commit 93c7ed8e971083da905d71dc8098043ea8a2c101
Author: Arthur Gautier <baloo@gandi.net>
Date:   Thu Mar 10 23:38:30 2016 +0000

    vio: Handling of cerficate chains
    
    While using pki and client certificates, clients fails to validate the
    server's certificate and server fails to validate client certifiate.
    
    PKI may look like this:
                 +---------+
                 | Root CA |
                 +---------+
                      |
              /-------+---------\
              |                 |
         +----------+     +-----------+
         | MySQL CA |     | Client CA |
         +----------+     +-----------+
               |                |
        +-------------+  +-------------+
        |   Server    |  |   Client    |
        | certificate |  | certificate |
        +-------------+  +-------------+
    
    my.cnf:
    ```
    [mysqld]
    ssl
    ssl_ca=(clientca.crt rootca.crt)
    ssl_cert=(server.crt mysqlca.crt)
    ssl_key=(server.key)
    [mysql]
    ssl
    ssl_ca=(rootca.crt)
    ssl_cert=(clientcertificate.crt clientca.crt)
    ssl_key=(client.key)
    ssl-verify-server-cert=1
    ```
    
    mysqld will now send the full chain allowing a client to validate the
    servers certificate.
    mysql will now send the full chain allowing a server to validate the
    client certificate.
    
    Fixup: 677fd7c51263b
    Signed-off-by: Arthur Gautier <baloo@gandi.net>

diff --git a/cmake/boost.cmake b/cmake/boost.cmake
index fbb74510a9bc..a9eb45c2d08c 100644
--- a/cmake/boost.cmake
+++ b/cmake/boost.cmake
@@ -31,7 +31,7 @@
 # we assume that the correct version (see below)
 # is installed on the compile host in the standard location.
 
-SET(BOOST_PACKAGE_NAME "boost_1_59_0")
+SET(BOOST_PACKAGE_NAME "boost_1_60_0")
 SET(BOOST_TARBALL "${BOOST_PACKAGE_NAME}.tar.gz")
 SET(BOOST_DOWNLOAD_URL
   "http://jenkins.percona.com/downloads/boost/${BOOST_TARBALL}"
@@ -262,9 +262,9 @@ IF(NOT BOOST_MAJOR_VERSION EQUAL 10)
   COULD_NOT_FIND_BOOST()
 ENDIF()
 
-IF(NOT BOOST_MINOR_VERSION EQUAL 59)
+IF(NOT BOOST_MINOR_VERSION EQUAL 60)
   MESSAGE(WARNING "Boost minor version found is ${BOOST_MINOR_VERSION} "
-    "we need 59"
+    "we need 60"
     )
   COULD_NOT_FIND_BOOST()
 ENDIF()
@@ -272,10 +272,10 @@ ENDIF()
 MESSAGE(STATUS "BOOST_INCLUDE_DIR ${BOOST_INCLUDE_DIR}")
 
 # We have a limited set of patches/bugfixes here:
-SET(BOOST_PATCHES_DIR "${CMAKE_SOURCE_DIR}/include/boost_1_59_0/patches")
+SET(BOOST_PATCHES_DIR "${CMAKE_SOURCE_DIR}/include/boost_1_60_0/patches")
 
 # We have a limited set of source files here:
-SET(BOOST_SOURCES_DIR "${CMAKE_SOURCE_DIR}/include/boost_1_59_0")
+SET(BOOST_SOURCES_DIR "${CMAKE_SOURCE_DIR}/include/boost_1_60_0")
 
 # Bug in sqrt(NaN) on 32bit platforms
 IF(SIZEOF_VOIDP EQUAL 4)
diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
index d10e222fd135..12b9d92d2ff0 100644
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -191,7 +191,7 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file,
     key_file= cert_file;
 
   if (cert_file &&
-      SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0)
+      SSL_CTX_use_certificate_chain_file(ctx, cert_file) <= 0)
   {
     *error= SSL_INITERR_CERT;
     DBUG_PRINT("error",("%s from file '%s'", sslGetErrString(*error), cert_file));