Blame SOURCES/mysql-chain-certs.patch

6f9931
Fix things so that chains of certificates work in the server and client
6f9931
certificate files.
6f9931
6f9931
This only really works for OpenSSL-based builds, as yassl is unable to read
6f9931
multiple certificates from a file.  The patch below to yassl/src/ssl.cpp
6f9931
doesn't fix that, but just arranges that the viosslfactories.c patch won't
6f9931
have any ill effects in a yassl build.  Since we don't use yassl in Red Hat/
6f9931
Fedora builds, I'm not feeling motivated to try to fix yassl for this.
6f9931
6f9931
See RH bug #598656.  Filed upstream at http://bugs.mysql.com/bug.php?id=54158
6f9931
6f9931
6f9931
diff -Naur mysql-5.5.28.orig/extra/yassl/src/ssl.cpp mysql-5.5.28/extra/yassl/src/ssl.cpp
6f9931
--- mysql-5.5.28.orig/extra/yassl/src/ssl.cpp	2012-08-29 04:50:46.000000000 -0400
6f9931
+++ mysql-5.5.28/extra/yassl/src/ssl.cpp	2012-09-29 12:45:19.682287214 -0400
6f9931
@@ -1627,10 +1627,10 @@
6f9931
     }
6f9931
 
6f9931
 
6f9931
-    int SSL_CTX_use_certificate_chain_file(SSL_CTX*, const char*)
6f9931
+    int SSL_CTX_use_certificate_chain_file(SSL_CTX* ctx, const char* file)
6f9931
     {
6f9931
-        // TDOD:
6f9931
-        return SSL_SUCCESS;
6f9931
+        // For the moment, treat like use_certificate_file
6f9931
+        return read_file(ctx, file, SSL_FILETYPE_PEM, Cert);
6f9931
     }
6f9931
 
6f9931
 
6f9931
diff -Naur mysql-5.5.28.orig/vio/viosslfactories.c mysql-5.5.28/vio/viosslfactories.c
6f9931
--- mysql-5.5.28.orig/vio/viosslfactories.c	2012-08-29 04:50:46.000000000 -0400
6f9931
+++ mysql-5.5.28/vio/viosslfactories.c	2012-09-29 12:46:35.124975585 -0400
6f9931
@@ -106,7 +106,7 @@
6f9931
     key_file= cert_file;
6f9931
 
6f9931
   if (cert_file &&
6f9931
-      SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0)
6f9931
+      SSL_CTX_use_certificate_chain_file(ctx, cert_file) <= 0)
6f9931
   {
6f9931
     *error= SSL_INITERR_CERT;
6f9931
     DBUG_PRINT("error",("%s from file '%s'", sslGetErrString(*error), cert_file));