Bug#24121 Incorrect test for SSL_VERIFY_SERVER_CERT

 - Interpret the pointer passed to 'mysql_options' for
   MYSQL_OPT_SSL_VERIFY_SERVER_CERT as a my_bool
 - In 5.1 the mysql_options signature will be chanegd to take
   a 'void*' in order to further emphasize the need for a pointer
   to correct type
parent 74b3cdb0
...@@ -3534,7 +3534,7 @@ void do_connect(struct st_command *command) ...@@ -3534,7 +3534,7 @@ void do_connect(struct st_command *command)
opt_ssl_capath, opt_ssl_cipher); opt_ssl_capath, opt_ssl_cipher);
#if MYSQL_VERSION_ID >= 50000 #if MYSQL_VERSION_ID >= 50000
/* Turn on ssl_verify_server_cert only if host is "localhost" */ /* Turn on ssl_verify_server_cert only if host is "localhost" */
opt_ssl_verify_server_cert= !strcmp(ds_connection_name.str, "localhost"); opt_ssl_verify_server_cert= !strcmp(ds_host.str, "localhost");
mysql_options(&next_con->mysql, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, mysql_options(&next_con->mysql, MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
&opt_ssl_verify_server_cert); &opt_ssl_verify_server_cert);
#endif #endif
...@@ -6002,15 +6002,13 @@ int main(int argc, char **argv) ...@@ -6002,15 +6002,13 @@ int main(int argc, char **argv)
#ifdef HAVE_OPENSSL #ifdef HAVE_OPENSSL
#if MYSQL_VERSION_ID >= 50000
opt_ssl_verify_server_cert= TRUE; /* Always on in mysqltest */
#endif
if (opt_use_ssl) if (opt_use_ssl)
{ {
mysql_ssl_set(&cur_con->mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca, mysql_ssl_set(&cur_con->mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
opt_ssl_capath, opt_ssl_cipher); opt_ssl_capath, opt_ssl_cipher);
#if MYSQL_VERSION_ID >= 50000 #if MYSQL_VERSION_ID >= 50000
/* Turn on ssl_verify_server_cert only if host is "localhost" */
opt_ssl_verify_server_cert= opt_host && !strcmp(opt_host, "localhost");
mysql_options(&cur_con->mysql, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, mysql_options(&cur_con->mysql, MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
&opt_ssl_verify_server_cert); &opt_ssl_verify_server_cert);
#endif #endif
......
...@@ -3022,7 +3022,7 @@ mysql_options(MYSQL *mysql,enum mysql_option option, const char *arg) ...@@ -3022,7 +3022,7 @@ mysql_options(MYSQL *mysql,enum mysql_option option, const char *arg)
mysql->reconnect= *(my_bool *) arg; mysql->reconnect= *(my_bool *) arg;
break; break;
case MYSQL_OPT_SSL_VERIFY_SERVER_CERT: case MYSQL_OPT_SSL_VERIFY_SERVER_CERT:
if (!arg || test(*(uint*) arg)) if (*(my_bool*) arg)
mysql->options.client_flag|= CLIENT_SSL_VERIFY_SERVER_CERT; mysql->options.client_flag|= CLIENT_SSL_VERIFY_SERVER_CERT;
else else
mysql->options.client_flag&= ~CLIENT_SSL_VERIFY_SERVER_CERT; mysql->options.client_flag&= ~CLIENT_SSL_VERIFY_SERVER_CERT;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment