• Developer Zone
• Lists Home
• FAQ

Below is the list of changes that have just been committed into a local
5.0 repository of cmiller. When cmiller does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2006-08-25 11:54:33-04:00, cmiller@stripped +3 -0
  Bug#21543: 5.0.24 breaks ABI compatibility for python bindings: \
  	InterfaceError on connect
  
  Removed the bool flag from the st_mysql_options struct, since it adds 
  another word in size to the memory size and shifts member memory locations
  down, both of which break binary-interface compatibility.
  
  Instead, use a flag, 2**30, in the client_options bit-field to represent
  that the client should check the SSL certificate of the server.

  include/mysql.h@stripped, 2006-08-25 11:54:31-04:00, cmiller@stripped +0 -1
    Do not change the struct size.

  include/mysql_com.h@stripped, 2006-08-25 11:54:31-04:00, cmiller@stripped +4 -2
    Add a new bit-flag for client verifying server SSL certificate.
    
    Emphasize that we're not stepping on anyone else's bit/toes.

  sql-common/client.c@stripped, 2006-08-25 11:54:31-04:00, cmiller@stripped +5 -3
    Set and read the bit-field for client-side SSL-cert checking of the server.

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	cmiller
# Host:	zippy.cornsilk.net
# Root:	/home/cmiller/work/mysql/release/mysql-5.0-release_mergable

--- 1.158/include/mysql.h	2006-08-25 11:54:37 -04:00
+++ 1.159/include/mysql.h	2006-08-25 11:54:37 -04:00
@@ -165,7 +165,6 @@
   char *ssl_ca;					/* PEM CA file */
   char *ssl_capath;				/* PEM directory of CA-s? */
   char *ssl_cipher;				/* cipher to use */
-  my_bool ssl_verify_server_cert;		/* if to verify server cert */
   char *shared_memory_base_name;
   unsigned long max_allowed_packet;
   my_bool use_ssl;				/* if to use SSL or not */

--- 1.103/include/mysql_com.h	2006-08-25 11:54:37 -04:00
+++ 1.104/include/mysql_com.h	2006-08-25 11:54:37 -04:00
@@ -134,8 +134,10 @@
 #define CLIENT_TRANSACTIONS	8192	/* Client knows about transactions */
 #define CLIENT_RESERVED         16384   /* Old flag for 4.1 protocol  */
 #define CLIENT_SECURE_CONNECTION 32768  /* New 4.1 authentication */
-#define CLIENT_MULTI_STATEMENTS 65536   /* Enable/disable multi-stmt support */
-#define CLIENT_MULTI_RESULTS    131072  /* Enable/disable multi-results */
+#define CLIENT_MULTI_STATEMENTS (((ulong) 1) << 16)   /* Enable/disable multi-stmt
support */
+#define CLIENT_MULTI_RESULTS    (((ulong) 1) << 17)  /* Enable/disable
multi-results */
+
+#define CLIENT_SSL_VERIFY_SERVER_CERT	(((ulong) 1) << 30)
 #define CLIENT_REMEMBER_OPTIONS	(((ulong) 1) << 31)
 
 #define SERVER_STATUS_IN_TRANS     1	/* Transaction has started */

--- 1.92/sql-common/client.c	2006-08-25 11:54:37 -04:00
+++ 1.93/sql-common/client.c	2006-08-25 11:54:37 -04:00
@@ -1502,7 +1502,6 @@
   mysql->options.ssl_ca=     strdup_if_not_null(ca);
   mysql->options.ssl_capath= strdup_if_not_null(capath);
   mysql->options.ssl_cipher= strdup_if_not_null(cipher);
-  mysql->options.ssl_verify_server_cert= FALSE; /* Off by default */
 #endif /* HAVE_OPENSSL */
   DBUG_RETURN(0);
 }
@@ -2162,7 +2161,7 @@
     DBUG_PRINT("info", ("IO layer change done!"));
 
     /* Verify server cert */
-    if (mysql->options.ssl_verify_server_cert &&
+    if ((client_flag & CLIENT_SSL_VERIFY_SERVER_CERT) &&
         ssl_verify_server_cert(mysql->net.vio, mysql->host))
     {
       set_mysql_error(mysql, CR_SSL_CONNECTION_ERROR, unknown_sqlstate);
@@ -2909,7 +2908,10 @@
     mysql->reconnect= *(my_bool *) arg;
     break;
   case MYSQL_OPT_SSL_VERIFY_SERVER_CERT:
-    mysql->options.ssl_verify_server_cert= *(my_bool *) arg;
+    if (!arg || test(*(uint*) arg))
+      mysql->options.client_flag|= CLIENT_SSL_VERIFY_SERVER_CERT;
+    else
+      mysql->options.client_flag&= ~CLIENT_SSL_VERIFY_SERVER_CERT;
     break;
   default:
     DBUG_RETURN(1);