30 Jan
2024
30 Jan
'24
4:28 p.m.
Module: kamailio
Branch: master
Commit: d772b4c24a3a4995b93287ccf8eac9b80d1a5bac
URL: https://github.com/kamailio/kamailio/commit/d772b4c24a3a4995b93287ccf8eac9b…
Author: S-P Chan <shihping.chan(a)gmail.com>
Committer: Victor Seva <linuxmaniac(a)torreviejawireless.org>
Date: 2024-01-30T14:28:26+01:00
db_mysql: enable TLS when building with mariadb-connector-c
- mariadb-connector-c requires at least one non-NULL configuration
value to use TLS
- emulate MySQL SSL_MODE_XXXX options
---
Modified: src/modules/db_mysql/km_my_con.c
---
Diff:
https://github.com/kamailio/kamailio/commit/d772b4c24a3a4995b93287ccf8eac9b…
Patch:
https://github.com/kamailio/kamailio/commit/d772b4c24a3a4995b93287ccf8eac9b…
---
diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c
index d3f57108886..b415ff87655 100644
--- a/src/modules/db_mysql/km_my_con.c
+++ b/src/modules/db_mysql/km_my_con.c
@@ -116,7 +116,32 @@ struct my_con *db_mysql_new_connection(const struct db_id *id)
(const void *)&db_mysql_timeout_interval);
mysql_options(ptr->con, MYSQL_OPT_WRITE_TIMEOUT,
(const void *)&db_mysql_timeout_interval);
-#if MYSQL_VERSION_ID > 50710 && !defined(MARIADB_BASE_VERSION)
+
+#ifdef MARIADB_BASE_VERSION
+ /*
+ * emulate SSL_MODE_XXXX from MySQL
+ */
+
+ switch(db_mysql_opt_ssl_mode) {
+ case 0: /* opt_ssl_mode = 0(off) */
+ case 1: /* SSL_MODE_DISABLED */
+ break;
+ case 2: /* SSL_MODE_PREFERRED */
+ case 3: /* SSL_MODE_REQUIRED */
+ case 4: /* SSL_MODE_VERIFY_CA */
+ mysql_optionsv(ptr->con, MYSQL_OPT_SSL_ENFORCE, (void *)&(int){1});
+ break;
+ case 5: /* SSL_MODE_VERIFY_IDENTITY */
+ mysql_optionsv(ptr->con, MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
+ (void *)&(int){1});
+ break;
+ default:
+ LM_WARN("opt_ssl_mode = %d not supported by MariaDB Connector/C\n",
+ db_mysql_opt_ssl_mode);
+ break;
+ }
+#else
+#ifdef MYSQL_VERSION_ID> 50710
if(db_mysql_opt_ssl_mode != 0) {
unsigned int optuint = 0;
if(db_mysql_opt_ssl_mode == 1) {
@@ -136,7 +161,8 @@ struct my_con *db_mysql_new_connection(const struct db_id *id)
"ignoring\n",
(unsigned int)db_mysql_opt_ssl_mode);
}
-#endif
+#endif /* MYSQL_VERSION_ID */
+#endif /* MARIADB_BASE_VERSION */
#if MYSQL_VERSION_ID > 50012
/* set reconnect flag if enabled */
300
days inactive
300
days old
0 comments
1 participants
participants (1)
-
Victor Seva