Commit 7006b203 authored by msvensson@pilot.mysql.com's avatar msvensson@pilot.mysql.com

Merge 192.168.0.10:mysql/yassL-import/my51-yassL-import

into  pilot.mysql.com:/home/msvensson/mysql/mysql-5.1-new-maint
parents 324b136f 5f5b0e9b
......@@ -732,9 +732,21 @@ void CertDecoder::GetName(NameType nt)
source_.advance(strLen);
}
else {
// skip
bool email = false;
if (joint[0] == 0x2a && joint[1] == 0x86) // email id hdr
email = true;
source_.advance(oidSz + 1);
word32 length2 = GetLength(source_);
if (email) {
memcpy(&ptr[idx], "/emailAddress=", 14);
idx += 14;
memcpy(&ptr[idx], source_.get_current(), length);
idx += length;
}
source_.advance(length2);
}
}
......
......@@ -3,8 +3,8 @@ create table t1(f1 int);
insert into t1 values (5);
grant select on test.* to ssl_user1@localhost require SSL;
grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";
grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com";
grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
flush privileges;
connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET);
......
......@@ -10,8 +10,8 @@ insert into t1 values (5);
grant select on test.* to ssl_user1@localhost require SSL;
grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";
grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com";
grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
flush privileges;
......
......@@ -84,10 +84,10 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file)
{
if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0)
{
DBUG_PRINT("error",("unable to get certificate from '%s'\n", cert_file));
fprintf(stderr,"SSL error: ");
ERR_print_errors_fp(stderr);
fprintf(stderr,"Unable to get certificate from '%s'\n", cert_file);
DBUG_PRINT("error",("unable to get certificate from '%s'", cert_file));
DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););
fprintf(stderr, "SSL error: Unable to get certificate from '%s'\n",
cert_file);
fflush(stderr);
DBUG_RETURN(1);
}
......@@ -97,10 +97,10 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file)
if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) <= 0)
{
DBUG_PRINT("error", ("unable to get private key from '%s'\n", key_file));
fprintf(stderr,"SSL error: ");
ERR_print_errors_fp(stderr);
fprintf(stderr,"Unable to get private key from '%s'\n", key_file);
DBUG_PRINT("error", ("unable to get private key from '%s'", key_file));
DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););
fprintf(stderr, "SSL error: Unable to get private key from '%s'\n",
key_file);
fflush(stderr);
DBUG_RETURN(1);
}
......@@ -112,7 +112,12 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file)
if (!SSL_CTX_check_private_key(ctx))
{
DBUG_PRINT("error",
("Private key does not match the certificate public key\n"));
("Private key does not match the certificate public key"));
DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););
fprintf(stderr,
"SSL error: "
"Private key does not match the certificate public key\n");
fflush(stderr);
DBUG_RETURN(1);
}
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment