MySQL  8.0.26
Source Code Documentation
sslopt-vars.h
Go to the documentation of this file.
1 /* Copyright (c) 2000, 2021, Oracle and/or its affiliates.
2 
3  This program is free software; you can redistribute it and/or modify
4  it under the terms of the GNU General Public License, version 2.0,
5  as published by the Free Software Foundation.
6 
7  This program is also distributed with certain software (including
8  but not limited to OpenSSL) that is licensed under separate terms,
9  as designated in a particular file or component or in included license
10  documentation. The authors of MySQL hereby grant you an additional
11  permission to link the program and your derivative works with the
12  separately licensed software that they have included with MySQL.
13 
14  This program is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  GNU General Public License, version 2.0, for more details.
18 
19  You should have received a copy of the GNU General Public License
20  along with this program; if not, write to the Free Software
21  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
22 
23 #ifndef SSLOPT_VARS_INCLUDED
24 #define SSLOPT_VARS_INCLUDED
25 
26 /**
27  @file include/sslopt-vars.h
28 */
29 
30 #include <stdio.h>
31 
32 #include "m_string.h"
33 #include "my_inttypes.h"
34 #include "mysql.h"
35 #include "template_utils.h"
36 #include "typelib.h"
37 
38 #ifdef MYSQL_SERVER
39 #error This header is supposed to be used only in the client
40 #endif
41 
42 #include <stddef.h>
43 #include <stdio.h>
44 #include <sys/types.h>
45 
46 #include "m_string.h"
47 #include "my_inttypes.h"
48 #include "my_macros.h"
49 #include "mysql.h"
50 #include "typelib.h"
51 
52 const char *ssl_mode_names_lib[] = {"DISABLED", "PREFERRED", "REQUIRED",
53  "VERIFY_CA", "VERIFY_IDENTITY", NullS};
55  ssl_mode_names_lib, nullptr};
56 
57 const char *ssl_fips_mode_names_lib[] = {"OFF", "ON", "STRICT", NullS};
59  "", ssl_fips_mode_names_lib, nullptr};
60 
62 static char *opt_ssl_ca = nullptr;
63 static char *opt_ssl_capath = nullptr;
64 static char *opt_ssl_cert = nullptr;
65 static char *opt_ssl_cipher = nullptr;
66 static char *opt_tls_ciphersuites = nullptr;
67 static char *opt_ssl_key = nullptr;
68 static char *opt_ssl_crl = nullptr;
69 static char *opt_ssl_crlpath = nullptr;
70 static char *opt_tls_version = nullptr;
72 static bool ssl_mode_set_explicitly = false;
73 
74 static inline int set_client_ssl_options(MYSQL *mysql) {
75  /*
76  Print a warning if explicitly defined combination of --ssl-mode other than
77  VERIFY_CA or VERIFY_IDENTITY with explicit --ssl-ca or --ssl-capath values.
78  */
81  fprintf(stderr,
82  "WARNING: no verification of server certificate will be done. "
83  "Use --ssl-mode=VERIFY_CA or VERIFY_IDENTITY.\n");
84  }
85 
86  /* Set SSL parameters: key, cert, ca, capath, cipher, clr, clrpath. */
90  else
91  mysql_ssl_set(mysql, opt_ssl_key, opt_ssl_cert, nullptr, nullptr,
99  return 1;
101 
102  return 0;
103 }
104 
105 #define SSL_SET_OPTIONS(mysql) set_client_ssl_options(mysql)
106 
107 const char *SSL_SET_OPTIONS_ERROR = "Failed to set ssl related options.\n";
108 
109 #endif /* SSLOPT_VARS_INCLUDED */
#define CR_SSL_FIPS_MODE_ERR
Definition: errmsg.h:125
#define NullS
Definition of the null string (a null pointer of type char *), used in some of our string handling co...
Definition: m_string.h:52
Some integer typedefs for easier portability.
Some common macros.
static MYSQL mysql
Definition: mysql.cc:153
This file defines the client API to MySQL and also the ABI of the dynamically linked libmysqlclient.
unsigned int STDCALL mysql_errno(MYSQL *mysql)
Definition: client.cc:8524
@ MYSQL_OPT_TLS_VERSION
Definition: mysql.h:204
@ MYSQL_OPT_SSL_FIPS_MODE
Definition: mysql.h:209
@ MYSQL_OPT_SSL_CRLPATH
Definition: mysql.h:195
@ MYSQL_OPT_SSL_MODE
Definition: mysql.h:205
@ MYSQL_OPT_SSL_CRL
Definition: mysql.h:194
@ MYSQL_OPT_TLS_CIPHERSUITES
Definition: mysql.h:210
bool STDCALL mysql_ssl_set(MYSQL *mysql, const char *key, const char *cert, const char *ca, const char *capath, const char *cipher)
Definition: client.cc:3282
int STDCALL mysql_options(MYSQL *mysql, enum mysql_option option, const void *arg)
Definition: client.cc:7939
@ SSL_MODE_PREFERRED
Definition: mysql.h:270
@ SSL_MODE_VERIFY_CA
Definition: mysql.h:272
@ SSL_FIPS_MODE_OFF
Definition: mysql.h:277
static int set_client_ssl_options(MYSQL *mysql)
Definition: sslopt-vars.h:74
static char * opt_ssl_cipher
Definition: sslopt-vars.h:65
const char * ssl_mode_names_lib[]
Definition: sslopt-vars.h:52
static char * opt_ssl_ca
Definition: sslopt-vars.h:62
static char * opt_tls_version
Definition: sslopt-vars.h:70
const char * SSL_SET_OPTIONS_ERROR
Definition: sslopt-vars.h:107
static char * opt_ssl_capath
Definition: sslopt-vars.h:63
static char * opt_ssl_crlpath
Definition: sslopt-vars.h:69
TYPELIB ssl_fips_mode_typelib
Definition: sslopt-vars.h:58
static char * opt_tls_ciphersuites
Definition: sslopt-vars.h:66
const char * ssl_fips_mode_names_lib[]
Definition: sslopt-vars.h:57
static ulong opt_ssl_fips_mode
Definition: sslopt-vars.h:71
static uint opt_ssl_mode
Definition: sslopt-vars.h:61
static bool ssl_mode_set_explicitly
Definition: sslopt-vars.h:72
static char * opt_ssl_cert
Definition: sslopt-vars.h:64
TYPELIB ssl_mode_typelib
Definition: sslopt-vars.h:54
static char * opt_ssl_crl
Definition: sslopt-vars.h:68
static char * opt_ssl_key
Definition: sslopt-vars.h:67
Definition: mysql.h:296
Definition: typelib.h:34
unsigned int uint
Definition: uca-dump.cc:29
#define array_elements(A)
Definition: validate_password_imp.cc:45