Skip to content
Permalink
Browse files

Set up SSL parameters not only in TCP/IP mode

  • Loading branch information...
ansgarbecker committed May 14, 2019
1 parent 4bf32b3 commit 927e144ccef52a530c4644fedc90e87bbacb484a
Showing with 34 additions and 31 deletions.
  1. +25 −23 source/dbconnection.pas
  2. +9 −8 source/main.pas
@@ -1729,31 +1729,33 @@ procedure TMySQLConnection.SetActive( Value: Boolean );
FinalHost := FParameters.Hostname;
FinalSocket := '';
FinalPort := FParameters.Port;

if FParameters.WantSSL then begin
// mysql_ssl_set() wants nil, while PAnsiChar(AnsiString()) is never nil
sslkey := nil;
sslcert := nil;
sslca := nil;
sslcipher := nil;
if FParameters.SSLPrivateKey <> '' then
sslkey := PAnsiChar(AnsiString(FParameters.SSLPrivateKey));
if FParameters.SSLCertificate <> '' then
sslcert := PAnsiChar(AnsiString(FParameters.SSLCertificate));
if FParameters.SSLCACertificate <> '' then
sslca := PAnsiChar(AnsiString(FParameters.SSLCACertificate));
if FParameters.SSLCipher <> '' then
sslcipher := PAnsiChar(AnsiString(FParameters.SSLCipher));
{ TODO : Use Cipher and CAPath parameters }
mysql_ssl_set(FHandle,
sslkey,
sslcert,
sslca,
nil,
sslcipher);
Log(lcInfo, _('SSL parameters successfully set.'));
end;

case FParameters.NetType of
ntMySQL_TCPIP: begin
if FParameters.WantSSL then begin
// mysql_ssl_set() wants nil, while PAnsiChar(AnsiString()) is never nil
sslkey := nil;
sslcert := nil;
sslca := nil;
sslcipher := nil;
if FParameters.SSLPrivateKey <> '' then
sslkey := PAnsiChar(AnsiString(FParameters.SSLPrivateKey));
if FParameters.SSLCertificate <> '' then
sslcert := PAnsiChar(AnsiString(FParameters.SSLCertificate));
if FParameters.SSLCACertificate <> '' then
sslca := PAnsiChar(AnsiString(FParameters.SSLCACertificate));
if FParameters.SSLCipher <> '' then
sslcipher := PAnsiChar(AnsiString(FParameters.SSLCipher));
{ TODO : Use Cipher and CAPath parameters }
mysql_ssl_set(FHandle,
sslkey,
sslcert,
sslca,
nil,
sslcipher);
Log(lcInfo, _('SSL parameters successfully set.'));
end;
end;

ntMySQL_NamedPipe: begin
@@ -3530,17 +3530,18 @@ procedure TMainForm.actLaunchCommandlineExecute(Sender: TObject);
cmd := '$TERM';
end;

if Conn.Parameters.WantSSL then
p := p + ' --ssl';
if not Conn.Parameters.SSLPrivateKey.IsEmpty then
p := p + ' --ssl-key="'+Conn.Parameters.SSLPrivateKey+'"';
if not Conn.Parameters.SSLCertificate.IsEmpty then
p := p + ' --ssl-cert="'+Conn.Parameters.SSLCertificate+'"';
if not Conn.Parameters.SSLCACertificate.IsEmpty then
p := p + ' --ssl-ca="'+Conn.Parameters.SSLCACertificate+'"';

case Conn.Parameters.NetType of
ntMySQL_TCPIP: begin
p := p + ' --host="'+Conn.Parameters.Hostname+'" --port='+IntToStr(Conn.Parameters.Port);
if Conn.Parameters.WantSSL then
p := p + ' --ssl';
if not Conn.Parameters.SSLPrivateKey.IsEmpty then
p := p + ' --ssl-key="'+Conn.Parameters.SSLPrivateKey+'"';
if not Conn.Parameters.SSLCertificate.IsEmpty then
p := p + ' --ssl-cert="'+Conn.Parameters.SSLCertificate+'"';
if not Conn.Parameters.SSLCACertificate.IsEmpty then
p := p + ' --ssl-ca="'+Conn.Parameters.SSLCACertificate+'"';
end;
ntMySQL_NamedPipe:
p := p + ' --pipe --socket="'+Conn.Parameters.Hostname+'"';

0 comments on commit 927e144

Please sign in to comment.
You can’t perform that action at this time.