Below is the list of changes that have just been committed into a local
5.1 repository of msvensson. When msvensson does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html
ChangeSet
1.2390 06/05/12 08:45:22 msvensson@neptunus.(none) +31 -0
Merge neptunus.(none):/home/msvensson/mysql/tmp/tmp_merge
into neptunus.(none):/home/msvensson/mysql/mysql-5.1
vio/viosslfactories.c
1.27 06/05/12 08:45:17 msvensson@neptunus.(none) +0 -1
Merge 5.0 -> 5.1
vio/viossl.c
1.35 06/05/12 08:45:17 msvensson@neptunus.(none) +0 -2
Merge 5.0 -> 5.1
sql/mysqld.cc
1.554 06/05/12 08:45:17 msvensson@neptunus.(none) +1 -2
Merge 5.0 -> 5.1
mysql-test/t/disabled.def
1.153 06/05/12 08:45:17 msvensson@neptunus.(none) +0 -1
Merge 5.0 -> 5.1
mysql-test/Makefile.am
1.77 06/05/12 08:45:17 msvensson@neptunus.(none) +0 -5
Merge 5.0 -> 5.1
include/violite.h
1.47 06/05/12 08:45:17 msvensson@neptunus.(none) +0 -0
Merge 5.0 -> 5.1
client/client_priv.h
1.56 06/05/12 08:45:17 msvensson@neptunus.(none) +1 -2
Merge 5.0 -> 5.1
vio/vio.c
1.29 06/05/12 08:42:01 msvensson@neptunus.(none) +0 -0
Auto merged
storage/ndb/src/kernel/blocks/dbtc/DbtcInit.cpp
1.15 06/05/12 08:42:01 msvensson@neptunus.(none) +0 -0
Auto merged
sql/sql_acl.cc
1.190 06/05/12 08:42:01 msvensson@neptunus.(none) +0 -0
Auto merged
sql/mysql_priv.h
1.400 06/05/12 08:42:01 msvensson@neptunus.(none) +0 -0
Auto merged
sql-common/client.c
1.97 06/05/12 08:42:01 msvensson@neptunus.(none) +0 -0
Auto merged
sql/item_func.cc
1.292 06/05/12 08:42:00 msvensson@neptunus.(none) +0 -0
Auto merged
mysql-test/t/information_schema.test
1.77 06/05/12 08:42:00 msvensson@neptunus.(none) +0 -0
Auto merged
mysql-test/std_data/server-key.pem
1.8 06/05/12 08:42:00 msvensson@neptunus.(none) +0 -0
Auto merged
mysql-test/std_data/server-cert.pem
1.9 06/05/12 08:42:00 msvensson@neptunus.(none) +0 -0
Auto merged
mysql-test/std_data/client-key.pem
1.8 06/05/12 08:42:00 msvensson@neptunus.(none) +0 -0
Auto merged
mysql-test/std_data/client-cert.pem
1.9 06/05/12 08:42:00 msvensson@neptunus.(none) +0 -0
Auto merged
mysql-test/std_data/cacert.pem
1.9 06/05/12 08:42:00 msvensson@neptunus.(none) +0 -0
Auto merged
mysql-test/r/information_schema.result
1.118 06/05/12 08:42:00 msvensson@neptunus.(none) +0 -0
Auto merged
mysql-test/mysql-test-run.pl
1.113 06/05/12 08:42:00 msvensson@neptunus.(none) +0 -0
Auto merged
libmysql/libmysql.c
1.251 06/05/12 08:42:00 msvensson@neptunus.(none) +0 -0
Auto merged
include/mysql.h
1.161 06/05/12 08:42:00 msvensson@neptunus.(none) +0 -0
Auto merged
client/mysqltest.c
1.209 06/05/12 08:42:00 msvensson@neptunus.(none) +0 -0
Auto merged
BitKeeper/deleted/.del-NOTES~e926d3e6929ac052
1.4 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Auto merged
BitKeeper/deleted/.del-Makefile.am~de166d6fcac3b9b6
1.3 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Auto merged
storage/ndb/src/kernel/blocks/dbtc/DbtcInit.cpp
1.8.5.2 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Merge rename: ndb/src/kernel/blocks/dbtc/DbtcInit.cpp -> storage/ndb/src/kernel/blocks/dbtc/DbtcInit.cpp
mysql-test/std_data/server-key.pem
1.4.1.2 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Merge rename: SSL/server-key.pem -> mysql-test/std_data/server-key.pem
mysql-test/std_data/server-cert.pem
1.5.1.3 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Merge rename: SSL/server-cert.pem -> mysql-test/std_data/server-cert.pem
mysql-test/std_data/client-key.pem
1.4.1.2 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Merge rename: SSL/client-key.pem -> mysql-test/std_data/client-key.pem
mysql-test/std_data/client-cert.pem
1.5.1.2 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Merge rename: SSL/client-cert.pem -> mysql-test/std_data/client-cert.pem
mysql-test/std_data/cacert.pem
1.5.1.2 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Merge rename: SSL/cacert.pem -> mysql-test/std_data/cacert.pem
client/mysqlimport.c
1.72 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Auto merged
client/mysqldump.c
1.236 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Auto merged
client/mysql.cc
1.207 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Auto merged
BitKeeper/deleted/.del-server-req.pem~16301893cacf1be4
1.4 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Auto merged
BitKeeper/deleted/.del-client-req.pem~efd482e1d290d4d8
1.4 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Auto merged
BitKeeper/deleted/.del-NOTES~e926d3e6929ac052
1.2.1.2 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Merge rename: SSL/NOTES -> BitKeeper/deleted/.del-NOTES~e926d3e6929ac052
BitKeeper/deleted/.del-Makefile.am~de166d6fcac3b9b6
1.1.1.2 06/05/12 08:41:59 msvensson@neptunus.(none) +0 -0
Merge rename: SSL/Makefile.am -> BitKeeper/deleted/.del-Makefile.am~de166d6fcac3b9b6
# This is a BitKeeper patch. What follows are the unified diffs for the
# set of deltas contained in the patch. The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User: msvensson
# Host: neptunus.(none)
# Root: /home/msvensson/mysql/mysql-5.1/RESYNC
--- 1.206/client/mysql.cc 2006-05-03 19:34:12 +02:00
+++ 1.207/client/mysql.cc 2006-05-12 08:41:59 +02:00
@@ -3144,6 +3144,8 @@
if (opt_use_ssl)
mysql_ssl_set(&mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
opt_ssl_capath, opt_ssl_cipher);
+ mysql_options(&mysql,MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
+ (char*)&opt_ssl_verify_server_cert);
#endif
if (opt_protocol)
mysql_options(&mysql,MYSQL_OPT_PROTOCOL,(char*)&opt_protocol);
--- 1.235/client/mysqldump.c 2006-04-26 11:57:04 +02:00
+++ 1.236/client/mysqldump.c 2006-05-12 08:41:59 +02:00
@@ -918,6 +918,8 @@
if (opt_use_ssl)
mysql_ssl_set(&mysql_connection, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
opt_ssl_capath, opt_ssl_cipher);
+ mysql_options(&mysql_connection,MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
+ (char*)&opt_ssl_verify_server_cert);
#endif
if (opt_protocol)
mysql_options(&mysql_connection,MYSQL_OPT_PROTOCOL,(char*)&opt_protocol);
--- 1.71/client/mysqlimport.c 2006-02-28 22:46:20 +01:00
+++ 1.72/client/mysqlimport.c 2006-05-12 08:41:59 +02:00
@@ -406,6 +406,8 @@
if (opt_use_ssl)
mysql_ssl_set(mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
opt_ssl_capath, opt_ssl_cipher);
+ mysql_options(&mysql_connection,MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
+ (char*)&opt_ssl_verify_server_cert);
#endif
if (opt_protocol)
mysql_options(mysql,MYSQL_OPT_PROTOCOL,(char*)&opt_protocol);
--- 1.160/include/mysql.h 2006-04-30 22:13:53 +02:00
+++ 1.161/include/mysql.h 2006-05-12 08:42:00 +02:00
@@ -149,7 +149,8 @@
MYSQL_OPT_WRITE_TIMEOUT, MYSQL_OPT_USE_RESULT,
MYSQL_OPT_USE_REMOTE_CONNECTION, MYSQL_OPT_USE_EMBEDDED_CONNECTION,
MYSQL_OPT_GUESS_CONNECTION, MYSQL_SET_CLIENT_IP, MYSQL_SECURE_AUTH,
- MYSQL_REPORT_DATA_TRUNCATION, MYSQL_OPT_RECONNECT
+ MYSQL_REPORT_DATA_TRUNCATION, MYSQL_OPT_RECONNECT,
+ MYSQL_OPT_SSL_VERIFY_SERVER_CERT
};
struct st_mysql_options {
@@ -164,6 +165,7 @@
char *ssl_ca; /* PEM CA file */
char *ssl_capath; /* PEM directory of CA-s? */
char *ssl_cipher; /* cipher to use */
+ my_bool ssl_verify_server_cert; /* if to verify server cert */
char *shared_memory_base_name;
unsigned long max_allowed_packet;
my_bool use_ssl; /* if to use SSL or not */
--- 1.46/include/violite.h 2006-05-08 17:09:02 +02:00
+++ 1.47/include/violite.h 2006-05-12 08:45:17 +02:00
@@ -121,6 +121,7 @@
*new_VioSSLAcceptorFd(const char *key_file, const char *cert_file,
const char *ca_file,const char *ca_path,
const char *cipher);
+void free_vio_ssl_acceptor_fd(struct st_VioSSLAcceptorFd *fd);
#endif /* HAVE_OPENSSL */
#ifdef HAVE_SMEM
--- 1.250/libmysql/libmysql.c 2006-04-16 03:17:25 +02:00
+++ 1.251/libmysql/libmysql.c 2006-05-12 08:42:00 +02:00
@@ -186,6 +186,7 @@
mysql_thread_end();
finish_client_errs();
free_charsets();
+ vio_end();
mysql_client_init= org_my_init_done= 0;
#ifdef EMBEDDED_SERVER
if (stderror_file)
--- 1.291/sql/item_func.cc 2006-05-11 18:44:25 +02:00
+++ 1.292/sql/item_func.cc 2006-05-12 08:42:00 +02:00
@@ -2736,9 +2736,10 @@
{
uchar is_null_tmp=0;
ulong res_length;
+ DBUG_ENTER("udf_handler::val_str");
if (get_arguments())
- return 0;
+ DBUG_RETURN(0);
char * (*func)(UDF_INIT *, UDF_ARGS *, char *, ulong *, uchar *, uchar *)=
(char* (*)(UDF_INIT *, UDF_ARGS *, char *, ulong *, uchar *, uchar *))
u_d->func;
@@ -2748,22 +2749,26 @@
if (str->alloc(MAX_FIELD_WIDTH))
{
error=1;
- return 0;
+ DBUG_RETURN(0);
}
}
char *res=func(&initid, &f_args, (char*) str->ptr(), &res_length,
&is_null_tmp, &error);
+ DBUG_PRINT("info", ("udf func returned, res_length: %lu", res_length));
if (is_null_tmp || !res || error) // The !res is for safety
{
- return 0;
+ DBUG_PRINT("info", ("Null or error"));
+ DBUG_RETURN(0);
}
if (res == str->ptr())
{
str->length(res_length);
- return str;
+ DBUG_PRINT("exit", ("str: %s", str->ptr()));
+ DBUG_RETURN(str);
}
save_str->set(res, res_length, str->charset());
- return save_str;
+ DBUG_PRINT("exit", ("save_str: %s", save_str->ptr()));
+ DBUG_RETURN(save_str);
}
--- 1.399/sql/mysql_priv.h 2006-05-05 19:08:37 +02:00
+++ 1.400/sql/mysql_priv.h 2006-05-12 08:42:01 +02:00
@@ -1644,7 +1644,7 @@
#endif
#ifdef HAVE_OPENSSL
-extern struct st_VioSSLAcceptorFd * ssl_acceptor_fd;
+extern struct st_VioSSLFd * ssl_acceptor_fd;
#endif /* HAVE_OPENSSL */
MYSQL_LOCK *mysql_lock_tables(THD *thd, TABLE **table, uint count,
--- 1.553/sql/mysqld.cc 2006-05-04 21:20:35 +02:00
+++ 1.554/sql/mysqld.cc 2006-05-12 08:45:17 +02:00
@@ -710,7 +710,7 @@
static unsigned long openssl_id_function();
#endif
char *des_key_file;
-struct st_VioSSLAcceptorFd *ssl_acceptor_fd;
+struct st_VioSSLFd *ssl_acceptor_fd;
#endif /* HAVE_OPENSSL */
@@ -1219,6 +1219,7 @@
delete binlog_filter;
delete rpl_filter;
end_ssl();
+ vio_end();
#ifdef USE_REGEX
my_regex_end();
#endif
--- 1.189/sql/sql_acl.cc 2006-05-11 09:28:46 +02:00
+++ 1.190/sql/sql_acl.cc 2006-05-12 08:42:01 +02:00
@@ -987,8 +987,8 @@
if (acl_user->x509_issuer)
{
DBUG_PRINT("info",("checkpoint 3"));
- char *ptr = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
- DBUG_PRINT("info",("comparing issuers: '%s' and '%s'",
+ char *ptr = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
+ DBUG_PRINT("info",("comparing issuers: '%s' and '%s'",
acl_user->x509_issuer, ptr));
if (strcmp(acl_user->x509_issuer, ptr))
{
--- 1.117/mysql-test/r/information_schema.result 2006-05-04 00:58:03 +02:00
+++ 1.118/mysql-test/r/information_schema.result 2006-05-12 08:42:00 +02:00
@@ -1129,11 +1129,6 @@
DROP VIEW v1;
DROP FUNCTION func1;
DROP FUNCTION func2;
-create database mysqltest;
-create table mysqltest.t1(a int);
-select table_schema from information_schema.tables where table_schema='mysqltest';
-table_schema
-drop database mysqltest;
select column_type, group_concat(table_schema, '.', table_name), count(*) as num
from information_schema.columns where
table_schema='information_schema' and
--- 1.76/mysql-test/t/information_schema.test 2006-04-30 22:27:32 +02:00
+++ 1.77/mysql-test/t/information_schema.test 2006-05-12 08:42:00 +02:00
@@ -797,15 +797,6 @@
DROP FUNCTION func1;
DROP FUNCTION func2;
-#
-# Bug #15851 Unlistable directories yield no info from information_schema
-#
-create database mysqltest;
-create table mysqltest.t1(a int);
---exec chmod -r $MYSQLTEST_VARDIR/master-data/mysqltest
-select table_schema from information_schema.tables where table_schema='mysqltest';
---exec chmod +r $MYSQLTEST_VARDIR/master-data/mysqltest
-drop database mysqltest;
#
# Bug#15307 GROUP_CONCAT() with ORDER BY returns empty set on information_schema
--- 1.96/sql-common/client.c 2006-04-30 22:13:55 +02:00
+++ 1.97/sql-common/client.c 2006-05-12 08:42:01 +02:00
@@ -1495,6 +1495,7 @@
mysql->options.ssl_ca= strdup_if_not_null(ca);
mysql->options.ssl_capath= strdup_if_not_null(capath);
mysql->options.ssl_cipher= strdup_if_not_null(cipher);
+ mysql->options.ssl_verify_server_cert= FALSE; /* Off by default */
#endif /* HAVE_OPENSSL */
DBUG_RETURN(0);
}
@@ -1509,17 +1510,16 @@
static void
mysql_ssl_free(MYSQL *mysql __attribute__((unused)))
{
- struct st_VioSSLConnectorFd *st=
- (struct st_VioSSLConnectorFd*) mysql->connector_fd;
+ struct st_VioSSLFd *ssl_fd= (struct st_VioSSLFd*) mysql->connector_fd;
DBUG_ENTER("mysql_ssl_free");
my_free(mysql->options.ssl_key, MYF(MY_ALLOW_ZERO_PTR));
my_free(mysql->options.ssl_cert, MYF(MY_ALLOW_ZERO_PTR));
my_free(mysql->options.ssl_ca, MYF(MY_ALLOW_ZERO_PTR));
my_free(mysql->options.ssl_capath, MYF(MY_ALLOW_ZERO_PTR));
- my_free(mysql->options.ssl_cipher, MYF(MY_ALLOW_ZERO_PTR));
- if (st)
- SSL_CTX_free(st->ssl_context);
+ my_free(mysql->options.ssl_cipher, MYF(MY_ALLOW_ZERO_PTR));
+ if (ssl_fd)
+ SSL_CTX_free(ssl_fd->ssl_context);
my_free(mysql->connector_fd,MYF(MY_ALLOW_ZERO_PTR));
mysql->options.ssl_key = 0;
mysql->options.ssl_cert = 0;
@@ -1551,6 +1551,77 @@
DBUG_RETURN(NULL);
}
+
+/*
+ Check the server's (subject) Common Name against the
+ hostname we connected to
+
+ SYNOPSIS
+ ssl_verify_server_cert()
+ vio pointer to a SSL connected vio
+ server_hostname name of the server that we connected to
+
+ RETURN VALUES
+ 0 Success
+ 1 Failed to validate server
+
+ */
+static int ssl_verify_server_cert(Vio *vio, const char* server_hostname)
+{
+ SSL *ssl;
+ X509 *server_cert;
+ char *cp1, *cp2;
+ char buf[256];
+ DBUG_ENTER("ssl_verify_server_cert");
+ DBUG_PRINT("enter", ("server_hostname: %s", server_hostname));
+
+ if (!(ssl= (SSL*)vio->ssl_arg))
+ {
+ DBUG_PRINT("error", ("No SSL pointer found"));
+ DBUG_RETURN(1);
+ }
+
+ if (!server_hostname)
+ {
+ DBUG_PRINT("error", ("No server hostname supplied"));
+ DBUG_RETURN(1);
+ }
+
+ if (!(server_cert= SSL_get_peer_certificate(ssl)))
+ {
+ DBUG_PRINT("error", ("Could not get server certificate"));
+ DBUG_RETURN(1);
+ }
+
+ /*
+ We already know that the certificate exchanged was valid; the SSL library
+ handled that. Now we need to verify that the contents of the certificate
+ are what we expect.
+ */
+
+ X509_NAME_oneline(X509_get_subject_name(server_cert), buf, sizeof(buf));
+ X509_free (server_cert);
+
+ DBUG_PRINT("info", ("hostname in cert: %s", buf));
+ cp1= strstr(buf, "/CN=");
+ if (cp1)
+ {
+ cp1+= 4; /* Skip the "/CN=" that we found */
+ /* Search for next / which might be the delimiter for email */
+ cp2= strchr(cp1, '/');
+ if (cp2)
+ *cp2= '\0';
+ DBUG_PRINT("info", ("Server hostname in cert: %s", cp1));
+ if (!strcmp(cp1, server_hostname))
+ {
+ /* Success */
+ DBUG_RETURN(0);
+ }
+ }
+ DBUG_PRINT("error", ("SSL certificate validation failure"));
+ DBUG_RETURN(1);
+}
+
#endif /* HAVE_OPENSSL */
@@ -1584,7 +1655,6 @@
#endif
};
-
MYSQL *
CLI_MYSQL_REAL_CONNECT(MYSQL *mysql,const char *host, const char *user,
const char *passwd, const char *db,
@@ -2029,37 +2099,52 @@
mysql->client_flag=client_flag;
#ifdef HAVE_OPENSSL
- /*
- Oops.. are we careful enough to not send ANY information without
- encryption?
- */
if (client_flag & CLIENT_SSL)
{
+ /* Do the SSL layering. */
struct st_mysql_options *options= &mysql->options;
+ struct st_VioSSLFd *ssl_fd;
+
+ /*
+ Send client_flag, max_packet_size - unencrypted otherwise
+ the server does not know we want to do SSL
+ */
if (my_net_write(net,buff,(uint) (end-buff)) || net_flush(net))
{
set_mysql_error(mysql, CR_SERVER_LOST, unknown_sqlstate);
goto error;
}
- /* Do the SSL layering. */
- if (!(mysql->connector_fd=
- (gptr) new_VioSSLConnectorFd(options->ssl_key,
- options->ssl_cert,
- options->ssl_ca,
- options->ssl_capath,
- options->ssl_cipher)))
+
+ /* Create the VioSSLConnectorFd - init SSL and load certs */
+ if (!(ssl_fd= new_VioSSLConnectorFd(options->ssl_key,
+ options->ssl_cert,
+ options->ssl_ca,
+ options->ssl_capath,
+ options->ssl_cipher)))
{
set_mysql_error(mysql, CR_SSL_CONNECTION_ERROR, unknown_sqlstate);
goto error;
}
+ mysql->connector_fd= (void*)ssl_fd;
+
+ /* Connect to the server */
DBUG_PRINT("info", ("IO layer change in progress..."));
- if (sslconnect((struct st_VioSSLConnectorFd*)(mysql->connector_fd),
- mysql->net.vio, (long) (mysql->options.connect_timeout)))
+ if (sslconnect(ssl_fd, mysql->net.vio,
+ (long) (mysql->options.connect_timeout)))
{
set_mysql_error(mysql, CR_SSL_CONNECTION_ERROR, unknown_sqlstate);
goto error;
}
DBUG_PRINT("info", ("IO layer change done!"));
+
+ /* Verify server cert */
+ if (mysql->options.ssl_verify_server_cert &&
+ ssl_verify_server_cert(mysql->net.vio, mysql->host))
+ {
+ set_mysql_error(mysql, CR_SSL_CONNECTION_ERROR, unknown_sqlstate);
+ goto error;
+ }
+
}
#endif /* HAVE_OPENSSL */
@@ -2798,6 +2883,9 @@
break;
case MYSQL_OPT_RECONNECT:
mysql->reconnect= *(my_bool *) arg;
+ break;
+ case MYSQL_OPT_SSL_VERIFY_SERVER_CERT:
+ mysql->options.ssl_verify_server_cert= *(my_bool *) arg;
break;
default:
DBUG_RETURN(1);
--- 1.112/mysql-test/mysql-test-run.pl 2006-05-09 09:44:39 +02:00
+++ 1.113/mysql-test/mysql-test-run.pl 2006-05-12 08:42:00 +02:00
@@ -134,7 +134,6 @@
our $glob_win32_perl= 0; # ActiveState Win32 Perl
our $glob_cygwin_perl= 0; # Cygwin Perl
our $glob_cygwin_shell= undef;
-our $glob_use_libtool= 1;
our $glob_mysql_test_dir= undef;
our $glob_mysql_bench_dir= undef;
our $glob_hostname= undef;
@@ -192,6 +191,7 @@
our $exe_im;
our $exe_my_print_defaults;
our $lib_udf_example;
+our $exe_libtool;
our $opt_bench= 0;
our $opt_small_bench= 0;
@@ -390,7 +390,6 @@
check_ndbcluster_support(); # We check whether to actually use it later
check_ssl_support();
- check_running_as_root();
environment_setup();
signal_setup();
@@ -458,12 +457,6 @@
$glob_cygwin_perl= ($^O eq "cygwin");
$glob_win32= ($glob_win32_perl or $glob_cygwin_perl);
- # Use libtool on all platforms except windows
- if ( $glob_win32 )
- {
- $glob_use_libtool= 0;
- }
-
# We require that we are in the "mysql-test" directory
# to run mysql-test-run
@@ -1013,6 +1006,21 @@
sub executable_setup () {
+ #
+ # Check if libtool is available in this distribution/clone
+ # we need it when valgrinding or debugging non installed binary
+ # Otherwise valgrind will valgrind the libtool wrapper or bash
+ # and gdb will not find the real executable to debug
+ #
+ if ( -x "../libtool")
+ {
+ $exe_libtool= "../libtool";
+ if ($opt_valgrind or $glob_debugger)
+ {
+ mtr_report("Using \"$exe_libtool\" when running valgrind or debugger");
+ }
+ }
+
if ( $opt_source_dist )
{
if ( $glob_win32 )
@@ -1375,7 +1383,7 @@
sub check_running_as_root () {
# Check if running as root
# i.e a file can be read regardless what mode we set it to
- my $test_file= "test_running_as_root.txt";
+ my $test_file= "$opt_vardir/test_running_as_root.txt";
mtr_tofile($test_file, "MySQL");
chmod(oct("0000"), $test_file);
@@ -1821,6 +1829,7 @@
save_installed_db();
}
}
+ check_running_as_root();
}
}
@@ -2869,6 +2878,15 @@
$exe= undef;
}
+ if ($exe_libtool and $opt_valgrind)
+ {
+ # Add "libtool --mode-execute"
+ # if running in valgrind(to avoid valgrinding bash)
+ unshift(@$args, "--mode=execute", $exe);
+ $exe= $exe_libtool;
+ }
+
+
if ( $type eq 'master' )
{
if ( ! defined $exe or
@@ -3403,12 +3421,12 @@
debugger_arguments(\$args, \$exe, "client");
}
- if ($glob_use_libtool and $opt_valgrind)
+ if ($exe_libtool and $opt_valgrind)
{
# Add "libtool --mode-execute" before the test to execute
# if running in valgrind(to avoid valgrinding bash)
unshift(@$args, "--mode=execute", $exe);
- $exe= "libtool";
+ $exe= $exe_libtool;
}
if ( $opt_check_testcases )
@@ -3478,9 +3496,9 @@
mtr_add_arg($$args, "$type");
mtr_add_arg($$args, "-e");
- if ( $glob_use_libtool )
+ if ( $exe_libtool )
{
- mtr_add_arg($$args, "libtool");
+ mtr_add_arg($$args, $exe_libtool);
mtr_add_arg($$args, "--mode=execute");
}
@@ -3540,9 +3558,9 @@
my $save_exe= $$exe;
$$args= [];
- if ( $glob_use_libtool )
+ if ( $exe_libtool )
{
- $$exe= "libtool";
+ $$exe= $exe_libtool;
mtr_add_arg($$args, "--mode=execute");
mtr_add_arg($$args, "ddd");
}
@@ -3563,6 +3581,8 @@
my $exe= shift;
my $debugger= $opt_debugger || $opt_client_debugger;
+ # FIXME Need to change the below "eq"'s to
+ # "case unsensitive string contains"
if ( $debugger eq "vcexpress" or $debugger eq "vc")
{
# vc[express] /debugexe exe arg1 .. argn
--- 1.152/mysql-test/t/disabled.def 2006-05-05 10:38:02 +02:00
+++ 1.153/mysql-test/t/disabled.def 2006-05-12 08:45:17 +02:00
@@ -35,7 +35,6 @@
rpl_row_func003 : BUG#19074 2006-13-04 andrei test failed
rpl_row_inexist_tbl : BUG#18948 2006-03-09 mats Disabled since patch makes this test wait forever
rpl_sp : BUG#16456 2006-02-16 jmiller
-udf : BUG#18564 2006-03-27 ian (Permission by Brian)
# the below testcase have been reworked to avoid the bug, test contains comment, keep bug open
#ndb_binlog_ddl_multi : BUG#18976 2006-04-10 kent CRBR: multiple binlog, second binlog may miss schema log events
--- 1.8.5.1/ndb/src/kernel/blocks/dbtc/DbtcInit.cpp 2006-05-09 12:17:31 +02:00
+++ 1.15/storage/ndb/src/kernel/blocks/dbtc/DbtcInit.cpp 2006-05-12 08:42:01 +02:00
@@ -41,18 +41,6 @@
clqhblockref = DBLQH_REF;
cerrorBlockref = NDBCNTR_REF;
- cacheRecord = 0;
- apiConnectRecord = 0;
- tcConnectRecord = 0;
- hostRecord = 0;
- tableRecord = 0;
- scanRecord = 0;
- databufRecord = 0;
- attrbufRecord = 0;
- gcpRecord = 0;
- tcFailRecord = 0;
- c_apiConTimer = 0;
- c_apiConTimer_line = 0;
// Records with constant sizes
tcFailRecord = (TcFailRecord*)allocRecord("TcFailRecord",
sizeof(TcFailRecord), 1);
@@ -106,7 +94,7 @@
*/
// Init all index operation records
- ArrayList<TcIndexOperation> indexOps(c_theIndexOperationPool);
+ SLList<TcIndexOperation> indexOps(c_theIndexOperationPool);
TcIndexOperationPtr ioptr;
while(indexOps.seize(ioptr) == true) {
p= ioptr.p;
@@ -168,8 +156,8 @@
}//Dbtc::initRecords()
-Dbtc::Dbtc(const class Configuration & conf):
- SimulatedBlock(DBTC, conf),
+Dbtc::Dbtc(Block_context& ctx):
+ SimulatedBlock(DBTC, ctx),
c_theDefinedTriggers(c_theDefinedTriggerPool),
c_firedTriggerHash(c_theFiredTriggerPool),
c_maxNumberOfDefinedTriggers(0),
@@ -181,7 +169,8 @@
{
BLOCK_CONSTRUCTOR(Dbtc);
- const ndb_mgm_configuration_iterator * p = conf.getOwnConfigIterator();
+ const ndb_mgm_configuration_iterator * p =
+ ctx.m_config.getOwnConfigIterator();
ndbrequire(p != 0);
Uint32 transactionBufferMemory = 0;
@@ -320,6 +309,18 @@
init_globals_list(tmp, sizeof(tmp)/sizeof(tmp[0]));
}
#endif
+ cacheRecord = 0;
+ apiConnectRecord = 0;
+ tcConnectRecord = 0;
+ hostRecord = 0;
+ tableRecord = 0;
+ scanRecord = 0;
+ databufRecord = 0;
+ attrbufRecord = 0;
+ gcpRecord = 0;
+ tcFailRecord = 0;
+ c_apiConTimer = 0;
+ c_apiConTimer_line = 0;
}//Dbtc::Dbtc()
Dbtc::~Dbtc()
--- 1.55/client/client_priv.h 2006-04-16 03:17:24 +02:00
+++ 1.56/client/client_priv.h 2006-05-12 08:45:17 +02:00
@@ -58,5 +58,5 @@
OPT_IGNORE_TABLE,OPT_INSERT_IGNORE,OPT_SHOW_WARNINGS,OPT_DROP_DATABASE,
OPT_TZ_UTC, OPT_AUTO_CLOSE, OPT_CREATE_SLAP_SCHEMA,
OPT_MYSQL_REPLACE_INTO, OPT_BASE64_OUTPUT, OPT_SERVER_ID,
- OPT_FIX_TABLE_NAMES, OPT_FIX_DB_NAMES
+ OPT_FIX_TABLE_NAMES, OPT_FIX_DB_NAMES, OPT_SSL_VERIFY_SERVER_CERT
};
--- 1.208/client/mysqltest.c 2006-05-04 05:28:20 +02:00
+++ 1.209/client/mysqltest.c 2006-05-12 08:42:00 +02:00
@@ -87,14 +87,6 @@
#endif
#define MAX_SERVER_ARGS 64
-/*
- Sometimes in a test the client starts before
- the server - to solve the problem, we try again
- after some sleep if connection fails the first
- time
-*/
-#define CON_RETRY_SLEEP 2
-#define MAX_CON_TRIES 5
#define SLAVE_POLL_INTERVAL 300000 /* 0.3 of a sec */
#define DEFAULT_DELIMITER ";"
@@ -108,7 +100,7 @@
OPT_MANAGER_PORT,OPT_MANAGER_WAIT_TIMEOUT, OPT_SKIP_SAFEMALLOC,
OPT_SSL_SSL, OPT_SSL_KEY, OPT_SSL_CERT, OPT_SSL_CA, OPT_SSL_CAPATH,
OPT_SSL_CIPHER,OPT_PS_PROTOCOL,OPT_SP_PROTOCOL,OPT_CURSOR_PROTOCOL,
- OPT_VIEW_PROTOCOL};
+ OPT_VIEW_PROTOCOL, OPT_SSL_VERIFY_SERVER_CERT, OPT_MAX_CONNECT_RETRIES};
/* ************************************************************************ */
/*
@@ -158,6 +150,7 @@
const char *user = 0, *host = 0, *unix_sock = 0, *opt_basedir="./";
const char *opt_include= 0;
static int port = 0;
+static int opt_max_connect_retries;
static my_bool opt_big_test= 0, opt_compress= 0, silent= 0, verbose = 0;
static my_bool tty_password= 0;
static my_bool ps_protocol= 0, ps_protocol_enabled= 0;
@@ -2501,9 +2494,16 @@
db, port, sock
NOTE
- This function will try to connect to the given server MAX_CON_TRIES
- times and sleep CON_RETRY_SLEEP seconds between attempts before
- finally giving up. This helps in situation when the client starts
+
+ Sometimes in a test the client starts before
+ the server - to solve the problem, we try again
+ after some sleep if connection fails the first
+ time
+
+ This function will try to connect to the given server
+ "opt_max_connect_retries" times and sleep "connection_retry_sleep"
+ seconds between attempts before finally giving up.
+ This helps in situation when the client starts
before the server (which happens sometimes).
It will ignore any errors during these retries. One should use
connect_n_handle_errors() if he expects a connection error and wants
@@ -2518,8 +2518,9 @@
{
int con_error= 1;
my_bool reconnect= 1;
+ static int connection_retry_sleep= 2; /* Seconds */
int i;
- for (i= 0; i < MAX_CON_TRIES; ++i)
+ for (i= 0; i < opt_max_connect_retries; i++)
{
if (mysql_real_connect(mysql, host,user, pass, db, port, sock,
CLIENT_MULTI_STATEMENTS | CLIENT_REMEMBER_OPTIONS))
@@ -2527,7 +2528,7 @@
con_error= 0;
break;
}
- sleep(CON_RETRY_SLEEP);
+ sleep(connection_retry_sleep);
}
/*
TODO: change this to 0 in future versions, but the 'kill' test relies on
@@ -2755,8 +2756,12 @@
#ifdef HAVE_OPENSSL
if (opt_use_ssl || con_ssl)
+ {
mysql_ssl_set(&next_con->mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
opt_ssl_capath, opt_ssl_cipher);
+ mysql_options(&next_con->mysql, MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
+ &opt_ssl_verify_server_cert);
+ }
#endif
if (con_sock && !free_con_sock && *con_sock && *con_sock != FN_LIBCHAR)
con_sock=fn_format(buff, con_sock, TMPDIR, "",0);
@@ -3290,6 +3295,10 @@
{"manager-wait-timeout", OPT_MANAGER_WAIT_TIMEOUT,
"Undocumented: Used for debugging.", (gptr*) &manager_wait_timeout,
(gptr*) &manager_wait_timeout, 0, GET_INT, REQUIRED_ARG, 3, 0, 0, 0, 0, 0},
+ {"max-connect-retries", OPT_MAX_CONNECT_RETRIES,
+ "Max number of connection attempts when connecting to server",
+ (gptr*) &opt_max_connect_retries, (gptr*) &opt_max_connect_retries, 0,
+ GET_INT, REQUIRED_ARG, 5, 1, 10, 0, 0, 0},
{"password", 'p', "Password to use when connecting to server.",
0, 0, 0, GET_STR, OPT_ARG, 0, 0, 0, 0, 0, 0},
{"port", 'P', "Port number to use for connection.", (gptr*) &port,
@@ -5207,9 +5216,14 @@
mysql_options(&cur_con->mysql, MYSQL_SET_CHARSET_NAME, charset_name);
#ifdef HAVE_OPENSSL
+ opt_ssl_verify_server_cert= TRUE; /* Always on in mysqltest */
if (opt_use_ssl)
+ {
mysql_ssl_set(&cur_con->mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
opt_ssl_capath, opt_ssl_cipher);
+ mysql_options(&cur_con->mysql, MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
+ &opt_ssl_verify_server_cert);
+ }
#endif
if (!(cur_con->name = my_strdup("default", MYF(MY_WME))))
--- 1.3/BitKeeper/deleted/.del-client-req.pem~efd482e1d290d4d8 2006-04-12 02:38:37 +02:00
+++ 1.4/BitKeeper/deleted/.del-client-req.pem~efd482e1d290d4d8 2006-05-12 08:41:59 +02:00
@@ -1,12 +1,9 @@
-----BEGIN CERTIFICATE REQUEST-----
-MIIBvDCCASUCAQAwfDELMAkGA1UEBhMCU0UxEDAOBgNVBAcTB1VwcHNhbGExETAP
-BgNVBAoTCE15U1FMIEFCMRUwEwYDVQQDEwxNeVNRTCBDbGllbnQxMTAvBgkqhkiG
-9w0BCQEWImFic3RyYWN0Lm15c3FsLmRldmVsb3BlckBteXNxbC5jb20wgZ8wDQYJ
-KoZIhvcNAQEBBQADgY0AMIGJAoGBAMQDCu7jsRL87rQZ9OFgHeAow5Yt34JpzXR8
-VFjQrrNZPwwZHJkQphLJzzpkBUOOv9JlNoCRC2WwJyY4ySPYNqJK8PfAL2g4cAEn
-Kf+yxVLha/HI18Nc7vA3bCqblhoFnuszojlad2ZiJ3UfL2842uWfeK/KayI/Vyu8
-po9H0ZlvAgMBAAGgADANBgkqhkiG9w0BAQQFAAOBgQAnKdk68dGJXvlj/GXwBUWN
-oXWF7hq4fDmwyhmcFUqk8qZKPKFUxkcER0GLzYeUgvD2URSfaS3/YW0d7K7kXGwP
-rB5edb+suaYf6mjm/w37xw/EJI9rdSKcB/3SSu8mALds7sUHDAO+MO0WkA/9d7t0
-LOsUqcDvMkKpZuYwNILwLw==
+MIIBMTCB3AIBADB3MQswCQYDVQQGEwJTRTEQMA4GA1UECBMHVXBwc2FsYTEQMA4G
+A1UEBxMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwgQUIxMTAvBgkqhkiG9w0BCQEW
+ImFic3RyYWN0Lm15c3FsLmRldmVsb3BlckBteXNxbC5jb20wXDANBgkqhkiG9w0B
+AQEFAANLADBIAkEA2NtoKEmETdYPXLw9mqtw1T71tRe67+H4h1QwIh+BB7/5JH+K
+VBDpX+aZUATUO1Wp8VKtEita2ly+jD5bnrBaGQIDAQABoAAwDQYJKoZIhvcNAQEE
+BQADQQB/86MEaTPxaMR80nZevJS/FLFkt+zlp45x3glUZyaOnYb970YNimytZBrz
+iS2s/0dNeSRwKbEMzKc/Qhe/GVJt
-----END CERTIFICATE REQUEST-----
--- 1.3/BitKeeper/deleted/.del-server-req.pem~16301893cacf1be4 2006-04-12 02:38:41 +02:00
+++ 1.4/BitKeeper/deleted/.del-server-req.pem~16301893cacf1be4 2006-05-12 08:41:59 +02:00
@@ -1,12 +1,9 @@
-----BEGIN CERTIFICATE REQUEST-----
-MIIBvDCCASUCAQAwfDELMAkGA1UEBhMCU0UxEDAOBgNVBAcTB1VwcHNhbGExETAP
-BgNVBAoTCE15U1FMIEFCMRUwEwYDVQQDEwxNeVNRTCBTZXJ2ZXIxMTAvBgkqhkiG
-9w0BCQEWImFic3RyYWN0Lm15c3FsLmRldmVsb3BlckBteXNxbC5jb20wgZ8wDQYJ
-KoZIhvcNAQEBBQADgY0AMIGJAoGBAOmGelWEiEy+pPiSczASSQt6hYc5NDkNfQuN
-GMIXlRNS0j9VEFfIP1r1svqL0GdJzKqC/J/OALRz8zbSOtPCsA4Uw9SyIXSh8DGB
-YIeYc1wQwbEaTfHzsJg/8NeXmyv91SF5si/rZBXJm538ni3U+ARb6ql1S0LDPQ5N
-Kqi4ypmNAgMBAAGgADANBgkqhkiG9w0BAQQFAAOBgQCagJxGHBC+G5aSh3OguFn6
-z+qAC7u3B181kPBgNv20zMgLeq7YiAh3iNx4XO2+QXRGzMznFKx1tFr/mavCpgLs
-p3+dCvQt5FHEFFK1D1pDeXy4146X07hOTtC9jc/jSWeVnH4ujuX5gMtZqisOyYWV
-/gpw6dBtkTYlhS+y86kM/Q==
+MIIBRjCB8QIBADCBizELMAkGA1UEBhMCU0UxEDAOBgNVBAgTB1VwcHNhbGExEDAO
+BgNVBAcTB1VwcHNhbGExETAPBgNVBAoTCE15U1FMIEFCMRIwEAYDVQQDEwlsb2Nh
+bGhvc3QxMTAvBgkqhkiG9w0BCQEWImFic3RyYWN0Lm15c3FsLmRldmVsb3BlckBt
+eXNxbC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEA2f3as/t84LADvpfGpDas
+ca+7LeWE7fOPK+sR5apm7b9ia+PO+oDtkP+5SjkgQLbymb8vM7Xy7DqQYB2elH6k
+GwIDAQABoAAwDQYJKoZIhvcNAQEEBQADQQAJH+9fYD3tmUS8p3f2HlN1lfRM/Jt/
+OtVAsnJ1qcHOhAA24FOARs8ZtxwvDQP57/rLkf43kbFbpDWFRtSyUXa6
-----END CERTIFICATE REQUEST-----
--- 1.28/vio/vio.c 2006-05-08 17:09:02 +02:00
+++ 1.29/vio/vio.c 2006-05-12 08:42:01 +02:00
@@ -147,7 +147,7 @@
sprintf(vio->desc,
(vio->type == VIO_TYPE_SOCKET ? "socket (%d)" : "TCP/IP (%d)"),
vio->sd);
-#if !defined(__WIN__) && !defined(__EMX__) && !defined(OS2)
+#if !defined(__WIN__)
#if !defined(NO_FCNTL_NONBLOCK)
/*
We call fcntl() to set the flags and then immediately read them back
@@ -166,7 +166,7 @@
(void) ioctl(sd,FIOSNBIO,0);
vio->fcntl_mode &= ~O_NONBLOCK;
#endif
-#else /* !defined(__WIN__) && !defined(__EMX__) */
+#else /* !defined(__WIN__) */
{
/* set to blocking mode by default */
ulong arg=0, r;
--- 1.26/vio/viosslfactories.c 2006-05-08 17:09:02 +02:00
+++ 1.27/vio/viosslfactories.c 2006-05-12 08:45:17 +02:00
@@ -344,4 +344,12 @@
return ssl_fd;
}
+
+
+void free_vio_ssl_acceptor_fd(struct st_VioSSLAcceptorFd *fd)
+{
+ SSL_CTX_free(fd->ssl_context);
+ my_free((gptr) fd, MYF(0));
+}
+
#endif /* HAVE_OPENSSL */
| Thread |
|---|
| • bk commit into 5.1 tree (msvensson:1.2390) | msvensson | 12 May |
