Thanks to visit codestin.com
Credit goes to github.com

Skip to content

SSL Mode support for MySQL #337

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
tkurylek opened this issue Dec 5, 2022 · 3 comments · Fixed by #349
Closed

SSL Mode support for MySQL #337

tkurylek opened this issue Dec 5, 2022 · 3 comments · Fixed by #349

Comments

@tkurylek
Copy link

tkurylek commented Dec 5, 2022

Hello!

I would like to ask if there's a plan to support sslMode configuration for MySQL database? According to FAQ, currently, only PostgreSQL is supported. I also noticed that com.github.jasync.sql.db.SSLConfiguration defaults to sslMode=disabled mode for MySQL which leads to problems when the MySQL Server is configured to enforce SSL connections.

I had a look at the implementation details and found that this library integrates with R2DBC SPI (https://r2dbc.io/spec/0.8.1.RELEASE/spec/html/#overview.connection.discovery). The driver will be discovered by R2DBC SPI which will use com.github.jasync.r2dbc.mysql.MysqlConnectionFactoryProvider#create to create io.r2dbc.spi.ConnectionFactory object:

// from: com.github.jasync.r2dbc.mysql.MysqlConnectionFactoryProvider#create
@Suppress("NULLABILITY_MISMATCH_BASED_ON_JAVA_ANNOTATIONS")
override fun create(connectionFactoryOptions: ConnectionFactoryOptions): JasyncConnectionFactory {
    val configuration = Configuration(
        host = connectionFactoryOptions.getValue(HOST),
        port = connectionFactoryOptions.getValue(PORT),
        username = connectionFactoryOptions.getValue(USER),
        password = connectionFactoryOptions.getValue(PASSWORD)?.toString(),
        database = connectionFactoryOptions.getValue(DATABASE),
        applicationName = connectionFactoryOptions.getValue(APPLICATION_NAME),
        connectionTimeout = connectionFactoryOptions.getValue(CONNECT_TIMEOUT)?.toMillis()?.toInt() ?: 5000,
        queryTimeout = connectionFactoryOptions.getValue(QUERY_TIMEOUT)
    )
    return JasyncConnectionFactory(MySQLConnectionFactory(configuration))
}

The above method does not configure com.github.jasync.sql.db.SSLConfiguration and thus, the default sslMode (Mode.Disable) will be used. Even though, the connectionFactoryOptions could have the option ssl set to true or any sslMode parameter specified.

I suspect that changing this factory to interpret the ssl and sslMode parameter of connectionFactoryOptions would quickly resolve the issue. It seems that com.github.jasync.sql.db.mysql.MySQLConnection#onHandshake already supports SSL.

I would be happy to contribute and resolve this issue. But first I would like to make sure:

  • Is my understanding of current implementation described above correct?
  • The ssl option in connectionFactoryOptions would return true in case the secure protocol (r2dbcs) is used. However how should it handle the combination of secure protocol and sslMode=disabled, for example through the following connection string: r2dbcs:mysql://example.com?sslMode=disabled?
  • Should my contribution also support other MySQL parameters. If so, would anyone be able to specify which? I know there are legacy parameters like 'useSSL', 'requireSSL', and 'verifyServerCertificate' which are still accepted but translated into a value for 'sslMode' by MySQL Server. The com.github.jasync.sql.db.SSLConfiguration also accepts sslrootcert, sslcert, sslkey.

Thanks!
@github-actions
Copy link

github-actions bot commented Dec 5, 2022

Thank you for reporting an issue. See the wiki for documentation and gitter for questions.

@oshai
Copy link
Contributor

oshai commented Dec 8, 2022

Hi, jasync-mysql ssl support was added in #222. So I think your assumption that adding support to r2dbc should be straight forward is correct and contribution is welcome.

IIRC url parsing is done by the spi impl (which is not part of the driver) and the driver gets the options directly.

You're welcome to try that and support any parameter you see fit. Thanks!

1 similar comment
@oshai
Copy link
Contributor

oshai commented Dec 8, 2022

Hi, jasync-mysql ssl support was added in #222. So I think your assumption that adding support to r2dbc should be straight forward is correct and contribution is welcome.

IIRC url parsing is done by the spi impl (which is not part of the driver) and the driver gets the options directly.

You're welcome to try that and support any parameter you see fit. Thanks!

tkurylek pushed a commit to tkurylek/jasync-sql that referenced this issue Jan 2, 2023
SSLMode support for MysqlConnectionFactoryProvider
f820caa 
Fixes jasync-sql#337
@tkurylek tkurylek mentioned this issue Jan 2, 2023
Merged
tkurylek pushed a commit to tkurylek/jasync-sql that referenced this issue Jan 2, 2023
SSLMode support for MysqlConnectionFactoryProvider
6542087 
Fixes jasync-sql#337
oshai pushed a commit that referenced this issue Jan 12, 2023
@oshai
SSLMode support for MysqlConnectionFactoryProvider
613b46d 
Fixes #337
@DarrylWong DarrylWong mentioned this issue Jan 23, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

SSLMode support for MysqlConnectionFactoryProvider tkurylek/jasync-sql
2 participants
@tkurylek @oshai