diff options
author | Christian Ehrlicher <ch.ehrlicher@gmx.de> | 2023-02-27 20:28:33 +0100 |
---|---|---|
committer | Volker Hilsheimer <volker.hilsheimer@qt.io> | 2023-04-06 04:41:15 +0000 |
commit | 39fab09aade3bc64cd2241764e59f9248b9588ac (patch) | |
tree | a1767c6cfef5aa0e34bab05a5dc5607353610a30 /src/plugins/sqldrivers | |
parent | 27867de8ca257eb8aa1e02e04b35c0efd3929584 (diff) |
SQL/MySQL: add option MYSQL_OPT_TLS_VERSION & MYSQL_OPT_SSL_MODE
Add the two options MYSQL_OPT_TLS_VERSION and MYSQL_OPT_SSL_MODE to
properly support encrypted connections to MySQL 8.0 servers.
MYSQL_OPT_SSL_MODE will not work when compiled against the MariaDB
C-Connector since it's not supported by the MariaDB client.
[ChangeLog][QtSql][MySQL] Added the two new connect options
MYSQL_OPT_TLS_VERSION and MYSQL_OPT_SSL_MODE.
Fixes: QTBUG-84797
Change-Id: Iec7d682fc00072ce5b2a824c4ea00fca4575a93e
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
Diffstat (limited to 'src/plugins/sqldrivers')
-rw-r--r-- | src/plugins/sqldrivers/mysql/qsql_mysql.cpp | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/src/plugins/sqldrivers/mysql/qsql_mysql.cpp b/src/plugins/sqldrivers/mysql/qsql_mysql.cpp index 1cf6798cd9..b8dc0bfef1 100644 --- a/src/plugins/sqldrivers/mysql/qsql_mysql.cpp +++ b/src/plugins/sqldrivers/mysql/qsql_mysql.cpp @@ -1204,6 +1204,27 @@ static bool setOptionBool(MYSQL *mysql, mysql_option option, QStringView v) return mysql_options(mysql, option, &val) == 0; } +// MYSQL_OPT_SSL_MODE was introduced with MySQL 5.7.11 +#if defined(MYSQL_VERSION_ID) && MYSQL_VERSION_ID >= 50711 && !defined(MARIADB_VERSION_ID) +static bool setOptionSslMode(MYSQL *mysql, mysql_option option, QStringView v) +{ + mysql_ssl_mode sslMode = SSL_MODE_DISABLED; + if (v == "DISABLED"_L1 || v == "SSL_MODE_DISABLED"_L1) + sslMode = SSL_MODE_DISABLED; + else if (v == "PREFERRED"_L1 || v == "SSL_MODE_PREFERRED"_L1) + sslMode = SSL_MODE_PREFERRED; + else if (v == "REQUIRED"_L1 || v == "SSL_MODE_REQUIRED"_L1) + sslMode = SSL_MODE_REQUIRED; + else if (v == "VERIFY_CA"_L1 || v == "SSL_MODE_VERIFY_CA"_L1) + sslMode = SSL_MODE_VERIFY_CA; + else if (v == "VERIFY_IDENTITY"_L1 || v == "SSL_MODE_VERIFY_IDENTITY"_L1) + sslMode = SSL_MODE_VERIFY_IDENTITY; + else + qWarning() << "Unknown ssl mode '" << v << "' - using SSL_MODE_DISABLED"; + return mysql_options(mysql, option, &sslMode) == 0; +} +#endif + static bool setOptionProtocol(MYSQL *mysql, mysql_option option, QStringView v) { mysql_protocol_type proto = MYSQL_PROTOCOL_DEFAULT; @@ -1259,6 +1280,12 @@ bool QMYSQLDriver::open(const QString &db, {"MYSQL_OPT_SSL_CIPHER"_L1, MYSQL_OPT_SSL_CIPHER, setOptionString}, {"MYSQL_OPT_SSL_CRL"_L1, MYSQL_OPT_SSL_CRL, setOptionString}, {"MYSQL_OPT_SSL_CRLPATH"_L1, MYSQL_OPT_SSL_CRLPATH, setOptionString}, +#if defined(MYSQL_VERSION_ID) && MYSQL_VERSION_ID >= 50710 + {"MYSQL_OPT_TLS_VERSION"_L1, MYSQL_OPT_TLS_VERSION, setOptionString}, +#endif +#if defined(MYSQL_VERSION_ID) && MYSQL_VERSION_ID >= 50711 && !defined(MARIADB_VERSION_ID) + {"MYSQL_OPT_SSL_MODE"_L1, MYSQL_OPT_SSL_MODE, setOptionSslMode}, +#endif {"MYSQL_OPT_CONNECT_TIMEOUT"_L1, MYSQL_OPT_CONNECT_TIMEOUT, setOptionInt}, {"MYSQL_OPT_READ_TIMEOUT"_L1, MYSQL_OPT_READ_TIMEOUT, setOptionInt}, {"MYSQL_OPT_WRITE_TIMEOUT"_L1, MYSQL_OPT_WRITE_TIMEOUT, setOptionInt}, |