067a62b240
Added more error logging to dcb_write_SSL.
2015-06-24 14:34:46 +03:00
0f199d924f
Removed unnecessary call to SSL_get_error from dcb_accept_SSL.
2015-06-24 12:56:22 +03:00
13fb88ea07
Added optional code for older OpenSSL library versions.
2015-06-24 11:29:43 +03:00
da987e895a
Merge branch 'MXS-212' into develop
2015-06-23 17:11:23 +03:00
c42d3d9f7a
Added missing NULL checks.
2015-06-23 17:05:31 +03:00
039cbff181
Added missing null checks.
2015-06-23 16:45:10 +03:00
abf39303d7
Fixed the wrong value being returned form dcb_read_SSL.
2015-06-23 16:20:26 +03:00
3de7798fac
Added missing session state changes.
2015-06-23 11:49:27 +03:00
dc43a7d9da
Removed unnecessary code from dcb_close and dcb_set_state_nomutex.
2015-06-23 11:25:59 +03:00
c22c6ea46a
ServiceStop only removed DCBs from the polling system
...
This removes the need to establish new DCBs for each of the listeners while still blocking new session creation
for a service which is shut down. The client will not receive an error and the connection will be accepted
when the service is restarted.
2015-06-23 09:15:06 +03:00
e14b29baf9
Fix to MXS-212: https://mariadb.atlassian.net/browse/MXS-212
...
The listener DCB is now properly closed instead of just being removed from the poll set.
2015-06-21 12:51:54 +03:00
acd649cdc4
Reverted back to older OpenSSL functions for compatibility support.
2015-06-17 18:18:40 +03:00
425dd8cb3b
Removed SSLv2 methods from serviceInitSSL because OpenSSL 1.1.0 does not support them.
2015-06-17 10:24:02 +03:00
466ee46d82
Fix to MXS-125: https://mariadb.atlassian.net/browse/MXS-125
...
Unified the usages of maxkeys and maxpasswd.
2015-06-16 17:10:00 +03:00
97a06e4006
Updated function documentation.
2015-06-16 14:24:38 +03:00
9b0a5f1328
Added more comments.
2015-06-15 16:16:48 +03:00
f602121459
Added configurable SSL certificate verification depth and updated the documentation in the code.
2015-06-12 21:21:06 +03:00
5936916e04
Merge branch 'develop' into MXS-129
2015-06-12 13:53:41 +03:00
68d5054afe
dcb_alloc now explicitly sets the server and service pointers to NULL.
2015-06-11 21:00:07 +03:00
f24da8712b
Fixed a segfault and disabled syslog by default.
2015-06-11 18:25:42 +03:00
1c68a9a872
Fixed dcb_connect_SSL calling SSL_connect again after a successful connection was already made.
2015-06-11 15:54:09 +03:00
3f34d237ca
enabled all bug fixes for OpenSSL.
2015-06-11 15:26:05 +03:00
2cf92a1894
Added RSA key generator.
2015-06-11 13:22:18 +03:00
bb427128a9
Fixed successful SSL_accept calls causing another call to SSL_accept.
2015-06-11 12:00:03 +03:00
03470bcd70
Merge branch 'develop' into MXS-129
2015-06-11 10:29:57 +03:00
de2910f75b
Fixed SSL_accept failing if the GWBUF with the initial MySQL auth packet contains some of the SSL authentication data.
2015-06-09 22:27:15 +03:00
196d41cb88
More debug output.
2015-06-09 20:02:45 +03:00
1ad1a31ed7
Fixed the OpenSSL error stack being printed wrong.
2015-06-09 17:18:25 +03:00
ab120cb1de
Added Diffie-Hellman key exchange for MaxScale.
2015-06-09 17:04:51 +03:00
06c5da7b17
Minor fix to SSL authentication.
2015-06-09 02:56:55 +03:00
1c36cfb285
Added more debug output.
2015-06-08 18:04:43 +03:00
b8e55fe28d
Fixed SSL_accept failing when more data was in the socket buffer than was used.
2015-06-07 12:45:08 +03:00
d19ccc6f84
Fixed SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE and SSL_ERROR_NONE causing a debug assert.
2015-06-05 20:36:04 +03:00
1989a1482c
Fixed empty reads causing a debug assert with large packets.
2015-06-05 19:40:09 +03:00
61b1f34671
Added more descriptive debug output.
2015-06-05 18:52:44 +03:00
518ef5050e
Fixed debug asserts.
2015-06-05 12:15:19 +03:00
e83799648a
Fixed queries getting stuck when the SSL records were of the maximum allowed size.
2015-06-05 11:00:51 +03:00
cc1f720ea3
Removed log flushing on every dcb_read_SSL if debug log is enabled.
2015-06-04 21:12:16 +03:00
ce570685cd
Moved assertions around.
2015-06-04 19:31:58 +03:00
dceccce2ef
Changed gwbuf_length function to GWBUF_LENGTH macro in dcb_read_SSL.
2015-06-04 16:52:43 +03:00
fe5e40e397
Added missing initialization of user and password variables in monitor_alloc.
2015-06-03 16:08:11 +03:00
a033cbf200
Added more informative error messages when SSL handshake fails.
2015-06-03 14:14:05 +03:00
19ac70fc2f
Added unit tests for SSL.
2015-06-03 13:15:45 +03:00
72d14f8894
Addition of server_update_address/port
2015-06-03 10:15:54 +02:00
57060cafec
Added SSL level configuration to services.
2015-06-02 17:16:53 +03:00
a5de4fc503
Merge branch 'develop' into MXS-129
2015-06-02 12:21:05 +03:00
fc8918b1f2
Added a dcb_connect_SSL function which starts a client SSL connection.
2015-06-02 09:15:08 +03:00
76655e7136
Added a call to a library function which adds all algorithms to OpenSSL to the SSL initialization code.
2015-06-02 06:04:06 +03:00
d7232d8b6e
Moved SSL structure to the DCB instead of the MySQL protocol.
...
This allows for non-MySQL SSL connections.
2015-06-01 20:51:26 +03:00
a2768955e7
SSL handshake now successfully completes when a client connects with SSL enabled.
2015-06-01 13:50:22 +03:00
