[Commits] 0dfa0ee: MDEV-8957 [PATCH] Useless ssl_ctx_set_tmp_dh call in libmysql

sanja at mariadb.com sanja at mariadb.com
Sun Nov 15 11:44:24 EET 2015


revision-id: 0dfa0eef596ee677b55976793d632dc9b36928c7 (mariadb-10.1.8-53-g0dfa0ee)
parent(s): d85490afab99e31a2221043a7c1d546a57901995
committer: Oleksandr Byelkin
timestamp: 2015-11-15 10:44:20 +0100
message:

MDEV-8957 [PATCH] Useless ssl_ctx_set_tmp_dh call in libmysql

Accepted patch of Georg: do not setup Differ-Hellman parameters on client.

---
 vio/viosslfactories.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
index 96275b9..ca4669f 100644
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -259,14 +259,17 @@ new_VioSSLFd(const char *key_file, const char *cert_file,
   }
 
   /* DH stuff */
-  dh=get_dh2048();
-  if (!SSL_CTX_set_tmp_dh(ssl_fd->ssl_context, dh))
+  if (!is_client_method)
   {
-    *error= SSL_INITERR_DH;
-    goto err3;
-  }
+    dh=get_dh2048();
+    if (!SSL_CTX_set_tmp_dh(ssl_fd->ssl_context, dh))
+    {
+      *error= SSL_INITERR_DH;
+      goto err3;
+    }
 
-  DH_free(dh);
+    DH_free(dh);
+  }
 
   DBUG_PRINT("exit", ("OK 1"));
 


More information about the commits mailing list