diff options
| author | unknown <monty@narttu.mysql.fi> | 2003-08-27 02:51:39 +0300 |
|---|---|---|
| committer | unknown <monty@narttu.mysql.fi> | 2003-08-27 02:51:39 +0300 |
| commit | 59806e1004d205bae01673fe7ed9a60537112455 (patch) | |
| tree | df46d43bd0139e95a2e8a1f4acac68f2de3c484f /sql/sql_acl.cc | |
| parent | e5b3d521f57d020139af268d157d941a7e5ec310 (diff) | |
| download | mariadb-git-59806e1004d205bae01673fe7ed9a60537112455.tar.gz | |
vio ssl structure renames (to get rid of ending _)
Added TCP/IP read/write timeout for windows
Check on windows if second server is started with same TCP/IP port
BitKeeper/deleted/.del-have_openssl_2.inc~8c9f1a45676b698f:
Delete: mysql-test/include/have_openssl_2.inc
BitKeeper/deleted/.del-have_openssl_2.require~53bbdfc136fb514:
Delete: mysql-test/r/have_openssl_2.require
BitKeeper/deleted/.del-openssl_2.test~f2dfa927f19d14f8:
Delete: mysql-test/t/openssl_2.test
BitKeeper/etc/ignore:
added libmysql/vio_priv.h libmysql_r/vio_priv.h
client/mysql.cc:
vio ssl structure renames
include/violite.h:
Cleanup violite.h interface (move things to vio_priv.h)
libmysql/Makefile.am:
Use vio_priv.h
libmysql/Makefile.shared:
Use vio_priv.h
libmysqld/lib_vio.c:
Added timeout for windows
mysys/my_getopt.c:
Indentaion cleanup
sql/item_cmpfunc.cc:
Remove compiler warnings
sql/item_func.cc:
Remove compiler warnings
sql/mini_client.cc:
vio ssl structure renames
sql/mysqld.cc:
Check on windows if second server is started with same TCP/IP port
sql/net_serv.cc:
Add read/write timeouts for windows
sql/sql_acl.cc:
vio ssl structure renames
sql/sql_show.cc:
vio ssl structure renames
vio/vio.c:
Added timeouts for windows
vio/viosocket.c:
Added timeouts for windows
vio/viossl.c:
Added timeouts for windows
Cleaned up structure element names
vio/viosslfactories.c:
Added timeouts for windows
Cleaned up structure element names
Diffstat (limited to 'sql/sql_acl.cc')
| -rw-r--r-- | sql/sql_acl.cc | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 9f3068fce85..3b5e9983b80 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -531,6 +531,9 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user, (my_bool) old_ver))) { Vio *vio=thd->net.vio; +#ifdef HAVE_OPENSSL + SSL *ssl= (SSL*) vio->ssl_arg; +#endif /* In this point we know that user is allowed to connect from given host by given username/password pair. Now @@ -553,8 +556,8 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user, we should reject connection. */ if (vio_type(vio) == VIO_TYPE_SSL && - SSL_get_verify_result(vio->ssl_) == X509_V_OK && - SSL_get_peer_certificate(vio->ssl_)) + SSL_get_verify_result(ssl) == X509_V_OK && + SSL_get_peer_certificate(ssl)) user_access=acl_user->access; break; case SSL_TYPE_SPECIFIED: /* Client should have specified attrib */ @@ -563,28 +566,28 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user, we should reject connection. */ if (vio_type(vio) == VIO_TYPE_SSL && - SSL_get_verify_result(vio->ssl_) == X509_V_OK) + SSL_get_verify_result(ssl) == X509_V_OK) { if (acl_user->ssl_cipher) { DBUG_PRINT("info",("comparing ciphers: '%s' and '%s'", acl_user->ssl_cipher, - SSL_get_cipher(vio->ssl_))); - if (!strcmp(acl_user->ssl_cipher,SSL_get_cipher(vio->ssl_))) + SSL_get_cipher(ssl))); + if (!strcmp(acl_user->ssl_cipher,SSL_get_cipher(ssl))) user_access=acl_user->access; else { if (global_system_variables.log_warnings) sql_print_error("X509 ciphers mismatch: should be '%s' but is '%s'", acl_user->ssl_cipher, - SSL_get_cipher(vio->ssl_)); + SSL_get_cipher(ssl)); user_access=NO_ACCESS; break; } } /* Prepare certificate (if exists) */ DBUG_PRINT("info",("checkpoint 1")); - X509* cert=SSL_get_peer_certificate(vio->ssl_); + X509* cert=SSL_get_peer_certificate(ssl); DBUG_PRINT("info",("checkpoint 2")); /* If X509 issuer is speified, we check it... */ if (acl_user->x509_issuer) |