Fix: moved ssl_mode parameter for mysql backend engine

[MaciejSzczurek]

Proposed change

The introduced change corrects a bug in which the ssl_mode parameter was not taken into account by the MySQLdb engine. The ssl_mode parameter is not taken from the ssl parameter as can be verified in MySQLdb code and documentation. The easiest way to confirm the error is to set the PAPERLESS_DBSSLMODE environment variable to REQUIRED and start the MySQL database by setting the require_secure_transport=on variable. Although ssl_mode was set to REQUIRED the MySQLdb engine does not see this setting and we get an error

MySQLdb.OperationalError: (3159, 'Connections using insecure transport are prohibited while --require_secure_transport=ON.')

If the ssl_mode parameter is set correctly, this error should not occur.

Type of change

• Bug fix: non-breaking change which fixes an issue.
• New feature / Enhancement: non-breaking change which adds functionality. Please read the important note above.
• Breaking change: fix or feature that would cause existing functionality to not work as expected.
• Documentation only.
• Other. Please explain:

Checklist:

• I have read & agree with the contributing guidelines.
• If applicable, I have included testing coverage for new code in this PR, for backend and / or front-end changes.
• If applicable, I have tested my code for new features & regressions on both mobile & desktop devices, using the latest version of major browsers.
• If applicable, I have checked that all tests pass, see documentation.
• I have run all pre-commit hooks, see documentation.
• I have made corresponding changes to the documentation as needed.
• I have checked my modifications for any breaking changes.

[paperless-ngx-secretary]

Hello @MaciejSzczurek,

thank you very much for submitting this PR to us!

This is what will happen next:

1. My robotic colleagues will check your changes to see if they break anything. You can see the progress below.
2. Once that is finished, human contributors from paperless-ngx review your changes. Since this seems to be a small change, only a single contributor has to review your changes.
3. Please improve anything that comes up during the review until your pull request gets approved.
4. Your pull request will be merged into the dev branch. Changes there will be tested further.
5. Eventually, changes from you and other contributors will be merged into main and a new release will be made.

Please allow up to 7 days for an initial review. We're all very excited about new pull requests but we only do this as a hobby.
If any action will be required by you, please reply within a month.

[stumpylog]

Can you point me to some documentation that this is the correct location?

[MaciejSzczurek]

@stumpylog

Of course. The following documentation lists the parameters used by the mysql client that django uses to establish the connection.

https://mysqlclient.readthedocs.io/user_guide.html#functions-and-attributes

Here you can see that the ssl_mode parameter is not an element of the ssl dictionary, but a separate parameter.

[stumpylog]

Thanks, must not be many people using SSL, it's been like that since it was added

[github-actions]

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new discussion or issue for related concerns. See our contributing guidelines for more details.