Index: driver/connect.c =================================================================== --- driver/connect.c (revision 1016) +++ driver/connect.c (working copy) @@ -146,8 +146,9 @@ /* set SSL parameters */ mysql_ssl_set(mysql, ds->pszSSLKEY, ds->pszSSLCERT, ds->pszSSLCA, ds->pszSSLCAPATH, ds->pszSSLCIPHER); - mysql_options(mysql, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, - (const char *)&opt_ssl_verify_server_cert); + if (ds->pszSSLVERIFY) + mysql_options(mysql, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, + (const char *)&opt_ssl_verify_server_cert); if (!mysql_real_connect(mysql, ds->pszSERVER, ds->pszUSER, ds->pszPASSWORD, ds->pszDATABASE, port, ds->pszSOCKET, flags)) Index: setup/MYODBCSetupDataSourceTab2.cpp =================================================================== --- setup/MYODBCSetupDataSourceTab2.cpp (revision 1016) +++ setup/MYODBCSetupDataSourceTab2.cpp (working copy) @@ -29,7 +29,8 @@ QString stringSSLCert, QString stringSSLCA, QString stringSSLCAPath, - QString stringSSLCipher ) + QString stringSSLCipher, + QString stringSSLVerify ) : QWidget( pwidgetParent ) { @@ -43,6 +44,7 @@ plineeditSSLCA->setText( stringSSLCA ); plineeditSSLCAPath->setText( stringSSLCAPath ); plineeditSSLCipher->setText( stringSSLCipher ); + pcheckboxSSLVerify->setChecked( stringSSLVerify == "1" ? TRUE : FALSE ); } MYODBCSetupDataSourceTab2::MYODBCSetupDataSourceTab2( QWidget *pwidgetParent ) @@ -95,6 +97,11 @@ { plineeditSSLCipher->setText( stringSSLCipher ); } + +void MYODBCSetupDataSourceTab2::setSSLVerify( const QString &stringSSLVerify ) +{ + pcheckboxSSLVerify->setChecked( stringSSLVerify == "1" ? TRUE : FALSE ); +} QString MYODBCSetupDataSourceTab2::getPort() { @@ -141,6 +148,11 @@ return plineeditSSLCipher->text(); } +QString MYODBCSetupDataSourceTab2::getSSLVerify() +{ + return pcheckboxSSLVerify->isChecked() ? "1" : ""; +} + void MYODBCSetupDataSourceTab2::doInit() { QString stringPort( tr("The TCP/IP port to use if server is not localhost.\nOptional: Yes (silently uses default)\nDefault: 3306") ); @@ -152,6 +164,7 @@ QString stringSSLCA( tr("The path to a file that contains a list of \ntrusted SSL CAs.\nOptional: Yes") ); QString stringSSLCAPath( tr("The path to a directory that contains \ntrusted SSL CA certificates in PEM format.\nOptional: Yes") ); QString stringSSLCipher( tr("A list of allowable ciphers to use for SSL encryption.\nExample: ALL:-AES:-EXP\nOptional: Yes") ); + QString stringSSLVerify( tr("The option causes the server's Common Name value in its certificate to be verified against the hostname used when connecting to the server, and the connection is rejected if there is a mismatch\nDefault: disabled") ); #if QT_VERSION >= 0x040000 QGridLayout * playoutFields = new QGridLayout(); setLayout( playoutFields ); @@ -276,6 +289,16 @@ QToolTip::add( plineeditSSLCipher, stringSSLCipher ); #endif nRow++; + + pcheckboxSSLVerify = new MYODBCSetupCheckBox( "Verify SSL Certificate", this ); + pcheckboxSSLVerify->setAssistText( stringSSLVerify ); + playoutFields->addWidget( pcheckboxSSLVerify, nRow, nColField ); +#if QT_VERSION >= 0x040000 + pcheckboxSSLVerify->setToolTip( stringSSLVerify ); +#else + QToolTip::add( pcheckboxSSLVerify, stringSSLVerify ); +#endif + nRow++; } Index: setup/MYODBCSetupDataSourceDialog.cpp =================================================================== --- setup/MYODBCSetupDataSourceDialog.cpp (revision 1016) +++ setup/MYODBCSetupDataSourceDialog.cpp (working copy) @@ -229,6 +229,8 @@ pDataSource->pszSSLCAPATH = _global_strdup( ptab2->getSSLCAPath().toAscii() ); if ( !ptab2->getSSLCipher().isEmpty() ) pDataSource->pszSSLCIPHER = _global_strdup( ptab2->getSSLCipher().toAscii() ); + if ( !ptab2->getSSLVerify().isEmpty() ) + pDataSource->pszSSLVERIFY = _global_strdup( ptab2->getSSLVerify().toAscii() ); #else if ( !ptab1->getDataSourceName().isEmpty() ) @@ -262,6 +264,8 @@ pDataSource->pszSSLCAPATH = _global_strdup( ptab2->getSSLCAPath().ascii() ); if ( !ptab2->getSSLCipher().isEmpty() ) pDataSource->pszSSLCIPHER = _global_strdup( ptab2->getSSLCipher().ascii() ); + if ( !ptab2->getSSLVerify().isEmpty() ) + pDataSource->pszSSLVERIFY = _global_strdup( ptab2->getSSLVerify().ascii() ); #endif unsigned int nFlags = ptab3->getFlags(); @@ -397,6 +401,7 @@ ptab2->setSSLCA( pDataSource->pszSSLCA ); ptab2->setSSLCAPath( pDataSource->pszSSLCAPATH ); ptab2->setSSLCipher( pDataSource->pszSSLCIPHER ); + ptab2->setSSLVerify( pDataSource->pszSSLVERIFY ); ptab1->setUser( pDataSource->pszUSER ); if ( pDataSource->pszOPTION ) @@ -454,6 +459,7 @@ connect( ptab2->plineeditSSLCA, SIGNAL(signalAssistText(const QString&)), ptextbrowserAssist, SLOT(setHtml(const QString&)) ); connect( ptab2->plineeditSSLCAPath, SIGNAL(signalAssistText(const QString&)), ptextbrowserAssist, SLOT(setHtml(const QString&)) ); connect( ptab2->plineeditSSLCipher, SIGNAL(signalAssistText(const QString&)), ptextbrowserAssist, SLOT(setHtml(const QString&)) ); + connect( ptab2->pcheckboxSSLVerify, SIGNAL(signalAssistText(const QString&)), ptextbrowserAssist, SLOT(setHtml(const QString&)) ); connect( ptab3->ptab3a->pcheckboxReturnMatchingRows, SIGNAL(signalAssistText(const QString&)), ptextbrowserAssist, SLOT(setHtml(const QString&)) ); connect( ptab3->ptab3a->pcheckboxAllowBigResults, SIGNAL(signalAssistText(const QString&)), ptextbrowserAssist, SLOT(setHtml(const QString&)) ); connect( ptab3->ptab3a->pcheckboxUseCompressedProtocol, SIGNAL(signalAssistText(const QString&)), ptextbrowserAssist, SLOT(setHtml(const QString&)) ); @@ -690,6 +696,8 @@ stringConnectIn+= ";SSLCAPATH=" + ptab2->getSSLCAPath(); if (!ptab2->getSSLCipher().isEmpty()) stringConnectIn+= ";SSLCIPHER=" + ptab2->getSSLCipher(); + if (!ptab2->getSSLVerify().isEmpty()) + stringConnectIn+= ";SSLVERIFY=" + ptab2->getSSLVerify(); return stringConnectIn; } Index: setup/MYODBCSetupDataSourceTab2.h =================================================================== --- setup/MYODBCSetupDataSourceTab2.h (revision 1016) +++ setup/MYODBCSetupDataSourceTab2.h (working copy) @@ -31,6 +31,7 @@ #include "MYODBCSetup.h" #include "MYODBCSetupLineEdit.h" #include "MYODBCSetupComboBoxDatabases.h" +#include "MYODBCSetupCheckBox.h" class MYODBCSetupDataSourceDialog; @@ -49,7 +50,8 @@ QString stringSSLCert, QString stringSSLCA, QString stringSSLCAPath, - QString stringSSLCipher ); + QString stringSSLCipher, + QString stringSSLVerify ); MYODBCSetupDataSourceTab2( QWidget *pwidgetParent ); @@ -62,6 +64,7 @@ void setSSLCA( const QString &stringSSLCA ); void setSSLCAPath( const QString &stringSSLCApath ); void setSSLCipher( const QString &stringSSLCipher ); + void setSSLVerify( const QString &stringSSLVerify ); QString getPort(); QString getSocket(); @@ -72,6 +75,7 @@ QString getSSLCA(); QString getSSLCAPath(); QString getSSLCipher(); + QString getSSLVerify(); signals: void signalRequestCharsetNames(); @@ -86,6 +90,7 @@ MYODBCSetupLineEdit * plineeditSSLCA; MYODBCSetupLineEdit * plineeditSSLCAPath; MYODBCSetupLineEdit * plineeditSSLCipher; + MYODBCSetupCheckBox * pcheckboxSSLVerify; void doInit(); }; Index: util/MYODBCUtilWriteDataSource.c =================================================================== --- util/MYODBCUtilWriteDataSource.c (revision 1016) +++ util/MYODBCUtilWriteDataSource.c (working copy) @@ -85,6 +85,9 @@ if ( pDataSource->pszSSLKEY && !SQLWritePrivateProfileString( pDataSource->pszDSN, "SSLKEY", pDataSource->pszSSLKEY, "odbc.ini" ) ) return FALSE; + if ( pDataSource->pszSSLVERIFY && + !SQLWritePrivateProfileString( pDataSource->pszDSN, "SSLVERIFY", pDataSource->pszSSLVERIFY, "odbc.ini" ) ) + return FALSE; if (pDataSource->pszCHARSET && !SQLWritePrivateProfileString(pDataSource->pszDSN, "CHARSET", pDataSource->pszCHARSET, "odbc.ini")) Index: util/MYODBCUtilReadConnectStr.c =================================================================== --- util/MYODBCUtilReadConnectStr.c (revision 1016) +++ util/MYODBCUtilReadConnectStr.c (working copy) @@ -197,6 +197,11 @@ if ( !pDataSource->pszSSLKEY ) pDataSource->pszSSLKEY = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); } + else if ( strcasecmp( pszName, "SSLVERIFY" ) == 0 ) + { + if ( !pDataSource->pszSSLVERIFY ) + pDataSource->pszSSLVERIFY = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); + } else if (strcasecmp(pszName, "CHARSET") == 0) { if (!pDataSource->pszCHARSET) Index: util/MYODBCUtilReadDataSourceStr.c =================================================================== --- util/MYODBCUtilReadDataSourceStr.c (revision 1016) +++ util/MYODBCUtilReadDataSourceStr.c (working copy) @@ -282,6 +282,11 @@ if ( !pDataSource->pszSSLKEY ) pDataSource->pszSSLKEY = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); } + else if ( strcasecmp( pszName, "SSLVERIFY" ) == 0 ) + { + if ( !pDataSource->pszSSLVERIFY ) + pDataSource->pszSSLVERIFY = (char *)_global_strndup( pAnchorChar, pScanChar - pAnchorChar ); + } else if (strcasecmp(pszName, "CHARSET") == 0) { if (!pDataSource->pszCHARSET) Index: util/MYODBCUtil.h =================================================================== --- util/MYODBCUtil.h (revision 1016) +++ util/MYODBCUtil.h (working copy) @@ -181,6 +181,7 @@ char *pszSSLCA; /* pathname to SSL certificate authority file */ char *pszSSLCAPATH; /* pathname to a directory that contains SSL ceritificate authority files */ char *pszSSLCIPHER; /* pathname to a list of allowable ciphers */ + char *pszSSLVERIFY; /* verify server certificate (see --ssl-verify-server-cert */ char *pszCHARSET; /* default charset to use for connection */ MYODBCUTIL_DATASOURCE_MODE nMode; /* ConfigDSN mode or SQLDriverConnect mode. */ Index: util/MYODBCUtilReadDataSource.c =================================================================== --- util/MYODBCUtilReadDataSource.c (revision 1016) +++ util/MYODBCUtilReadDataSource.c (working copy) @@ -211,6 +211,11 @@ if ( !pDataSource->pszSSLKEY ) pDataSource->pszSSLKEY = _global_strdup( szValue ); } + else if ( strcasecmp( pszEntryName, "SSLVERIFY" ) == 0 ) + { + if ( !pDataSource->pszSSLVERIFY ) + pDataSource->pszSSLVERIFY = _global_strdup( szValue ); + } else if (strcasecmp(pszEntryName, "CHARSET") == 0) { if (!pDataSource->pszCHARSET) Index: util/MYODBCUtilWriteConnectStr.c =================================================================== --- util/MYODBCUtilWriteConnectStr.c (revision 1016) +++ util/MYODBCUtilWriteConnectStr.c (working copy) @@ -189,6 +189,16 @@ return FALSE; } + if ( pDataSource->pszSSLVERIFY ) + { + if ( !MYODBCUtilInsertStr( pszStr, "SSLVERIFY=", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, pDataSource->pszSSLVERIFY, nMaxLen, &nIndex ) ) + return FALSE; + if ( nIndex && !MYODBCUtilInsertStr( pszStr, ";", nMaxLen, &nIndex ) ) + return FALSE; + } + if (pDataSource->pszCHARSET) { if (nIndex && !MYODBCUtilInsertStr(pszStr, ";", nMaxLen, &nIndex)) Index: util/MYODBCUtilWriteDataSourceStr.c =================================================================== --- util/MYODBCUtilWriteDataSourceStr.c (revision 1016) +++ util/MYODBCUtilWriteDataSourceStr.c (working copy) @@ -212,6 +212,16 @@ return FALSE; } + if ( pDataSource->pszSSLVERIFY ) + { + MYODBCUTILWRITEDATASOURCESTR_DELIM; + + if ( !MYODBCUtilInsertStr( pszStr, "SSLVERIFY=", nMaxLen, &nIndex ) ) + return FALSE; + if ( !MYODBCUtilInsertStr( pszStr, pDataSource->pszSSLVERIFY, nMaxLen, &nIndex ) ) + return FALSE; + } + if (pDataSource->pszCHARSET) { MYODBCUTILWRITEDATASOURCESTR_DELIM; Index: util/MYODBCUtilDefaultDataSource.c =================================================================== --- util/MYODBCUtilDefaultDataSource.c (revision 1016) +++ util/MYODBCUtilDefaultDataSource.c (working copy) @@ -90,6 +90,11 @@ _global_free (pDataSource->pszSSLKEY); pDataSource->pszSSLKEY = NULL; } + if( pDataSource->pszSSLVERIFY && !pDataSource->pszSSLVERIFY[0] ) + { + _global_free (pDataSource->pszSSLVERIFY); + pDataSource->pszSSLVERIFY = NULL; + } if (pDataSource->pszCHARSET && !pDataSource->pszCHARSET[0] ) { _global_free(pDataSource->pszCHARSET); Index: util/MYODBCUtilClearDataSource.c =================================================================== --- util/MYODBCUtilClearDataSource.c (revision 1016) +++ util/MYODBCUtilClearDataSource.c (working copy) @@ -104,6 +104,11 @@ _global_free (pDataSource->pszSSLCIPHER); pDataSource->pszSSLCIPHER = NULL; } + if( pDataSource->pszSSLVERIFY) + { + _global_free (pDataSource->pszSSLVERIFY); + pDataSource->pszSSLVERIFY = NULL; + } if( pDataSource->pszSSLKEY) { _global_free (pDataSource->pszSSLKEY);