Bug#25530569 Fix "Invalid value type" when passing SSL_CA as

SessionSettings

Author: silvakid

devapi/session.cc

@@ -272,14 +272,21 @@ internal::XSession_base::XSession_base(SessionSettings settings)
               settings[SessionSettings::DB].get<string>()
             );
 
-      if (settings.has_option(SessionSettings::SSL_ENABLE))
+      if (settings.has_option(SessionSettings::SSL_ENABLE) ||
+          settings.has_option(SessionSettings::SSL_CA))
       {
 #ifdef WITH_SSL
-        cdk::connection::TLS::Options opt_ssl(settings[SessionSettings::SSL_ENABLE]);
+
+        //ssl_enable by default, unless SSL_ENABLE = false
+        bool ssl_enable = true;
+        if (settings.has_option(SessionSettings::SSL_ENABLE))
+          ssl_enable = settings[SessionSettings::SSL_ENABLE];
+
+        cdk::connection::TLS::Options opt_ssl(ssl_enable);
 
 
         if (settings.has_option(SessionSettings::SSL_CA))
-          opt_ssl.set_ca(settings[SessionSettings::SSL_ENABLE].get<string>());
+          opt_ssl.set_ca(settings[SessionSettings::SSL_CA].get<string>());
 
         opt.set_tls(opt_ssl);
 #else

devapi/tests/session-t.cc

@@ -432,7 +432,7 @@ TEST_F(Sess, ssl_session)
   }
 
 
-  //using wrong ssl-ca and ssl-ca-path as SessionSettings
+  //using wrong ssl-ca as SessionSettings
   {
     EXPECT_THROW(
     mysqlx::XSession sess(SessionSettings::PORT, get_port(),
@@ -497,6 +497,62 @@ TEST_F(Sess, ssl_session)
     EXPECT_FALSE(cipher.empty());
   }
 
+  //using ssl-enable and ssl-ca as SessionSettings
+  {
+    mysqlx::XSession sess(SessionSettings::PORT, get_port(),
+                          SessionSettings::USER,get_user(),
+                          SessionSettings::PWD, get_password() ? get_password() : NULL ,
+                          SessionSettings::SSL_ENABLE, true,
+                          SessionSettings::SSL_CA, ssl_ca);
+
+    SqlResult res =  sess.bindToDefaultShard().sql("SHOW STATUS LIKE 'mysqlx_ssl_cipher'").execute();
+
+    auto row = res.fetchOne();
+    cout << row[0] << ":" << row[1] << endl;
+
+    string cipher = row[1];
+
+    EXPECT_FALSE(cipher.empty());
+
+  }
+
+  //using ssl-ca as SessionSettings
+  {
+    mysqlx::XSession sess(SessionSettings::PORT, get_port(),
+                          SessionSettings::USER,get_user(),
+                          SessionSettings::PWD, get_password() ? get_password() : NULL ,
+                          SessionSettings::SSL_CA, ssl_ca);
+
+    SqlResult res =  sess.bindToDefaultShard().sql("SHOW STATUS LIKE 'mysqlx_ssl_cipher'").execute();
+
+    auto row = res.fetchOne();
+    cout << row[0] << ":" << row[1] << endl;
+
+    string cipher = row[1];
+
+    EXPECT_FALSE(cipher.empty());
+
+  }
+
+  //using ssl-ca but ssl-enable = false on SessionSettings
+  {
+    mysqlx::XSession sess(SessionSettings::PORT, get_port(),
+                          SessionSettings::USER,get_user(),
+                          SessionSettings::PWD, get_password() ? get_password() : NULL ,
+                          SessionSettings::SSL_ENABLE, false,
+                          SessionSettings::SSL_CA, ssl_ca);
+
+    SqlResult res =  sess.bindToDefaultShard().sql("SHOW STATUS LIKE 'mysqlx_ssl_cipher'").execute();
+
+    auto row = res.fetchOne();
+    cout << row[0] << ":" << row[1] << endl;
+
+    string cipher = row[1];
+
+    EXPECT_TRUE(cipher.empty());
+
+  }
+
 }
 
 TEST_F(Sess, ipv6)