-
Notifications
You must be signed in to change notification settings - Fork 986
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added SSLKEYLOGFILE support in mariadb client library
- Loading branch information
1 parent
8f899e3
commit beb9319
Showing
5 changed files
with
100 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
14 changes: 14 additions & 0 deletions
14
deps/mariadb-client-library/ma_common.h.sslkeylogfile.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| @@ -78,12 +78,13 @@ | ||
| my_bool (*set_option)(MYSQL *mysql, const char *config_option, const char *config_value); | ||
| HASH userdata; | ||
| char *server_public_key; | ||
| char *proxy_header; | ||
| size_t proxy_header_len; | ||
| int (*io_wait)(my_socket handle, my_bool is_read, int timeout); | ||
| + void (*ssl_keylog_callback)(const void *ssl, const char *line); | ||
| }; | ||
|
|
||
| typedef struct st_connection_handler | ||
| { | ||
| struct st_ma_connection_plugin *plugin; | ||
| void *data; |
32 changes: 32 additions & 0 deletions
32
deps/mariadb-client-library/mariadb_lib.c.sslkeylogfile.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| @@ -3277,12 +3277,15 @@ | ||
| case MYSQL_OPT_SSL_CRL: | ||
| OPT_SET_EXTENDED_VALUE_STR(&mysql->options, ssl_crl, (char *)arg1); | ||
| break; | ||
| case MYSQL_OPT_SSL_CRLPATH: | ||
| OPT_SET_EXTENDED_VALUE_STR(&mysql->options, ssl_crlpath, (char *)arg1); | ||
| break; | ||
| + case MARIADB_OPT_SSL_KEYLOG_CALLBACK: | ||
| + OPT_SET_EXTENDED_VALUE(&mysql->options, ssl_keylog_callback, arg1); | ||
| + break; | ||
| case MYSQL_OPT_CONNECT_ATTR_DELETE: | ||
| { | ||
| uchar *h; | ||
| CHECK_OPT_EXTENSION_SET(&mysql->options); | ||
| if (hash_inited(&mysql->options.extension->connect_attrs) && | ||
| (h= (uchar *)hash_search(&mysql->options.extension->connect_attrs, (uchar *)arg1, | ||
| @@ -3614,12 +3617,15 @@ | ||
| case MYSQL_OPT_SSL_CRL: | ||
| *((char **)arg)= mysql->options.extension ? mysql->options.ssl_cipher : NULL; | ||
| break; | ||
| case MYSQL_OPT_SSL_CRLPATH: | ||
| *((char **)arg)= mysql->options.extension ? mysql->options.extension->ssl_crlpath : NULL; | ||
| break; | ||
| + case MARIADB_OPT_SSL_KEYLOG_CALLBACK: | ||
| + *((void(**)(const void *, const char *))arg)= mysql->options.extension ? mysql->options.extension->ssl_keylog_callback : NULL; | ||
| + break; | ||
| case MYSQL_OPT_CONNECT_ATTRS: | ||
| /* mysql_get_optionsv(mysql, MYSQL_OPT_CONNECT_ATTRS, keys, vals, elements) */ | ||
| { | ||
| unsigned int i, *elements; | ||
| char **key= NULL; | ||
| void *arg1; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| @@ -242,13 +242,14 @@ | ||
| MARIADB_OPT_DEBUG, | ||
| MARIADB_OPT_FOUND_ROWS, | ||
| MARIADB_OPT_MULTI_RESULTS, | ||
| MARIADB_OPT_MULTI_STATEMENTS, | ||
| MARIADB_OPT_INTERACTIVE, | ||
| MARIADB_OPT_PROXY_HEADER, | ||
| - MARIADB_OPT_IO_WAIT | ||
| + MARIADB_OPT_IO_WAIT, | ||
| + MARIADB_OPT_SSL_KEYLOG_CALLBACK | ||
| }; | ||
|
|
||
| enum mariadb_value { | ||
| MARIADB_CHARSET_ID, | ||
| MARIADB_CHARSET_NAME, | ||
| MARIADB_CLIENT_ERRORS, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| @@ -526,12 +526,19 @@ | ||
| memset(buf, 0, size); | ||
| if (userdata) | ||
| strncpy(buf, (char *)userdata, size); | ||
| return (int)strlen(buf); | ||
| } | ||
|
|
||
| +static void ma_tls_set_sslkeylog_callback(MYSQL *mysql, SSL_CTX *ssl_ctx) | ||
| +{ | ||
| + if (mysql->options.extension && mysql->options.extension->ssl_keylog_callback) | ||
| + { | ||
| + SSL_CTX_set_keylog_callback(ssl_ctx, (void(*)(const SSL*, const char*))mysql->options.extension->ssl_keylog_callback); | ||
| + } | ||
| +} | ||
|
|
||
| static int ma_tls_set_certs(MYSQL *mysql, SSL *ssl) | ||
| { | ||
| char *certfile= mysql->options.ssl_cert, | ||
| *keyfile= mysql->options.ssl_key; | ||
| char *pw= (mysql->options.extension) ? | ||
| @@ -653,12 +660,13 @@ | ||
| if (!(ctx= SSL_CTX_new(SSLv23_client_method()))) | ||
| #endif | ||
| goto error; | ||
| if (mysql->options.extension) | ||
| options|= ma_tls_version_options(mysql->options.extension->tls_version); | ||
| SSL_CTX_set_options(ctx, options); | ||
| + ma_tls_set_sslkeylog_callback(mysql, ctx); | ||
| #ifdef HAVE_TLS_SESSION_CACHE | ||
| SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT); | ||
| ma_tls_sessions= (MA_SSL_SESSION *)calloc(1, sizeof(struct st_ma_tls_session) * ma_tls_session_cache_size); | ||
| SSL_CTX_sess_set_new_cb(ctx, ma_tls_session_cb); | ||
| SSL_CTX_sess_set_remove_cb(ctx, ma_tls_remove_session_cb); | ||
| #endif |