Skip to content

Commit c8fce60

Browse files
committed
Bug#26555814 URI ssl-* and only socket should throw error (XAPI
imlpementation)
1 parent 519ea7b commit c8fce60

File tree

3 files changed

+53
-2
lines changed

3 files changed

+53
-2
lines changed

xapi/mysqlx_cc_internal.h

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -404,6 +404,8 @@ typedef struct mysqlx_session_options_struct
404404

405405
std::bitset<LAST> m_options_used;
406406

407+
bool m_has_ssl = false;
408+
407409
/*
408410
This struct extends cdk::ds::TCPIP to allow setting
409411
host and port at any time
@@ -469,6 +471,7 @@ typedef struct mysqlx_session_options_struct
469471
{
470472
Host_list &m_list;
471473
unsigned short priority = 0;
474+
bool socket_only = true;
472475
Host_list::const_iterator &m_last_tcpip;
473476
#ifndef _WIN32
474477
Host_list::const_iterator &m_last_socket;
@@ -490,7 +493,8 @@ typedef struct mysqlx_session_options_struct
490493

491494
void operator() (const TCPIP_t &ds_tcp)
492495
{
493-
m_last_tcpip = m_list.emplace(priority, ds_tcp);
496+
m_last_tcpip = m_list.emplace(priority, ds_tcp);
497+
socket_only = false;
494498
}
495499

496500
#ifndef _WIN32

xapi/session.cc

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -536,7 +536,6 @@ void mysqlx_session_options_struct::set_multiple_options(va_list args)
536536

537537
ds = TCPIP_t(char_data);
538538
selected_type = TCPIP_type;
539-
540539
break;
541540
case MYSQLX_OPT_PORT:
542541
uint_data = (va_arg(args, unsigned int));
@@ -601,10 +600,12 @@ void mysqlx_session_options_struct::set_multiple_options(va_list args)
601600
case MYSQLX_OPT_SSL_CA:
602601
char_data = va_arg(args, char*);
603602
set_ssl_ca(char_data);
603+
m_has_ssl = true;
604604
break;
605605
case MYSQLX_OPT_SSL_MODE:
606606
uint_data = va_arg(args, unsigned int);
607607
set_ssl_mode(mysqlx_ssl_mode_t(uint_data));
608+
m_has_ssl = true;
608609
break;
609610
#else
610611
case MYSQLX_OPT_SSL_MODE:
@@ -653,6 +654,7 @@ mysqlx_session_options_struct::get_multi_source() const
653654
#endif //_WIN32
654655

655656
unsigned short m_priority;
657+
bool m_socket_only = true;
656658

657659
Sources_add(Host_sources& sources
658660
,cdk::ds::TCPIP::Options &tcp_opt
@@ -670,6 +672,7 @@ mysqlx_session_options_struct::get_multi_source() const
670672
void operator()(const cdk::ds::mysqlx::TCPIP& to_add)
671673
{
672674
m_sources.add(to_add, m_tcp_opt, m_priority);
675+
m_socket_only = false;
673676
}
674677

675678
#ifndef _WIN32
@@ -711,6 +714,10 @@ mysqlx_session_options_struct::get_multi_source() const
711714
it->second.visit(sources);
712715

713716
}
717+
#ifndef _WIN32
718+
if (sources.m_socket_only && m_has_ssl)
719+
throw Mysqlx_exception("TLS connections over Unix domain socket are not supported");
720+
#endif
714721
return self->m_ms;
715722
}
716723

@@ -825,6 +832,7 @@ void mysqlx_session_options_struct::key_val(const std::string& key, const std::s
825832

826833
if (lc_key.find("ssl-", 0) == 0)
827834
{
835+
m_has_ssl = true;
828836
#ifdef WITH_SSL
829837
if (lc_key == "ssl-ca")
830838
{

xapi/tests/xapi-t.cc

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1632,6 +1632,45 @@ TEST_F(xapi, unix_socket)
16321632

16331633
mysqlx_free_options(opt);
16341634

1635+
1636+
uri << "?ssl-mode=REQUIRED";
1637+
1638+
local_sess = mysqlx_get_session_from_url(uri.str().c_str(),
1639+
conn_error,
1640+
&conn_err_code);
1641+
if (local_sess)
1642+
{
1643+
mysqlx_session_close(local_sess);
1644+
FAIL() << "ssl-mode used on unix domain socket";
1645+
}
1646+
1647+
std::cout << "Expected connection error: " << conn_err_code << std::endl;
1648+
1649+
opt = mysqlx_session_options_new();
1650+
1651+
EXPECT_EQ(RESULT_OK,
1652+
mysqlx_session_option_set(opt,
1653+
OPT_SOCKET(m_xplugin_socket),
1654+
OPT_USER(m_xplugin_usr),
1655+
OPT_PWD(m_xplugin_pwd),
1656+
OPT_SSL_MODE(SSL_MODE_REQUIRED),
1657+
PARAM_END
1658+
)
1659+
);
1660+
1661+
local_sess = mysqlx_get_session_from_options(opt, conn_error, &conn_err_code);
1662+
1663+
mysqlx_free_options(opt);
1664+
1665+
if (local_sess)
1666+
{
1667+
mysqlx_session_close(local_sess);
1668+
FAIL() << "ssl-mode used on unix domain socket";
1669+
}
1670+
1671+
std::cout << "Expected connection error: " << conn_err_code << std::endl;
1672+
1673+
16351674
std::cout << "Done" << std::endl;
16361675
}
16371676
#endif //_WIN32

0 commit comments

Comments
 (0)