Index: driver/connect.c =================================================================== --- driver/connect.c (revision 264) +++ driver/connect.c (working copy) @@ -161,6 +161,7 @@ if (option_flag & FLAG_USE_MYCNF) mysql_options(mysql,MYSQL_READ_DEFAULT_GROUP,"odbc"); + /* Clear the stupid option of MS Compatibility, which has already been fixed in the MS products @@ -209,12 +210,15 @@ SQLCHAR FAR * szUID, SQLSMALLINT cbUID, SQLCHAR FAR * szAuthStr, - SQLSMALLINT cbAuthStr ) + SQLSMALLINT cbAuthStr + ) { char host[64],user[64],passwd[64],dsn[NAME_LEN+1],database[NAME_LEN+1]; char port[10],flag[10],init_stmt[256],*dsn_ptr; char szTRACE[FILENAME_MAX+1]= ""; char socket[256]= ""; + char opt_ssl_verify_server_cert; /* Not needed */ + char sslca[256], sslcapath[256], sslcert[256], sslcipher[256], sslkey[256]; ulong flag_nr,client_flag; uint port_nr= 0; DBC FAR *dbc= (DBC FAR*) hdbc; @@ -231,13 +235,34 @@ if (dsn_ptr && !dsn_ptr[0]) MYODBCDbgReturnReturn( set_conn_error(hdbc, MYERR_S1000, "Invalid Connection Parameters",0) ); - SQLGetPrivateProfileString(dsn_ptr,"user","", user, sizeof(user), MYODBCUtilGetIniFileName( TRUE ) ); - SQLGetPrivateProfileString(dsn_ptr,"password","", passwd, sizeof(passwd), MYODBCUtilGetIniFileName( TRUE ) ); + SQLGetPrivateProfileString(dsn_ptr,"uid","", user, sizeof(user), MYODBCUtilGetIniFileName( TRUE ) ); + + if(!user[0]) + /* Try to use alternate key - user */ + SQLGetPrivateProfileString(dsn_ptr,"user","", user, sizeof(user), MYODBCUtilGetIniFileName( TRUE ) ); + + SQLGetPrivateProfileString(dsn_ptr,"pwd","", passwd, sizeof(passwd), MYODBCUtilGetIniFileName( TRUE ) ); + if(!passwd[0]) + /* Try to use alternate key - password */ + SQLGetPrivateProfileString(dsn_ptr,"password","", passwd, sizeof(passwd), MYODBCUtilGetIniFileName( TRUE ) ); + SQLGetPrivateProfileString(dsn_ptr,"server","localhost", host, sizeof(host), MYODBCUtilGetIniFileName( TRUE ) ); SQLGetPrivateProfileString(dsn_ptr,"database",dsn_ptr, database, sizeof(database), MYODBCUtilGetIniFileName( TRUE ) ); SQLGetPrivateProfileString(dsn_ptr,"port","0", port, sizeof(port), MYODBCUtilGetIniFileName( TRUE ) ); port_nr= (uint) atoi(port); SQLGetPrivateProfileString(dsn_ptr,"option","0", flag, sizeof(flag), MYODBCUtilGetIniFileName( TRUE ) ); + +#ifdef HAVE_OPENSSL + SQLGetPrivateProfileString(dsn_ptr,"sslca","", sslca, sizeof(sslca), MYODBCUtilGetIniFileName( TRUE ) ); + SQLGetPrivateProfileString(dsn_ptr,"sslcapath","", sslcapath, sizeof(sslcapath), MYODBCUtilGetIniFileName( TRUE ) ); + SQLGetPrivateProfileString(dsn_ptr,"sslcert","", sslcert, sizeof(sslcert), MYODBCUtilGetIniFileName( TRUE ) ); + SQLGetPrivateProfileString(dsn_ptr,"sslkey","", sslkey, sizeof(sslkey), MYODBCUtilGetIniFileName( TRUE ) ); + /* + In case there is no value for sslchipher in DSN we set ALL as default + because the client lib does not read this parameter from my.cnf + */ + SQLGetPrivateProfileString(dsn_ptr,"sslcipher","", sslcipher, sizeof(sslcipher), MYODBCUtilGetIniFileName( TRUE ) ); +#endif flag_nr= (ulong) atol(flag); #ifdef _UNIX_ @@ -266,7 +291,20 @@ copy_if_not_empty(passwd,sizeof(passwd), (char FAR*) szAuthStr,cbAuthStr); copy_if_not_empty(user, sizeof(user), (char FAR *) szUID, cbUID); + /* socket[0] is always 0 if you are not under UNIX */ +#ifdef HAVE_OPENSSL + /* set SSL parameters */ + mysql_ssl_set(&dbc->mysql, + sslkey[0] ? sslkey : 0, + sslcert[0] ? sslcert : 0, + sslca[0] ? sslca : 0, + sslcapath[0]? sslcapath: 0, + sslcipher[0]? sslcipher: 0 + ); + mysql_options(&dbc->mysql,MYSQL_OPT_SSL_VERIFY_SERVER_CERT, &opt_ssl_verify_server_cert); +#endif + dbc->mysql.options.connect_timeout = 3600; if (!mysql_real_connect(&dbc->mysql, host, user, @@ -306,6 +344,17 @@ (uint)dbc->login_timeout, pDataSource->pszSTMT ? pDataSource->pszSTMT : "" ); +#ifdef HAVE_OPENSSL + /* set SSL parameters */ + mysql_ssl_set(&dbc->mysql, + pDataSource->pszSSLKEY, + pDataSource->pszSSLCERT, + pDataSource->pszSSLCA, + pDataSource->pszSSLCAPATH, + pDataSource->pszSSLCIPHER); + + mysql_options(&dbc->mysql,MYSQL_OPT_SSL_VERIFY_SERVER_CERT, &opt_ssl_verify_server_cert); +#endif if ( !mysql_real_connect( &dbc->mysql, pDataSource->pszSERVER, pDataSource->pszUSER, @@ -313,7 +362,7 @@ pDataSource->pszDATABASE, atoi( pDataSource ->pszPORT ), pDataSource->pszSOCKET, - nFlag ) ) + nFlag) ) { set_dbc_error( dbc, "HY000", mysql_error( &dbc->mysql ), mysql_errno( &dbc->mysql ) ); translate_error( dbc->error.sqlstate, MYERR_S1000, mysql_errno( &dbc->mysql ) ); Index: util/MYODBCUtilWriteDataSource.c =================================================================== --- util/MYODBCUtilWriteDataSource.c (revision 264) +++ util/MYODBCUtilWriteDataSource.c (working copy) @@ -70,8 +70,24 @@ if ( pDataSource->pszUSER && !SQLWritePrivateProfileString( pDataSource->pszDSN, "UID", pDataSource->pszUSER, "odbc.ini" ) ) return FALSE; + if ( pDataSource->pszSSLCA && + !SQLWritePrivateProfileString( pDataSource->pszDSN, "SSLCA", pDataSource->pszSSLCA, "odbc.ini" ) ) + return FALSE; + if ( pDataSource->pszSSLCAPATH && + !SQLWritePrivateProfileString( pDataSource->pszDSN, "SSLCAPATH", pDataSource->pszSSLCAPATH, "odbc.ini" ) ) + return FALSE; + if ( pDataSource->pszSSLCERT && + !SQLWritePrivateProfileString( pDataSource->pszDSN, "SSLCERT", pDataSource->pszSSLCERT, "odbc.ini" ) ) + return FALSE; + if ( pDataSource->pszSSLCIPHER && + !SQLWritePrivateProfileString( pDataSource->pszDSN, "SSLCIPHER", pDataSource->pszSSLCIPHER, "odbc.ini" ) ) + return FALSE; + if ( pDataSource->pszSSLKEY && + !SQLWritePrivateProfileString( pDataSource->pszDSN, "SSLKEY", pDataSource->pszSSLKEY, "odbc.ini" ) ) + return FALSE; return TRUE; } + Index: util/MYODBCUtilReadConnectStr.c =================================================================== --- util/MYODBCUtilReadConnectStr.c (revision 264) +++ util/MYODBCUtilReadConnectStr.c (working copy) @@ -172,6 +172,31 @@ if ( !pDataSource->pszUSER ) pDataSource->pszUSER = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); } + else if ( strcasecmp( pszName, "SSLCA" ) == 0 ) + { + if ( !pDataSource->pszSSLCA ) + pDataSource->pszSSLCA = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); + } + else if ( strcasecmp( pszName, "SSLCAPATH" ) == 0 ) + { + if ( !pDataSource->pszSSLCAPATH ) + pDataSource->pszSSLCAPATH = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); + } + else if ( strcasecmp( pszName, "SSLCERT" ) == 0 ) + { + if ( !pDataSource->pszSSLCERT ) + pDataSource->pszSSLCERT = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); + } + else if ( strcasecmp( pszName, "SSLCIPHER" ) == 0 ) + { + if ( !pDataSource->pszSSLCIPHER ) + pDataSource->pszSSLCIPHER = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); + } + else if ( strcasecmp( pszName, "SSLKEY" ) == 0 ) + { + if ( !pDataSource->pszSSLKEY ) + pDataSource->pszSSLKEY = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); + } else if ( strcasecmp( pszName, "SAVEFILE" ) == 0 ) { pDataSource->bSaveFileDSN = TRUE; @@ -211,3 +236,4 @@ } + Index: util/MYODBCUtilReadDataSourceStr.c =================================================================== --- util/MYODBCUtilReadDataSourceStr.c (revision 264) +++ util/MYODBCUtilReadDataSourceStr.c (working copy) @@ -257,6 +257,31 @@ if ( !pDataSource->pszUSER ) pDataSource->pszUSER = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); } + else if ( strcasecmp( pszName, "SSLCA" ) == 0 ) + { + if ( !pDataSource->pszSSLCA ) + pDataSource->pszSSLCA = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); + } + else if ( strcasecmp( pszName, "SSLCAPATH" ) == 0 ) + { + if ( !pDataSource->pszSSLCAPATH ) + pDataSource->pszSSLCAPATH = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); + } + else if ( strcasecmp( pszName, "SSLCERT" ) == 0 ) + { + if ( !pDataSource->pszSSLCERT ) + pDataSource->pszSSLCERT = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); + } + else if ( strcasecmp( pszName, "SSLCIPHER" ) == 0 ) + { + if ( !pDataSource->pszSSLCIPHER ) + pDataSource->pszSSLCIPHER = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); + } + else if ( strcasecmp( pszName, "SSLKEY" ) == 0 ) + { + if ( !pDataSource->pszSSLKEY ) + pDataSource->pszSSLKEY = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); + } else { fprintf( stderr, "[%s][%d][ERROR] Unhandled attribute (%s).\n", __FILE__, __LINE__, pszName ); @@ -292,3 +317,4 @@ } + Index: util/MYODBCUtil.h =================================================================== --- util/MYODBCUtil.h (revision 264) +++ util/MYODBCUtil.h (working copy) @@ -176,6 +176,12 @@ char *pszSTMT; /* Statement that will be exec when connecting to MySQL. */ char *pszOPTION; /* Options that specify how MyODBC should work. */ + char *pszSSLKEY; /* pathname to SSL key file */ + char *pszSSLCERT; /* pathname to SSL certificate file */ + char *pszSSLCA; /* pathname to SSL certificate authority file */ + char *pszSSLCAPATH; /* pathname to a directory that contains SSL ceritificate authority files */ + char *pszSSLCIPHER; /* pathname to a list of allowable ciphers */ + MYODBCUTIL_DATASOURCE_MODE nMode; /* ConfigDSN mode or SQLDriverConnect mode. */ MYODBCUTIL_DATASOURCE_CONNECT nConnect; /* SQLDriverConnect() using a DSN or a DRIVER to connect. */ MYODBCUTIL_DATASOURCE_PROMPT nPrompt; /* SQLDriverConnect() kind of prompting (if any). */ @@ -243,3 +249,4 @@ #endif + Index: util/MYODBCUtilReadDataSource.c =================================================================== --- util/MYODBCUtilReadDataSource.c (revision 264) +++ util/MYODBCUtilReadDataSource.c (working copy) @@ -204,6 +204,31 @@ if ( !pDataSource->pszUSER ) pDataSource->pszUSER = _global_strdup( szValue ); } + else if ( strcasecmp( pszEntryName, "SSLCA" ) == 0 ) + { + if ( !pDataSource->pszSSLCA ) + pDataSource->pszSSLCA = _global_strdup( szValue ); + } + else if ( strcasecmp( pszEntryName, "SSLCAPATH" ) == 0 ) + { + if ( !pDataSource->pszSSLCAPATH ) + pDataSource->pszSSLCAPATH = _global_strdup( szValue ); + } + else if ( strcasecmp( pszEntryName, "SSLCERT" ) == 0 ) + { + if ( !pDataSource->pszSSLCERT ) + pDataSource->pszSSLCERT = _global_strdup( szValue ); + } + else if ( strcasecmp( pszEntryName, "SSLCIPHER" ) == 0 ) + { + if ( !pDataSource->pszSSLCIPHER ) + pDataSource->pszSSLCIPHER = _global_strdup( szValue ); + } + else if ( strcasecmp( pszEntryName, "SSLKEY" ) == 0 ) + { + if ( !pDataSource->pszSSLKEY ) + pDataSource->pszSSLKEY = _global_strdup( szValue ); + } else { /* What the ? */ @@ -277,3 +302,4 @@ return TRUE; } + Index: util/MYODBCUtilWriteConnectStr.c =================================================================== --- util/MYODBCUtilWriteConnectStr.c (revision 264) +++ util/MYODBCUtilWriteConnectStr.c (working copy) @@ -139,7 +139,58 @@ return FALSE; } + if ( pDataSource->pszSSLCA ) + { + if ( nIndex && !MYODBCUtilInsertStr( pszStr, ";", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, "SSLCA=", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, pDataSource->pszSSLCA, nMaxLen, &nIndex ) ) + return FALSE; + } + + if ( pDataSource->pszSSLCAPATH ) + { + if ( nIndex && !MYODBCUtilInsertStr( pszStr, ";", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, "SSLCAPATH=", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, pDataSource->pszSSLCAPATH, nMaxLen, &nIndex ) ) + return FALSE; + } + + if ( pDataSource->pszSSLCERT ) + { + if ( nIndex && !MYODBCUtilInsertStr( pszStr, ";", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, "SSLCERT=", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, pDataSource->pszSSLCERT, nMaxLen, &nIndex ) ) + return FALSE; + } + + if ( pDataSource->pszSSLCIPHER ) + { + if ( nIndex && !MYODBCUtilInsertStr( pszStr, ";", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, "SSLCIPHER=", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, pDataSource->pszSSLCIPHER, nMaxLen, &nIndex ) ) + return FALSE; + } + + if ( pDataSource->pszSSLKEY ) + { + if ( nIndex && !MYODBCUtilInsertStr( pszStr, ";", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, "SSLKEY=", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, pDataSource->pszSSLKEY, nMaxLen, &nIndex ) ) + return FALSE; + } + return TRUE; } + Index: util/MYODBCUtilWriteDataSourceStr.c =================================================================== --- util/MYODBCUtilWriteDataSourceStr.c (revision 264) +++ util/MYODBCUtilWriteDataSourceStr.c (working copy) @@ -162,6 +162,56 @@ return FALSE; } + if ( pDataSource->pszSSLCA ) + { + MYODBCUTILWRITEDATASOURCESTR_DELIM; + + if ( !MYODBCUtilInsertStr( pszStr, "SSLCA=", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, pDataSource->pszSSLCA, nMaxLen, &nIndex ) ) + return FALSE; + } + + if ( pDataSource->pszSSLCAPATH ) + { + MYODBCUTILWRITEDATASOURCESTR_DELIM; + + if ( !MYODBCUtilInsertStr( pszStr, "SSLCAPATH=", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, pDataSource->pszSSLCAPATH, nMaxLen, &nIndex ) ) + return FALSE; + } + + if ( pDataSource->pszSSLCERT ) + { + MYODBCUTILWRITEDATASOURCESTR_DELIM; + + if ( !MYODBCUtilInsertStr( pszStr, "SSLCERT=", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, pDataSource->pszSSLCERT, nMaxLen, &nIndex ) ) + return FALSE; + } + + if ( pDataSource->pszSSLCIPHER ) + { + MYODBCUTILWRITEDATASOURCESTR_DELIM; + + if ( !MYODBCUtilInsertStr( pszStr, "SSLCIPHER=", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, pDataSource->pszSSLCIPHER, nMaxLen, &nIndex ) ) + return FALSE; + } + + if ( pDataSource->pszSSLKEY ) + { + MYODBCUTILWRITEDATASOURCESTR_DELIM; + + if ( !MYODBCUtilInsertStr( pszStr, "SSLKEY=", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, pDataSource->pszSSLKEY, nMaxLen, &nIndex ) ) + return FALSE; + } + if ( nDelim == MYODBCUTIL_DELIM_NULL ) { MYODBCUTILWRITEDATASOURCESTR_DELIM; @@ -171,3 +221,4 @@ } + Index: util/MYODBCUtilDefaultDataSource.c =================================================================== --- util/MYODBCUtilDefaultDataSource.c (revision 264) +++ util/MYODBCUtilDefaultDataSource.c (working copy) @@ -65,6 +65,33 @@ if ( !pDataSource->pszOPTION ) pDataSource->pszOPTION = _global_strdup( "0" ); + + if( pDataSource->pszSSLCA && !pDataSource->pszSSLCA[0] ) + { + _global_free (pDataSource->pszSSLCA); + pDataSource->pszSSLCA = NULL; + } + if( pDataSource->pszSSLCAPATH && !pDataSource->pszSSLCAPATH[0] ) + { + _global_free (pDataSource->pszSSLCAPATH); + pDataSource->pszSSLCAPATH = NULL; + } + if( pDataSource->pszSSLCERT && !pDataSource->pszSSLCERT[0] ) + { + _global_free (pDataSource->pszSSLCERT); + pDataSource->pszSSLCERT = NULL; + } + if( pDataSource->pszSSLCIPHER && !pDataSource->pszSSLCIPHER[0] ) + { + _global_free (pDataSource->pszSSLCIPHER); + pDataSource->pszSSLCIPHER = NULL; + } + if( pDataSource->pszSSLKEY && !pDataSource->pszSSLKEY[0] ) + { + _global_free (pDataSource->pszSSLKEY); + pDataSource->pszSSLKEY = NULL; + } + #ifndef _UNIX_ /* Here we actually unset socket for non-UNIX as it does not apply. */ if ( pDataSource->pszSOCKET && !pDataSource->pszSOCKET[0] ) @@ -77,3 +104,4 @@ return TRUE; } + Index: util/MYODBCUtilClearDataSource.c =================================================================== --- util/MYODBCUtilClearDataSource.c (revision 264) +++ util/MYODBCUtilClearDataSource.c (working copy) @@ -83,6 +83,34 @@ _global_free( pDataSource->pszUSER ); pDataSource->pszUSER = NULL; } + + if( pDataSource->pszSSLCA) + { + _global_free (pDataSource->pszSSLCA); + pDataSource->pszSSLCA = NULL; + } + if( pDataSource->pszSSLCAPATH) + { + _global_free (pDataSource->pszSSLCAPATH); + pDataSource->pszSSLCAPATH = NULL; + } + if( pDataSource->pszSSLCERT) + { + _global_free (pDataSource->pszSSLCERT); + pDataSource->pszSSLCERT = NULL; + } + if( pDataSource->pszSSLCIPHER) + { + _global_free (pDataSource->pszSSLCIPHER); + pDataSource->pszSSLCIPHER = NULL; + } + if( pDataSource->pszSSLKEY) + { + _global_free (pDataSource->pszSSLKEY); + pDataSource->pszSSLKEY = NULL; + } + } +