From 0c577f8d8145a9d2d4015f77042668ba8d960bdc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=A9=20Canna=C3=B2?= <rene.cannao@gmail.com>
Date: Fri, 23 Sep 2016 20:37:04 +0000
Subject: [PATCH] Apply patch from CONC-190 #700

---
 deps/Makefile                                 |  1 +
 deps/mariadb-client-library/ma_secure.c.patch | 47 +++++++++++++++++++
 2 files changed, 48 insertions(+)
 create mode 100644 deps/mariadb-client-library/ma_secure.c.patch

diff --git a/deps/Makefile b/deps/Makefile
index 081e36eaa..821cdf25a 100644
--- a/deps/Makefile
+++ b/deps/Makefile
@@ -29,6 +29,7 @@ mariadb-client-library/mariadb_client/include/my_config.h:
 	cd mariadb-client-library/mariadb_client && patch libmariadb/net.c < ../net.c.patch
 	cd mariadb-client-library/mariadb_client && patch libmariadb/mysql_async.c < ../mysql_async.c.patch
 	cd mariadb-client-library/mariadb_client && patch libmariadb/password.c < ../password.c.patch
+	cd mariadb-client-library/mariadb_client && patch libmariadb/ma_secure.c < ../ma_secure.c.patch
 	cd mariadb-client-library/mariadb_client && patch include/mysql.h < ../mysql.h.patch
 	cd mariadb-client-library/mariadb_client && CC=${CC} CXX=${CXX} ${MAKE}
 # cd mariadb-client-library/mariadb_client/include && make my_config.h
diff --git a/deps/mariadb-client-library/ma_secure.c.patch b/deps/mariadb-client-library/ma_secure.c.patch
new file mode 100644
index 000000000..ded95e792
--- /dev/null
+++ b/deps/mariadb-client-library/ma_secure.c.patch
@@ -0,0 +1,47 @@
+301,338d300
+< static int my_verify_callback(int ok, X509_STORE_CTX *ctx)
+< {
+<   X509 *check_cert;
+<   SSL *ssl;
+<   MYSQL *mysql;
+<   DBUG_ENTER("my_verify_callback");
+< 
+<   ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+<   DBUG_ASSERT(ssl != NULL);
+<   mysql= (MYSQL *)SSL_get_app_data(ssl);
+<   DBUG_ASSERT(mysql != NULL);
+< 
+<   /* skip verification if no ca_file/path was specified */
+<   if (!mysql->options.ssl_ca && !mysql->options.ssl_capath)
+<   {
+<     ok= 1;
+<     DBUG_RETURN(1);
+<   }
+< 
+<   if (!ok)
+<   {
+<     uint depth;
+<     if (!(check_cert= X509_STORE_CTX_get_current_cert(ctx)))
+<       DBUG_RETURN(0);
+<     depth= X509_STORE_CTX_get_error_depth(ctx);
+<     if (depth == 0)
+<       ok= 1;
+<   }
+< 
+< /*
+<     my_set_error(mysql, CR_SSL_CONNECTION_ERROR, SQLSTATE_UNKNOWN,
+<                         ER(CR_SSL_CONNECTION_ERROR), 
+<                         X509_verify_cert_error_string(ctx->error));
+< */
+<   DBUG_RETURN(ok);
+< }
+< 
+< 
+352d313
+<   int verify;
+372,376d332
+<   verify= (!mysql->options.ssl_ca && !mysql->options.ssl_capath) ?
+<            SSL_VERIFY_NONE : SSL_VERIFY_PEER;
+< 
+<   SSL_CTX_set_verify(SSL_context, verify, my_verify_callback);
+<   SSL_CTX_set_verify_depth(SSL_context, 1);