1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bug #18384260: MULTIPLE SECURITY ISSUES IN CERTIFICATE VALIDATION

Browse Source 
the 5.5 version of the fix.
Added a call to X509_verify_cert_error_string() into the client certificate
verification code.
This commit is contained in:
Georgi Kodinov 2014-07-31 12:52:49 +03:00
parent b1b02ccab7
commit 229cb8ec88
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sql-common/client.c
View File

@ -1909,6 +1909,12 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c
DBUG_RETURN(1); DBUG_RETURN(1);
} }
if (X509_V_OK != SSL_get_verify_result(ssl))
{
*errptr= "Failed to verify the server certificate";
X509_free(server_cert);
DBUG_RETURN(1);
}
/* /*
We already know that the certificate exchanged was valid; the SSL library We already know that the certificate exchanged was valid; the SSL library
handled that. Now we need to verify that the contents of the certificate handled that. Now we need to verify that the contents of the certificate