1 Fix things so that chains of certificates work in the server and client
4 This only really works for OpenSSL-based builds, as yassl is unable to read
5 multiple certificates from a file. The patch below to yassl/src/ssl.cpp
6 doesn't fix that, but just arranges that the viosslfactories.c patch won't
7 have any ill effects in a yassl build. Since we don't use yassl in Red Hat/
8 Fedora builds, I'm not feeling motivated to try to fix yassl for this.
10 See RH bug #598656. Filed upstream at http://bugs.mysql.com/bug.php?id=54158
13 diff -Naur mysql-5.1.47.orig/vio/viosslfactories.c mysql-5.1.47/vio/viosslfactories.c
14 --- mysql-5.1.47.orig/vio/viosslfactories.c 2010-05-06 11:28:07.000000000 -0400
15 +++ mysql-5.1.47/vio/viosslfactories.c 2010-05-26 23:23:46.000000000 -0400
20 - SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0)
21 + SSL_CTX_use_certificate_chain_file(ctx, cert_file) <= 0)
23 *error= SSL_INITERR_CERT;
24 DBUG_PRINT("error",("%s from file '%s'", sslGetErrString(*error), cert_file));