diff --git a/m4/sb_check_mysql.m4 b/m4/sb_check_mysql.m4 index eac6e7a..f054ae6 100644 --- a/m4/sb_check_mysql.m4 +++ b/m4/sb_check_mysql.m4 @@ -114,7 +114,24 @@ AC_DEFINE([USE_MYSQL], 1, USE_MYSQL=1 AC_SUBST([MYSQL_LIBS]) AC_SUBST([MYSQL_CFLAGS]) + +AC_MSG_CHECKING([if mysql.h defines MYSQL_OPT_SSL_MODE]) + +SAVE_CFLAGS="${CFLAGS}" +CFLAGS="${CFLAGS} ${MYSQL_CFLAGS}" +AC_COMPILE_IFELSE([AC_LANG_PROGRAM( + [[ +#include + +enum mysql_option opt = MYSQL_OPT_SSL_MODE; + ]])], [ + AC_DEFINE([HAVE_MYSQL_OPT_SSL_MODE], 1, + [Define to 1 if mysql.h defines MYSQL_OPT_SSL_MODE]) + AC_MSG_RESULT([yes]) + ], [AC_MSG_RESULT([no])]) ]) +CFLAGS="${SAVE_CFLAGS}" + AM_CONDITIONAL([USE_MYSQL], test "x$with_mysql" != xno) AC_SUBST([USE_MYSQL]) diff --git a/src/drivers/mysql/drv_mysql.c b/src/drivers/mysql/drv_mysql.c index 769573a..6fd703b 100644 --- a/src/drivers/mysql/drv_mysql.c +++ b/src/drivers/mysql/drv_mysql.c @@ -64,7 +64,7 @@ static sb_arg_t mysql_drv_args[] = SB_OPT("mysql-user", "MySQL user", "sbtest", STRING), SB_OPT("mysql-password", "MySQL password", "", STRING), SB_OPT("mysql-db", "MySQL database name", "sbtest", STRING), -#ifdef MYSQL_OPT_SSL_MODE +#ifdef HAVE_MYSQL_OPT_SSL_MODE SB_OPT("mysql-ssl", "SSL mode. This accepts the same values as the " "--ssl-mode option in the MySQL client utilities. Disabled by default", "disabled", STRING), @@ -98,8 +98,8 @@ typedef struct const char *user; const char *password; const char *db; -#ifdef MYSQL_OPT_SSL_MODE - int ssl_mode; +#ifdef HAVE_MYSQL_OPT_SSL_MODE + unsigned int ssl_mode; #endif bool use_ssl; const char *ssl_key; @@ -123,6 +123,14 @@ typedef struct char *socket; } db_mysql_conn_t; +#ifdef HAVE_MYSQL_OPT_SSL_MODE +typedef struct { + const char *name; + enum mysql_ssl_mode mode; +} ssl_mode_map_t; +#endif + + /* Structure used for DB-to-MySQL bind types map */ typedef struct @@ -172,6 +180,17 @@ static sb_list_item_t *sockets_pos; static pthread_mutex_t pos_mutex; +#ifdef HAVE_MYSQL_OPT_SSL_MODE +static ssl_mode_map_t ssl_mode_names[] = { + {"DISABLED", SSL_MODE_DISABLED}, + {"PREFERRED", SSL_MODE_PREFERRED}, + {"REQUIRED", SSL_MODE_REQUIRED}, + {"VERIFY_CA", SSL_MODE_VERIFY_CA}, + {"VERIFY_IDENTITY", SSL_MODE_VERIFY_IDENTITY}, + {NULL, 0} +}; +#endif + /* MySQL driver operations */ static int mysql_drv_init(void); @@ -272,12 +291,21 @@ int mysql_drv_init(void) args.ssl_cert = sb_get_value_string("mysql-ssl-cert"); args.ssl_ca = sb_get_value_string("mysql-ssl-ca"); -#ifdef MYSQL_OPT_SSL_MODE +#ifdef HAVE_MYSQL_OPT_SSL_MODE const char * const ssl_mode_string = sb_get_value_string("mysql-ssl"); - args.ssl_mode = find_type(ssl_mode_string, ssl_mode_typelib, FIND_TYPE_BASIC); - if (args.ssl_mode <= 0) + + args.ssl_mode = 0; + + for (int i = 0; ssl_mode_names[i].name != NULL; i++) { + if (!strcasecmp(ssl_mode_string, ssl_mode_names[i].name)) { + args.ssl_mode = ssl_mode_names[i].mode; + break; + } + } + + if (args.ssl_mode == 0) { - log_text(LOG_FATAL, "Invalid value for --mysql-ssl: '%s'"); + log_text(LOG_FATAL, "Invalid value for --mysql-ssl: '%s'", ssl_mode_string); return 1; } @@ -344,9 +372,9 @@ static int mysql_drv_real_connect(db_mysql_conn_t *db_mysql_con) { MYSQL *con = db_mysql_con->mysql; -#ifdef MYSQL_OPT_SSL_MODE +#ifdef HAVE_MYSQL_OPT_SSL_MODE DEBUG("mysql_options(%p,%s,%d)", con, "MYSQL_OPT_SSL_MODE", args.ssl_mode); - mysql_options(con, MYSQL_OPT_SSL_MODE, args.ssl_mode); + mysql_options(con, MYSQL_OPT_SSL_MODE, &args.ssl_mode); #endif if (args.use_ssl) @@ -357,7 +385,6 @@ static int mysql_drv_real_connect(db_mysql_conn_t *db_mysql_con) mysql_ssl_set(con, args.ssl_key, args.ssl_cert, args.ssl_ca, NULL, args.ssl_cipher); - } if (args.use_compression)