New mtls connection #51
Conversation
1) util/src_util/ut_mysql_tls_connection.c - the unitest for a TLS connection. Note password is needed. 2) util/src_util/ut_mysql_m_tls_connection.c - the unitest for a mTLS connection. Note password is MOT needed. 3) src/src_mysql/sadb_routine_mariadb.template.c - midified sadb_init() to support TLS,mTLS, and regular non-encrypted connection. 4) crypto.h - modified Crypto_Config_MariaDB() to support extra parameters related to TLS and/or mTLS encrypted connection. 5) crypto_config.c - modified 6) crypto_config_structs.h - modified SadbMariaDBConfig_t to support parameters related to tLS/mTLS
1) util/src_util/ut_mysql_tls_connection.c - the unitest for a TLS connection. Note password is needed. 2) util/src_util/ut_mysql_m_tls_connection.c - the unitest for a mTLS connection. Note password is MOT needed. 3) src/src_mysql/sadb_routine_mariadb.template.c - midified sadb_init() to support TLS,mTLS, and regular non-encrypted connection. 4) crypto.h - modified Crypto_Config_MariaDB() to support extra parameters related to TLS and/or mTLS encrypted connection. 5) crypto_config.c - modified 6) crypto_config_structs.h - modified SadbMariaDBConfig_t to support parameters related to tLS/mTLS
There was a problem hiding this comment.
The only difference between:
if (sadb_mariadb_config->encrypted_connection == 1) {
&&
if (sadb_mariadb_config->encrypted_connection == 2) {
is that you pass in NULL or a password for the mysql_password field. They are both mTLS.
Remove the second if block and rely on the configuration to be set or default to NULL for mysql_password.
Also, you don’t need a separate unit test file for each test… just combine them into one.
1) util/src_util/ut_mysql_tls_connection.c - removed 2) util/src_util/ut_mysql_m_tls_connection.c - combined TLS with mTLS test 3) src/src_mysql/sadb_routine_mariadb.template.c - removed extra if statement
|
@IbraheemYSaleh, The 2 changes you requested are committed, please do a pull. If you cant see them I can create a new pull request on my side. Tests are successful: You will need to manually add the password to run the test (The pass is in an email from last week). |
1) util/src_util/ut_mysql_m_tls_connection.c - removed password
Codecov Report
@@ Coverage Diff @@
## collab_main #51 +/- ##
===============================================
- Coverage 60.76% 58.93% -1.83%
===============================================
Files 20 22 +2
Lines 3362 3395 +33
===============================================
- Hits 2043 2001 -42
- Misses 1319 1394 +75
Continue to review full report at Codecov.
|
New functionality supports both TLS & mTLS to mariaDB.
In order to test:
build project with "cmake -DDEBUG=ON -DMYSQL=ON . "
make clean all build
You mariaDB must be pre-configured for encrypted connections.
a) For TLS, run (Note this will fail without a proper password for usertest1)
./build/bin/ut_mysql_tls_connection
b) For mTLS, run (No password is required)
./build/bin/ut_mysql_m_tls_connection