Pierre,
Pierre Joye wrote:
Andrey,
I'm not sure how and how much time I have to ask that but:
Please post that in the bug report, with your patch and the reproduce way.
this is the first time you ask how to reproduce the problem in real
life. The bug report has a description where the bug is, and why -
because the same file is used for public and private key, however not
every pem file has private key segment in it. Thus, the code is buggy, I
can tell you that from just reading the code, a method also known as
code review.
But committing in the middle of a yet another huge patch for mysql is
not the way to go. I don't like huge patches changing dozen of things
at once. Feel free to do it in mysql if you feel like it but simply do
not do it in openssl (or any other for that matters).This exact commit
clearly shows the reasons.
It was committed in the middle of another patch, which was a mysqlnd
patch, because mysqlnd got a SSL fix, which needed support from the
openssl extension, because it is responsible for the SSL streams. I
don't break patches in parts when they need to be one thing.
Johannes asked you to revert this commit, and it seems that you don't
want to. So what should we do now? Fight to death or try to actually
figure out what you are trying to fix and fix it in a way that we are
100% (or 99%) that it won't break anything? I vote for the latter and
I suggest you to do the same, and revert that commit as well as
requested by Johannes and myself.
Johannes hasn't asked me to revert the patch. You have already reverted
the patch, right! For the bug report I have committed a patch, but this
is completely new patch, which suits both the test case that I broke to
segfault and mysqlnd. _If_ you have a better patch, then revert my
latest patch, but only when you have a better patch. Otherwise, even
possibly imperfect, my patch does the job and passes the relevant tests.
Cheers,
On Fri, Apr 23, 2010 at 4:53 PM, Andrey Hristov <p...@hristov.com> wrote:
Pierre,
if you don't like the patch I have committed to openssl to fix the problem
you can revert it, but only if you can provide a better one.
The test case is ext/mysqli/tests/bug51647.phpt
You need to start the MySQL server with the following options :
ssl-ca=/path/to/cacert.pem
ssl-cert=/path/to/server-cert.pem
ssl-key=/path/to/server-key.pem
All files you can find here:
http://www.hristov.com/andrey/projects/php_stuff/certs/
The client certificates are already in the SVN repository.
Andrey
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
Andrey
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
