Commit 7006b203 authored by msvensson@pilot.mysql.com's avatar msvensson@pilot.mysql.com

Merge 192.168.0.10:mysql/yassL-import/my51-yassL-import

into  pilot.mysql.com:/home/msvensson/mysql/mysql-5.1-new-maint
parents 324b136f 5f5b0e9b
...@@ -732,9 +732,21 @@ void CertDecoder::GetName(NameType nt) ...@@ -732,9 +732,21 @@ void CertDecoder::GetName(NameType nt)
source_.advance(strLen); source_.advance(strLen);
} }
else { else {
// skip bool email = false;
if (joint[0] == 0x2a && joint[1] == 0x86) // email id hdr
email = true;
source_.advance(oidSz + 1); source_.advance(oidSz + 1);
word32 length2 = GetLength(source_); word32 length2 = GetLength(source_);
if (email) {
memcpy(&ptr[idx], "/emailAddress=", 14);
idx += 14;
memcpy(&ptr[idx], source_.get_current(), length);
idx += length;
}
source_.advance(length2); source_.advance(length2);
} }
} }
......
...@@ -3,8 +3,8 @@ create table t1(f1 int); ...@@ -3,8 +3,8 @@ create table t1(f1 int);
insert into t1 values (5); insert into t1 values (5);
grant select on test.* to ssl_user1@localhost require SSL; grant select on test.* to ssl_user1@localhost require SSL;
grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA"; grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";
grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com";
grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx"; grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
flush privileges; flush privileges;
connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET); connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET);
......
...@@ -10,8 +10,8 @@ insert into t1 values (5); ...@@ -10,8 +10,8 @@ insert into t1 values (5);
grant select on test.* to ssl_user1@localhost require SSL; grant select on test.* to ssl_user1@localhost require SSL;
grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA"; grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";
grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com";
grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx"; grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
flush privileges; flush privileges;
......
...@@ -84,10 +84,10 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file) ...@@ -84,10 +84,10 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file)
{ {
if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0) if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0)
{ {
DBUG_PRINT("error",("unable to get certificate from '%s'\n", cert_file)); DBUG_PRINT("error",("unable to get certificate from '%s'", cert_file));
fprintf(stderr,"SSL error: "); DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););
ERR_print_errors_fp(stderr); fprintf(stderr, "SSL error: Unable to get certificate from '%s'\n",
fprintf(stderr,"Unable to get certificate from '%s'\n", cert_file); cert_file);
fflush(stderr); fflush(stderr);
DBUG_RETURN(1); DBUG_RETURN(1);
} }
...@@ -97,10 +97,10 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file) ...@@ -97,10 +97,10 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file)
if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) <= 0) if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) <= 0)
{ {
DBUG_PRINT("error", ("unable to get private key from '%s'\n", key_file)); DBUG_PRINT("error", ("unable to get private key from '%s'", key_file));
fprintf(stderr,"SSL error: "); DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););
ERR_print_errors_fp(stderr); fprintf(stderr, "SSL error: Unable to get private key from '%s'\n",
fprintf(stderr,"Unable to get private key from '%s'\n", key_file); key_file);
fflush(stderr); fflush(stderr);
DBUG_RETURN(1); DBUG_RETURN(1);
} }
...@@ -112,7 +112,12 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file) ...@@ -112,7 +112,12 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file)
if (!SSL_CTX_check_private_key(ctx)) if (!SSL_CTX_check_private_key(ctx))
{ {
DBUG_PRINT("error", DBUG_PRINT("error",
("Private key does not match the certificate public key\n")); ("Private key does not match the certificate public key"));
DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););
fprintf(stderr,
"SSL error: "
"Private key does not match the certificate public key\n");
fflush(stderr);
DBUG_RETURN(1); DBUG_RETURN(1);
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment