Below is the list of changes that have just been committed into a local
6.0 repository of cmiller. When cmiller does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html
ChangeSet@stripped, 2007-12-06 22:12:06-05:00, cmiller@stripped +20 -0
Polish and address concerns of reviewers.
include/mysql.h@stripped, 2007-12-06 22:12:02-05:00, cmiller@stripped +0 -4
Remove conditions inside public API structs.
include/violite.h@stripped, 2007-12-06 22:12:02-05:00, cmiller@stripped +2 -2
Remove CPP condition indentation.
mysql-test/include/have_ssl_communication.inc@stripped, 2007-12-06 09:55:25-05:00, cmiller@stripped +0 -0
Rename: mysql-test/include/have_ssl.inc -> mysql-test/include/have_ssl_communication.inc
mysql-test/include/have_ssl_crypto_functs.inc@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +8 -0
Distinguish between communication and crypto.
Use the tristate value of "have_ssl" variable to know whether to
test or not for SSL-provided crypto functions.
mysql-test/include/have_ssl_crypto_functs.inc@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +0 -0
mysql-test/r/have_ssl_is_yes_or_disabled_only.require@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +2 -0
Distinguish between communication and crypto.
Use the tristate value of "have_ssl" variable to know whether to
test or not for SSL-provided crypto functions.
mysql-test/r/have_ssl_is_yes_or_disabled_only.require@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +0 -0
mysql-test/suite/rpl/t/rpl_ssl.test@stripped, 2007-12-06 22:12:02-05:00, cmiller@stripped +1 -1
Distinguish between communication and crypto.
mysql-test/suite/rpl/t/rpl_ssl1.test@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +1 -1
Distinguish between communication and crypto.
mysql-test/t/func_des_encrypt.test@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +1 -1
Distinguish between communication and crypto.
mysql-test/t/func_digest.test@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +1 -1
Distinguish between communication and crypto.
mysql-test/t/func_encrypt.test@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +1 -1
Distinguish between communication and crypto.
mysql-test/t/openssl_1.test@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +1 -2
Distinguish between communication and crypto.
mysql-test/t/ssl-big.test@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +1 -2
Distinguish between communication and crypto.
mysql-test/t/ssl.test@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +1 -2
Distinguish between communication and crypto.
mysql-test/t/ssl_8k_key.test@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +1 -2
Distinguish between communication and crypto.
mysql-test/t/ssl_compress.test@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +1 -2
Distinguish between communication and crypto.
mysql-test/t/ssl_connect.test@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +1 -2
Distinguish between communication and crypto.
sql/item_strfunc.cc@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +0 -2
Remove extraneous debugging.
sql/mysqld.cc@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +11 -9
Remove CPP condition indentation.
sql/sha2.cc@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +12 -0
Add comment for generated functions.
sql/sql_connect.cc@stripped, 2007-12-06 22:12:03-05:00, cmiller@stripped +4 -4
Remove redundant test conditions.
diff -Nrup a/include/mysql.h b/include/mysql.h
--- a/include/mysql.h 2007-12-03 12:39:54 -05:00
+++ b/include/mysql.h 2007-12-06 22:12:02 -05:00
@@ -177,13 +177,11 @@ struct st_mysql_options {
char *host,*user,*password,*unix_socket,*db;
struct st_dynamic_array *init_commands;
char *my_cnf_file,*my_cnf_group, *charset_dir, *charset_name;
-#if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
char *ssl_key; /* PEM key file */
char *ssl_cert; /* PEM cert file */
char *ssl_ca; /* PEM CA file */
char *ssl_capath; /* PEM directory of CA-s? */
char *ssl_cipher; /* cipher to use */
-#endif
char *shared_memory_base_name;
unsigned long max_allowed_packet;
my_bool use_ssl; /* if to use SSL or not */
@@ -260,9 +258,7 @@ struct st_mysql_stmt;
typedef struct st_mysql
{
NET net; /* Communication parameters */
-#if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
unsigned char *connector_fd; /* ConnectorFd for SSL */
-#endif
char *host,*user,*passwd,*unix_socket,*server_version,*host_info;
char *info, *db;
struct charset_info_st *charset;
diff -Nrup a/include/violite.h b/include/violite.h
--- a/include/violite.h 2007-12-03 12:39:54 -05:00
+++ b/include/violite.h 2007-12-06 22:12:02 -05:00
@@ -109,7 +109,7 @@ typedef my_socket YASSL_SOCKET_T;
#include <openssl/ssl.h>
#include <openssl/err.h>
-# ifndef EMBEDDED_LIBRARY
+#ifndef EMBEDDED_LIBRARY
struct st_VioSSLFd
{
@@ -128,7 +128,7 @@ struct st_VioSSLFd
const char *ca_file,const char *ca_path,
const char *cipher);
void free_vio_ssl_acceptor_fd(struct st_VioSSLFd *fd);
-# endif /* ! EMBEDDED_LIBRARY */
+#endif /* ! EMBEDDED_LIBRARY */
#endif /* HAVE_OPENSSL */
#ifdef HAVE_SMEM
diff -Nrup a/mysql-test/include/have_ssl.inc b/mysql-test/include/have_ssl.inc
--- a/mysql-test/include/have_ssl.inc 2007-03-05 04:03:40 -05:00
+++ /dev/null Wed Dec 31 16:00:00 196900
@@ -1,4 +0,0 @@
--- require r/have_ssl.require
-disable_query_log;
-show variables like "have_ssl";
-enable_query_log;
diff -Nrup a/mysql-test/include/have_ssl_communication.inc b/mysql-test/include/have_ssl_communication.inc
--- /dev/null Wed Dec 31 16:00:00 196900
+++ b/mysql-test/include/have_ssl_communication.inc 2007-12-06 09:55:25 -05:00
@@ -0,0 +1,4 @@
+-- require r/have_ssl.require
+disable_query_log;
+show variables like "have_ssl";
+enable_query_log;
diff -Nrup a/mysql-test/include/have_ssl_crypto_functs.inc b/mysql-test/include/have_ssl_crypto_functs.inc
--- /dev/null Wed Dec 31 16:00:00 196900
+++ b/mysql-test/include/have_ssl_crypto_functs.inc 2007-12-06 22:12:03 -05:00
@@ -0,0 +1,8 @@
+-- require r/have_ssl_is_yes_or_disabled_only.require
+disable_query_log;
+# "yes" means that the ssl library is found and the server can communicate using SSL.
+# "no" means that there are no SSL functions in the server.
+# "disabled" means that ssl functions exist, but communication is disabled for some reason.
+replace_regex s/(YES|DISABLED)/yesordisabled/;
+show variables like "have_ssl";
+enable_query_log;
diff -Nrup a/mysql-test/r/have_ssl_is_yes_or_disabled_only.require b/mysql-test/r/have_ssl_is_yes_or_disabled_only.require
--- /dev/null Wed Dec 31 16:00:00 196900
+++ b/mysql-test/r/have_ssl_is_yes_or_disabled_only.require 2007-12-06 22:12:03 -05:00
@@ -0,0 +1,2 @@
+Variable_name Value
+have_ssl yesordisabled
diff -Nrup a/mysql-test/suite/rpl/t/rpl_ssl.test b/mysql-test/suite/rpl/t/rpl_ssl.test
--- a/mysql-test/suite/rpl/t/rpl_ssl.test 2007-11-27 05:01:55 -05:00
+++ b/mysql-test/suite/rpl/t/rpl_ssl.test 2007-12-06 22:12:02 -05:00
@@ -1,4 +1,4 @@
-source include/have_ssl.inc;
+source include/have_ssl_communication.inc;
source include/master-slave.inc;
# create a user for replication that requires ssl encryption
diff -Nrup a/mysql-test/suite/rpl/t/rpl_ssl1.test b/mysql-test/suite/rpl/t/rpl_ssl1.test
--- a/mysql-test/suite/rpl/t/rpl_ssl1.test 2007-06-27 08:28:29 -04:00
+++ b/mysql-test/suite/rpl/t/rpl_ssl1.test 2007-12-06 22:12:03 -05:00
@@ -1,4 +1,4 @@
-source include/have_ssl.inc;
+source include/have_ssl_communication.inc;
source include/master-slave.inc;
# We don't test all types of ssl auth params here since it's a bit hard
diff -Nrup a/mysql-test/t/func_des_encrypt.test b/mysql-test/t/func_des_encrypt.test
--- a/mysql-test/t/func_des_encrypt.test 2007-03-05 04:03:40 -05:00
+++ b/mysql-test/t/func_des_encrypt.test 2007-12-06 22:12:03 -05:00
@@ -1,4 +1,4 @@
--- source include/have_ssl.inc
+-- source include/have_ssl_crypto_functs.inc
# This test can't be in func_encrypt.test, because it requires
# --des-key-file to not be set.
diff -Nrup a/mysql-test/t/func_digest.test b/mysql-test/t/func_digest.test
--- a/mysql-test/t/func_digest.test 2007-12-03 12:39:55 -05:00
+++ b/mysql-test/t/func_digest.test 2007-12-06 22:12:03 -05:00
@@ -1,4 +1,4 @@
--- source include/have_ssl.inc
+-- source include/have_ssl_crypto_functs.inc
# These test data are from the NIST SHA Test Vectors for Hashing
# Byte-Oriented Messages. See http://csrc.nist.gov/cryptval/shs.htm
diff -Nrup a/mysql-test/t/func_encrypt.test b/mysql-test/t/func_encrypt.test
--- a/mysql-test/t/func_encrypt.test 2007-03-05 04:03:40 -05:00
+++ b/mysql-test/t/func_encrypt.test 2007-12-06 22:12:03 -05:00
@@ -1,4 +1,4 @@
--- source include/have_ssl.inc
+-- source include/have_ssl_crypto_functs.inc
--disable_warnings
drop table if exists t1;
diff -Nrup a/mysql-test/t/openssl_1.test b/mysql-test/t/openssl_1.test
--- a/mysql-test/t/openssl_1.test 2007-12-03 12:39:54 -05:00
+++ b/mysql-test/t/openssl_1.test 2007-12-06 22:12:03 -05:00
@@ -1,8 +1,7 @@
# Tests for SSL connections, only run if mysqld is compiled
# with support for SSL.
--- source include/have_ssl.inc
--- source include/not_embedded.inc
+-- source include/have_ssl_communication.inc
--disable_warnings
drop table if exists t1;
diff -Nrup a/mysql-test/t/ssl-big.test b/mysql-test/t/ssl-big.test
--- a/mysql-test/t/ssl-big.test 2007-12-03 12:39:55 -05:00
+++ b/mysql-test/t/ssl-big.test 2007-12-06 22:12:03 -05:00
@@ -1,9 +1,8 @@
# Turn on ssl between the client and server
# and run a number of tests
--- source include/have_ssl.inc
+-- source include/have_ssl_communication.inc
-- source include/big_test.inc
--- source include/not_embedded.inc
--disable_warnings
DROP TABLE IF EXISTS t1, t2;
diff -Nrup a/mysql-test/t/ssl.test b/mysql-test/t/ssl.test
--- a/mysql-test/t/ssl.test 2007-12-03 12:39:55 -05:00
+++ b/mysql-test/t/ssl.test 2007-12-06 22:12:03 -05:00
@@ -1,8 +1,7 @@
# Turn on ssl between the client and server
# and run a number of tests
--- source include/have_ssl.inc
--- source include/not_embedded.inc
+-- source include/have_ssl_communication.inc
connect (ssl_con,localhost,root,,,,,SSL);
diff -Nrup a/mysql-test/t/ssl_8k_key.test b/mysql-test/t/ssl_8k_key.test
--- a/mysql-test/t/ssl_8k_key.test 2007-12-03 12:39:55 -05:00
+++ b/mysql-test/t/ssl_8k_key.test 2007-12-06 22:12:03 -05:00
@@ -1,5 +1,4 @@
--- source include/have_ssl.inc
--- source include/not_embedded.inc
+-- source include/have_ssl_communication.inc
#
# Bug#29784 YaSSL assertion failure when reading 8k key.
#
diff -Nrup a/mysql-test/t/ssl_compress.test b/mysql-test/t/ssl_compress.test
--- a/mysql-test/t/ssl_compress.test 2007-12-03 12:39:55 -05:00
+++ b/mysql-test/t/ssl_compress.test 2007-12-06 22:12:03 -05:00
@@ -1,8 +1,7 @@
# Turn on compression between the client and server
# and run a number of tests
--- source include/have_ssl.inc
--- source include/not_embedded.inc
+-- source include/have_ssl_communication.inc
-- source include/have_compress.inc
connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS);
diff -Nrup a/mysql-test/t/ssl_connect.test b/mysql-test/t/ssl_connect.test
--- a/mysql-test/t/ssl_connect.test 2007-12-03 12:39:55 -05:00
+++ b/mysql-test/t/ssl_connect.test 2007-12-06 22:12:03 -05:00
@@ -1,6 +1,5 @@
--- source include/have_ssl.inc
--- source include/not_embedded.inc
+-- source include/have_ssl_communication.inc
# Repeat connect/disconnect
diff -Nrup a/sql/item_strfunc.cc b/sql/item_strfunc.cc
--- a/sql/item_strfunc.cc 2007-12-03 12:39:55 -05:00
+++ b/sql/item_strfunc.cc 2007-12-06 22:12:03 -05:00
@@ -626,7 +626,6 @@ String *Item_func_des_encrypt::val_str(S
&keyschedule.ks2,
&keyschedule.ks3,
&ivec, TRUE);
- DBUG_PRINT("chad", ("Item_func_des_encrypt %s -> %s", res->ptr(), tmp_value.ptr()+1));
return &tmp_value;
error:
@@ -700,7 +699,6 @@ String *Item_func_des_decrypt::val_str(S
&keyschedule.ks2,
&keyschedule.ks3,
&ivec, FALSE);
- DBUG_PRINT("chad", ("Item_func_des_decrypt %s -> %s", res->ptr(), tmp_value.ptr()));
/* Restore old length of key */
if ((tail=(uint) (uchar) tmp_value[length-2]) > 8)
goto wrong_key; // Wrong key
diff -Nrup a/sql/mysqld.cc b/sql/mysqld.cc
--- a/sql/mysqld.cc 2007-12-03 12:39:55 -05:00
+++ b/sql/mysqld.cc 2007-12-06 22:12:03 -05:00
@@ -3211,7 +3211,7 @@ static void openssl_lock(int mode, opens
static void init_ssl()
{
#ifdef HAVE_OPENSSL
-# ifndef EMBEDDED_LIBRARY
+#ifndef EMBEDDED_LIBRARY
if (opt_use_ssl)
{
/* having ssl_acceptor_fd != 0 signals the use of SSL */
@@ -3230,7 +3230,9 @@ static void init_ssl()
{
have_ssl= SHOW_OPTION_DISABLED;
}
-# endif /* ! EMBEDDED_LIBRARY */
+#else
+ have_ssl= SHOW_OPTION_DISABLED;
+#endif /* ! EMBEDDED_LIBRARY */
if (des_key_file)
load_des_key_file(des_key_file);
#endif /* HAVE_OPENSSL */
@@ -3240,13 +3242,13 @@ static void init_ssl()
static void end_ssl()
{
#ifdef HAVE_OPENSSL
-# ifndef EMBEDDED_LIBRARY
+#ifndef EMBEDDED_LIBRARY
if (ssl_acceptor_fd)
{
free_vio_ssl_acceptor_fd(ssl_acceptor_fd);
ssl_acceptor_fd= 0;
}
-# endif /* ! EMBEDDED_LIBRARY */
+#endif /* ! EMBEDDED_LIBRARY */
#endif /* HAVE_OPENSSL */
}
@@ -6934,7 +6936,7 @@ SHOW_VAR status_vars[]= {
{"Sort_rows", (char*) offsetof(STATUS_VAR, filesort_rows), SHOW_LONG_STATUS},
{"Sort_scan", (char*) offsetof(STATUS_VAR, filesort_scan_count), SHOW_LONG_STATUS},
#ifdef HAVE_OPENSSL
-# ifndef EMBEDDED_LIBRARY
+#ifndef EMBEDDED_LIBRARY
{"Ssl_accept_renegotiates", (char*) &show_ssl_ctx_sess_accept_renegotiate, SHOW_FUNC},
{"Ssl_accepts", (char*) &show_ssl_ctx_sess_accept, SHOW_FUNC},
{"Ssl_callback_cache_hits", (char*) &show_ssl_ctx_sess_cb_hits, SHOW_FUNC},
@@ -6958,7 +6960,7 @@ SHOW_VAR status_vars[]= {
{"Ssl_verify_depth", (char*) &show_ssl_get_verify_depth, SHOW_FUNC},
{"Ssl_verify_mode", (char*) &show_ssl_get_verify_mode, SHOW_FUNC},
{"Ssl_version", (char*) &show_ssl_get_version, SHOW_FUNC},
-# endif
+#endif
#endif /* HAVE_OPENSSL */
{"Table_locks_immediate", (char*) &locks_immediate, SHOW_LONG},
{"Table_locks_waited", (char*) &locks_waited, SHOW_LONG},
@@ -7228,10 +7230,10 @@ static void mysql_init_variables(void)
#endif
#ifdef HAVE_OPENSSL
des_key_file = 0;
-# ifndef EMBEDDED_LIBRARY
+#ifndef EMBEDDED_LIBRARY
ssl_acceptor_fd= 0;
-# endif
-#endif
+#endif /* ! EMBEDDED_LIBRARY */
+#endif /* HAVE_OPENSSL */
#ifdef HAVE_SMEM
shared_memory_base_name= default_shared_memory_base_name;
#endif
diff -Nrup a/sql/sha2.cc b/sql/sha2.cc
--- a/sql/sha2.cc 2007-12-03 12:39:55 -05:00
+++ b/sql/sha2.cc 2007-12-06 22:12:03 -05:00
@@ -42,6 +42,18 @@ unsigned char* SHA##size(const unsigned
return(output_ptr); \
}
+
+/**
+ @fn SHA512
+ @fn SHA384
+ @fn SHA256
+ @fn SHA224
+
+ Instantiate an hash object, fill in the cleartext value, compute the digest,
+ and extract the result from the object.
+
+ (Generate the functions. See similar .h code for the prototypes.)
+*/
# ifndef OPENSSL_NO_SHA512
GEN_YASSL_SHA2_BRIDGE(512);
GEN_YASSL_SHA2_BRIDGE(384);
diff -Nrup a/sql/sql_connect.cc b/sql/sql_connect.cc
--- a/sql/sql_connect.cc 2007-12-03 12:39:55 -05:00
+++ b/sql/sql_connect.cc 2007-12-06 22:12:03 -05:00
@@ -738,10 +738,10 @@ static int check_connection(THD *thd)
#ifdef HAVE_COMPRESS
client_flags |= CLIENT_COMPRESS;
#endif /* HAVE_COMPRESS */
-#if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
+#if defined(HAVE_OPENSSL)
if (ssl_acceptor_fd)
client_flags |= CLIENT_SSL; /* Wow, SSL is available! */
-#endif /* HAVE_OPENSSL && !EMBEDDED_LIBRARY */
+#endif /* HAVE_OPENSSL */
end= strnmov(buff, server_version, SERVER_VERSION_LENGTH) + 1;
int4store((uchar*) end, thd->thread_id);
@@ -807,7 +807,7 @@ static int check_connection(THD *thd)
if (thd->client_capabilities & CLIENT_IGNORE_SPACE)
thd->variables.sql_mode|= MODE_IGNORE_SPACE;
-#if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
+#if defined(HAVE_OPENSSL)
DBUG_PRINT("info", ("client capabilities: %lu", thd->client_capabilities));
if (thd->client_capabilities & CLIENT_SSL)
{
@@ -837,7 +837,7 @@ static int check_connection(THD *thd)
return 1;
}
}
-#endif /* HAVE_OPENSSL && !EMBEDDED_LIBRARY */
+#endif /* HAVE_OPENSSL */
if (end >= (char*) net->read_pos+ pkt_len +2)
{
| Thread |
|---|
| • bk commit into 6.0 tree (cmiller:1.2704) | Chad MILLER | 7 Dec |
