OPENSSL */ #endif /* HAVE_OPENSSL */
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment