-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New mtls connection #51
Conversation
1) util/src_util/ut_mysql_tls_connection.c - the unitest for a TLS connection. Note password is needed. 2) util/src_util/ut_mysql_m_tls_connection.c - the unitest for a mTLS connection. Note password is MOT needed. 3) src/src_mysql/sadb_routine_mariadb.template.c - midified sadb_init() to support TLS,mTLS, and regular non-encrypted connection. 4) crypto.h - modified Crypto_Config_MariaDB() to support extra parameters related to TLS and/or mTLS encrypted connection. 5) crypto_config.c - modified 6) crypto_config_structs.h - modified SadbMariaDBConfig_t to support parameters related to tLS/mTLS
1) util/src_util/ut_mysql_tls_connection.c - the unitest for a TLS connection. Note password is needed. 2) util/src_util/ut_mysql_m_tls_connection.c - the unitest for a mTLS connection. Note password is MOT needed. 3) src/src_mysql/sadb_routine_mariadb.template.c - midified sadb_init() to support TLS,mTLS, and regular non-encrypted connection. 4) crypto.h - modified Crypto_Config_MariaDB() to support extra parameters related to TLS and/or mTLS encrypted connection. 5) crypto_config.c - modified 6) crypto_config_structs.h - modified SadbMariaDBConfig_t to support parameters related to tLS/mTLS
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The only difference between:
if (sadb_mariadb_config->encrypted_connection == 1) {
&&
if (sadb_mariadb_config->encrypted_connection == 2) {
is that you pass in NULL or a password for the mysql_password field. They are both mTLS.
Remove the second if block and rely on the configuration to be set or default to NULL for mysql_password.
Also, you don’t need a separate unit test file for each test… just combine them into one.
1) util/src_util/ut_mysql_tls_connection.c - removed 2) util/src_util/ut_mysql_m_tls_connection.c - combined TLS with mTLS test 3) src/src_mysql/sadb_routine_mariadb.template.c - removed extra if statement
@IbraheemYSaleh, The 2 changes you requested are committed, please do a pull. If you cant see them I can create a new pull request on my side. Tests are successful: You will need to manually add the password to run the test (The pass is in an email from last week). |
1) util/src_util/ut_mysql_m_tls_connection.c - removed password
Codecov Report
@@ Coverage Diff @@
## collab_main #51 +/- ##
===============================================
- Coverage 60.76% 58.93% -1.83%
===============================================
Files 20 22 +2
Lines 3362 3395 +33
===============================================
- Hits 2043 2001 -42
- Misses 1319 1394 +75
Continue to review full report at Codecov.
|
New functionality supports both TLS & mTLS to mariaDB.
In order to test:
build project with "cmake -DDEBUG=ON -DMYSQL=ON . "
make clean all build
You mariaDB must be pre-configured for encrypted connections.
a) For TLS, run (Note this will fail without a proper password for usertest1)
./build/bin/ut_mysql_tls_connection
b) For mTLS, run (No password is required)
./build/bin/ut_mysql_m_tls_connection