Skip to content

Commit 519ea7b

Browse files
silvakidsilvakid
committed
Bug#26555814 URI ssl-* and only socket should throw error
1 parent 37a47f1 commit 519ea7b

File tree

2 files changed

+25
-1
lines changed

2 files changed

+25
-1
lines changed

devapi/session.cc

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -325,6 +325,7 @@ struct URI_parser
325325

326326
std::multimap<unsigned short, Ds_variant> m_sources;
327327
std::bitset<SessionSettings::LAST> m_options_used;
328+
bool m_has_ssl = false;
328329

329330
#ifdef WITH_SSL
330331
TLS_Options m_tls_opt;
@@ -346,6 +347,7 @@ struct URI_parser
346347
cdk::ds::Unix_socket::Options m_socket_opt;
347348
#endif
348349
unsigned short priority = 0;
350+
bool socket_only = true;
349351

350352
Add_list(Host_sources &list
351353
,const cdk::ds::TCPIP::Options& tcp_opt
@@ -363,6 +365,7 @@ struct URI_parser
363365
void operator() (const cdk::ds::TCPIP &ds_tcp)
364366
{
365367
m_list.add(ds_tcp, m_tcp_opt, priority);
368+
socket_only = false;
366369
}
367370

368371
#ifndef _WIN32
@@ -390,6 +393,10 @@ struct URI_parser
390393
add_list.priority = el->first;
391394
el->second.visit(add_list);
392395
}
396+
#ifndef _WIN32
397+
if (add_list.socket_only && m_has_ssl)
398+
throw Error("TLS connections over Unix domain socket are not supported");
399+
#endif
393400
return m_source;
394401
}
395402

@@ -450,8 +457,8 @@ struct URI_parser
450457

451458
if (lc_key == "ssl-mode")
452459
{
460+
m_has_ssl = true;
453461
#ifdef WITH_SSL
454-
455462
if (m_options_used.test(SessionSettings::SSL_MODE))
456463
{
457464
throw Error("Option ssl-mode defined twice");
@@ -473,6 +480,7 @@ struct URI_parser
473480
#endif
474481
} else if (lc_key == "ssl-ca")
475482
{
483+
m_has_ssl = true;
476484
#ifdef WITH_SSL
477485

478486
if (m_options_used.test(SessionSettings::SSL_CA))

devapi/tests/session-t.cc

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -883,6 +883,22 @@ TEST_F(Sess, unix_socket)
883883
SessionSettings::HOST, "localhost",
884884
SessionSettings::PORT, get_port());
885885

886+
887+
uri << "?ssl-mode=REQUIRED";
888+
889+
EXPECT_NO_THROW(mysqlx::Session(uri.str()));
890+
891+
std::stringstream bad_uri;
892+
893+
bad_uri << "mysqlx://" << get_user();
894+
895+
if (get_password())
896+
bad_uri << ":" << get_password();
897+
898+
bad_uri << "@(" << get_socket() << ")/test?ssl-mode=REQUIRED";
899+
900+
EXPECT_THROW(mysqlx::Session(bad_uri.str()), Error);
901+
886902
}
887903
#endif //_WIN32
888904

0 commit comments

Comments
 (0)