MDEV-8957 [PATCH] Useless ssl_ctx_set_tmp_dh call in libmysql

Accepted patch of Georg: do not setup Differ-Hellman parameters on client.

MDEV-8957 [PATCH] Useless ssl_ctx_set_tmp_dh call in libmysql
Accepted patch of Georg: do not setup Differ-Hellman parameters on client.
0dfa0eef · Oleksandr Byelkin · d85490af · 0dfa0eef
Commit 0dfa0eef authored Nov 15, 2015 by Oleksandr Byelkin
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 6 deletions

vio/viosslfactories.c vio/viosslfactories.c +9 -6

No files found.
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -259,14 +259,17 @@ new_VioSSLFd(const char *key_file, const char *cert_file,
  }

  /* DH stuff */
-  dh=get_dh2048();
-  if (!SSL_CTX_set_tmp_dh(ssl_fd->ssl_context, dh))
+  if (!is_client_method)
  {
-    *error= SSL_INITERR_DH;
-    goto err3;
-  }
+    dh=get_dh2048();
+    if (!SSL_CTX_set_tmp_dh(ssl_fd->ssl_context, dh))
+    {
+      *error= SSL_INITERR_DH;
+      goto err3;
+    }

-  DH_free(dh);
+    DH_free(dh);
+  }

  DBUG_PRINT("exit", ("OK 1"));