void *ma_tls_init(MYSQL *mysql) { SSL *ssl= NULL; #ifdef HAVE_TLS_SESSION_CACHE MA_SSL_SESSION *session= ma_tls_get_session(mysql); #endif pthread_mutex_lock(&LOCK_openssl_config); if (ma_tls_set_certs(mysql)) { goto error; } if (!(ssl= SSL_new(SSL_context))) goto error; if (!SSL_set_app_data(ssl, mysql)) goto error; #ifdef HAVE_TLS_SESSION_CACHE if (session) SSL_set_session(ssl, session->session); #endif pthread_mutex_unlock(&LOCK_openssl_config); return (void *)ssl; error: pthread_mutex_unlock(&LOCK_openssl_config); if (ssl) SSL_free(ssl); return NULL; }
void *ma_tls_init(MYSQL *mysql) { int verify; SSL *ssl= NULL; #ifdef HAVE_TLS_SESSION_CACHE MA_SSL_SESSION *session= ma_tls_get_session(mysql); #endif pthread_mutex_lock(&LOCK_openssl_config); if (ma_tls_set_certs(mysql)) { goto error; } if (!(ssl= SSL_new(SSL_context))) goto error; if (!SSL_set_app_data(ssl, mysql)) goto error; #ifdef HAVE_TLS_SESSION_CACHE if (session) SSL_set_session(ssl, session->session); #endif verify= (!mysql->options.ssl_ca && !mysql->options.ssl_capath) ? SSL_VERIFY_NONE : SSL_VERIFY_PEER; SSL_CTX_set_verify(SSL_context, verify, my_verify_callback); SSL_CTX_set_verify_depth(SSL_context, 1); pthread_mutex_unlock(&LOCK_openssl_config); return (void *)ssl; error: pthread_mutex_unlock(&LOCK_openssl_config); if (ssl) SSL_free(ssl); return NULL; }