Module: kamailio Branch: 5.7 Commit: ede2af94386b99a87311351fcbdd15280dc11034 URL: https://github.com/kamailio/kamailio/commit/ede2af94386b99a87311351fcbdd15280dc11034
Author: S-P Chan <shihping.c...@gmail.com> Committer: S-P Chan <shihping.c...@gmail.com> Date: 2024-02-04T08:12:52+08:00 db_mysql: backport - no TLS with MariaDB Connector/C - GH #3735 - includes compilation and stretch fixes - emulate SSL_MODE_XXX from MySQL - opt_ssl_mode: - 0|1(off) - 2|3|4(MYSQL_OPT_SSL_ENFORCE) - 5(MYSQL_OPT_SSL_VERIFY_SERVER_CERT) --- Modified: src/modules/db_mysql/km_my_con.c --- Diff: https://github.com/kamailio/kamailio/commit/ede2af94386b99a87311351fcbdd15280dc11034.diff Patch: https://github.com/kamailio/kamailio/commit/ede2af94386b99a87311351fcbdd15280dc11034.patch --- diff --git a/src/modules/db_mysql/km_my_con.c b/src/modules/db_mysql/km_my_con.c index d3f57108886..b4c4dca33b0 100644 --- a/src/modules/db_mysql/km_my_con.c +++ b/src/modules/db_mysql/km_my_con.c @@ -116,7 +116,36 @@ struct my_con *db_mysql_new_connection(const struct db_id *id) (const void *)&db_mysql_timeout_interval); mysql_options(ptr->con, MYSQL_OPT_WRITE_TIMEOUT, (const void *)&db_mysql_timeout_interval); -#if MYSQL_VERSION_ID > 50710 && !defined(MARIADB_BASE_VERSION) + +#ifdef MARIADB_BASE_VERSION + /* + * emulate SSL_MODE_XXXX from MySQL + */ + + switch(db_mysql_opt_ssl_mode) { + case 0: /* opt_ssl_mode = 0(off) */ + case 1: /* SSL_MODE_DISABLED */ + break; + case 2: /* SSL_MODE_PREFERRED */ + case 3: /* SSL_MODE_REQUIRED */ + case 4: /* SSL_MODE_VERIFY_CA */ +#if MYSQL_VERSION_ID >= 100339 + mysql_options(ptr->con, MYSQL_OPT_SSL_ENFORCE, (void *)&(int){1}); +#else + LM_WARN("ssl mode not supported by %s\n", MARIADB_BASE_VERSION); +#endif + break; + case 5: /* SSL_MODE_VERIFY_IDENTITY */ + mysql_options(ptr->con, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, + (void *)&(int){1}); + break; + default: + LM_WARN("opt_ssl_mode = %d not supported by MariaDB Connector/C\n", + db_mysql_opt_ssl_mode); + break; + } +#else +#if MYSQL_VERSION_ID > 50710 if(db_mysql_opt_ssl_mode != 0) { unsigned int optuint = 0; if(db_mysql_opt_ssl_mode == 1) { @@ -136,7 +165,8 @@ struct my_con *db_mysql_new_connection(const struct db_id *id) "ignoring\n", (unsigned int)db_mysql_opt_ssl_mode); } -#endif +#endif /* MYSQL_VERSION_ID */ +#endif /* MARIADB_BASE_VERSION */ #if MYSQL_VERSION_ID > 50012 /* set reconnect flag if enabled */ _______________________________________________ Kamailio (SER) - Development Mailing List To unsubscribe send an email to sr-dev-le...@lists.kamailio.org