[Dovecot] [PATCH] lib-sql/driver-mysql.c - Add support for enabling MYSQL_OPT_SSL_VERIFY_SERVER_CERT
Gareth Palmer
gareth at acsdata.co.nz
Fri Nov 22 00:35:16 EET 2013
Hello,
The following patch adds support for enabling
MYSQL_OPT_SSL_VERIFY_SERVER_CERT.
It makes the mysql client library check that the commonName in the
server's SSL certificate matches the host name provided to
mysql_real_connect() and aborts the connection if the name doesn't
match.
An example connect string would look something like:
connect = ... ssl-ca=/path/to/ca.cert ssl-verify-server-cert=yes
By default the mysql client library does not perform this check.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssl-verify-server-cert-20131106.patch
Type: text/x-patch
Size: 4655 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20131122/01c168af/attachment.bin>
More information about the dovecot
mailing list