List:Commits« Previous MessageNext Message »
From:Tatiana Azundris Nurnberg Date:January 20 2011 11:55am
Subject:bzr commit into mysql-5.5-bugteam branch (azundris:3229) Bug#21287
View as plain text  
#At file:///Users/tnurnberg/forest/21287/55-21287/ based on revid:dao-gang.qu@stripped

 3229 Tatiana Azundris Nurnberg	2011-01-20
      Bug#21287: "SSL connection error" is not helpful! (ssl-verify-server-cert=true vs localhos)
      
      SSL errors on client now more specific, without giving away any secrets
     @ libmysql/errmsg.c
        SSL errors now extended, more specific
     @ mysql-test/r/openssl_1.result
        SSL error messages now more specific
     @ sql-common/client.c
        SSL errors on client now more specific, without giving away any secrets

    modified:
      libmysql/errmsg.c
      mysql-test/r/openssl_1.result
      sql-common/client.c
=== modified file 'libmysql/errmsg.c'
--- a/libmysql/errmsg.c	2010-11-24 10:23:44 +0000
+++ b/libmysql/errmsg.c	2011-01-20 11:55:40 +0000
@@ -51,7 +51,7 @@ const char *client_errors[]=
   "Error on SHOW SLAVE HOSTS:",
   "Error connecting to slave:",
   "Error connecting to master:",
-  "SSL connection error",
+  "SSL connection error%100s",
   "Malformed packet",
   "This client library is licensed only for use with MySQL servers having '%s' license",
   "Invalid use of null pointer",

=== modified file 'mysql-test/r/openssl_1.result'
--- a/mysql-test/r/openssl_1.result	2010-01-29 14:54:27 +0000
+++ b/mysql-test/r/openssl_1.result	2011-01-20 11:55:40 +0000
@@ -44,13 +44,13 @@ ERROR 42000: DELETE command denied to us
 drop user ssl_user1@localhost, ssl_user2@localhost,
 ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost;
 drop table t1;
-mysqltest: Could not open connection 'default': 2026 SSL connection error
-mysqltest: Could not open connection 'default': 2026 SSL connection error
-mysqltest: Could not open connection 'default': 2026 SSL connection error
+mysqltest: Could not open connection 'default': 2026 SSL connection error - could not connect
+mysqltest: Could not open connection 'default': 2026 SSL connection error - could not connect
+mysqltest: Could not open connection 'default': 2026 SSL connection error - could not connect
 SSL error: Unable to get private key from ''
-mysqltest: Could not open connection 'default': 2026 SSL connection error
+mysqltest: Could not open connection 'default': 2026 SSL connection error - could not initialize SSL or could not load certificates
 SSL error: Unable to get certificate from ''
-mysqltest: Could not open connection 'default': 2026 SSL connection error
+mysqltest: Could not open connection 'default': 2026 SSL connection error - could not initialize SSL or could not load certificates
 SHOW STATUS LIKE 'Ssl_cipher';
 Variable_name	Value
 Ssl_cipher	DHE-RSA-AES256-SHA
@@ -83,7 +83,7 @@ Ssl_cipher	AES128-SHA
 SHOW STATUS LIKE 'Ssl_cipher';
 Variable_name	Value
 Ssl_cipher	AES128-SHA
-mysqltest: Could not open connection 'default': 2026 SSL connection error
+mysqltest: Could not open connection 'default': 2026 SSL connection error - could not initialize SSL or could not load certificates
 CREATE TABLE t1(a int);
 INSERT INTO t1 VALUES (1), (2);
 
@@ -189,7 +189,7 @@ UNLOCK TABLES;
 /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
 
 SSL error: Unable to get private key from 'MYSQL_TEST_DIR/std_data/client-cert.pem'
-mysqldump: Got error: 2026: SSL connection error when trying to connect
+mysqldump: Got error: 2026: SSL connection error - could not initialize SSL or could not load certificates when trying to connect
 DROP TABLE t1;
 Variable_name	Value
 Ssl_cipher	DHE-RSA-AES256-SHA

=== modified file 'sql-common/client.c'
--- a/sql-common/client.c	2010-11-10 15:21:51 +0000
+++ b/sql-common/client.c	2011-01-20 11:55:40 +0000
@@ -2513,7 +2513,9 @@ static int send_client_reply_packet(MCPV
                                         options->ssl_capath,
                                         options->ssl_cipher)))
     {
-      set_mysql_error(mysql, CR_SSL_CONNECTION_ERROR, unknown_sqlstate);
+      set_mysql_extended_error(mysql, CR_SSL_CONNECTION_ERROR,
+                               unknown_sqlstate, ER(CR_SSL_CONNECTION_ERROR),
+        " - could not initialize SSL or could not load certificates");
       goto error;
     }
     mysql->connector_fd= (unsigned char *) ssl_fd;
@@ -2523,7 +2525,9 @@ static int send_client_reply_packet(MCPV
     if (sslconnect(ssl_fd, net->vio,
                    (long) (mysql->options.connect_timeout)))
     {    
-      set_mysql_error(mysql, CR_SSL_CONNECTION_ERROR, unknown_sqlstate);
+      set_mysql_extended_error(mysql, CR_SSL_CONNECTION_ERROR,
+                               unknown_sqlstate, ER(CR_SSL_CONNECTION_ERROR),
+        " - could not connect");
       goto error;
     }    
     DBUG_PRINT("info", ("IO layer change done!"));
@@ -2532,7 +2536,9 @@ static int send_client_reply_packet(MCPV
     if ((mysql->client_flag & CLIENT_SSL_VERIFY_SERVER_CERT) &&
         ssl_verify_server_cert(net->vio, mysql->host))
     {
-      set_mysql_error(mysql, CR_SSL_CONNECTION_ERROR, unknown_sqlstate);
+      set_mysql_extended_error(mysql, CR_SSL_CONNECTION_ERROR,
+                               unknown_sqlstate, ER(CR_SSL_CONNECTION_ERROR),
+        " - could not verify server certificate");
       goto error;
     }
   }


Attachment: [text/bzr-bundle] bzr/azundris@sun.com-20110120115540-snud58imhw6mcddj.bundle
Thread
bzr commit into mysql-5.5-bugteam branch (azundris:3229) Bug#21287Tatiana Azundris Nurnberg20 Jan
  • Re: bzr commit into mysql-5.5-bugteam branch (azundris:3229) Bug#21287Davi Arnaut25 Jan