diff --git a/.travis.yml b/.travis.yml index 00f9eacc..6a72fd11 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,15 +5,19 @@ rust: - nightly - beta - stable +services: + - mysql env: global: - DATABASE_URL=mysql://root:password@127.0.0.1:3306/mysql before_install: - - sudo bash -c "echo '[mysqld]' >> /usr/share/mysql/my-default.cnf" - - sudo bash -c "echo 'sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES' >> /usr/share/mysql/my-default.cnf" - - sudo mysql -e "use mysql; update user set authentication_string=PASSWORD('password') where User='root'; FLUSH PRIVILEGES;" - - sudo mysql_upgrade -u root -ppassword - - sudo service mysql restart + - sudo service mysql stop + - mysql_ssl_rsa_setup --verbose --datadir=/tmp/ + - mysqld --initialize-insecure --datadir=/tmp/db --log_error=/tmp/error.log --pid-file=/tmp/mysql.pid + - mysqld --sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES --datadir=/tmp/db --socket=/tmp/mysql.sock --max_allowed_packet=32M --ssl --ssl-ca=/tmp/ca.pem --ssl-cert=/tmp/server-cert.pem --ssl-key=/tmp/server-key.pem --log_error=/tmp/error.log --pid-file=/tmp/mysql.pid & + - sleep 20 + - cat /tmp/error.log || true + - mysql -h127.0.0.1 -e "use mysql; update user set authentication_string=PASSWORD('password') where User='root'; FLUSH PRIVILEGES;" before_script: - export PATH="$PATH:$HOME/.cargo/bin" - rustup component add rustfmt @@ -21,4 +25,3 @@ script: - cargo test - cargo test --features ssl - cargo fmt -- --check - diff --git a/src/conn/mod.rs b/src/conn/mod.rs index a09320d2..94868997 100644 --- a/src/conn/mod.rs +++ b/src/conn/mod.rs @@ -591,14 +591,8 @@ mod test { #[cfg(feature = "ssl")] { let mut ssl_opts = SslOpts::new(); - ssl_opts.set_pkcs12_path(Some(AsRef::<::std::path::Path>::as_ref( - "./test/client.p12", - ))); - ssl_opts.set_root_cert_path(Some(AsRef::<::std::path::Path>::as_ref( - "./test/ca-cert.der", - ))); - ssl_opts.set_password(Some("pass")); ssl_opts.set_danger_skip_domain_validation(true); + ssl_opts.set_danger_accept_invalid_certs(true); builder.ssl_opts(ssl_opts); } builder diff --git a/src/conn/pool/mod.rs b/src/conn/pool/mod.rs index 5a20365d..6151efce 100644 --- a/src/conn/pool/mod.rs +++ b/src/conn/pool/mod.rs @@ -304,7 +304,7 @@ impl Pool { Err(_) => { Ok(()) }, }); - // Handle connecting connections. + // Handle connecting connections. handle!(new { Ok(Ready(conn)) => { if inner.closed { diff --git a/src/io/mod.rs b/src/io/mod.rs index ca4e0e2f..0ef728ad 100644 --- a/src/io/mod.rs +++ b/src/io/mod.rs @@ -98,6 +98,7 @@ impl Endpoint { builder.identity(identity); } builder.danger_accept_invalid_hostnames(ssl_opts.skip_domain_validation()); + builder.danger_accept_invalid_certs(ssl_opts.accept_invalid_certs()); builder.build().map_err(Error::from) })() .into_future() diff --git a/src/lib.rs b/src/lib.rs index 9d0d5c88..4ebd067a 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -119,7 +119,10 @@ //! ``` #![recursion_limit = "1024"] -#![cfg_attr(feature = "nightly", feature(test, const_fn, extern_crate_item_prelude))] +#![cfg_attr( + feature = "nightly", + feature(test, const_fn, extern_crate_item_prelude) +)] #[cfg(feature = "nightly")] extern crate test; diff --git a/src/opts.rs b/src/opts.rs index 4c4c9b78..3df251fd 100644 --- a/src/opts.rs +++ b/src/opts.rs @@ -36,6 +36,7 @@ pub struct SslOpts { password: Option>, root_cert_path: Option>, skip_domain_validation: bool, + accept_invalid_certs: bool, } impl SslOpts { @@ -45,6 +46,7 @@ impl SslOpts { password: None, root_cert_path: None, skip_domain_validation: false, + accept_invalid_certs: false, } } @@ -79,6 +81,13 @@ impl SslOpts { self } + /// If `true` then client will accept invalid certificate (expired, not trusted, ..) + /// (defaults to `false`). + pub fn set_danger_accept_invalid_certs(&mut self, value: bool) -> &mut Self { + self.accept_invalid_certs = value; + self + } + pub fn pkcs12_path(&self) -> Option<&Path> { self.pkcs12_path.as_ref().map(|x| x.as_ref()) } @@ -94,6 +103,10 @@ impl SslOpts { pub fn skip_domain_validation(&self) -> bool { self.skip_domain_validation } + + pub fn accept_invalid_certs(&self) -> bool { + self.accept_invalid_certs + } } /// Mysql connection options.