adds tls sni support to mysql2#1405
Conversation
| rb_hash_foreach(conn_attrs, opt_connect_attr_add_i, (VALUE)wrapper); | ||
| #endif | ||
|
|
||
| if(sni_hostname != NULL) { |
There was a problem hiding this comment.
Nit:
| if(sni_hostname != NULL) { | |
| if (sni_hostname != NULL) { |
| args.mysql = wrapper->client; | ||
| args.client_flag = NUM2ULONG(flags); | ||
|
|
||
| sni_hostname = NIL_P(tls_sni_name) ? NULL : StringValueCStr(tls_sni_name); |
There was a problem hiding this comment.
Need to refresh myself on this code to remember if this ought to go into the args structure. It is used to stash arguments that are passed by pointer-to-structure to nogvl_connect -- but I don't remember if the args structure is also used for subsequent reconnects or looking up connection parameters later on.
| args.passwd = NIL_P(pass) ? NULL : StringValueCStr(pass); | ||
| args.db = NIL_P(database) ? NULL : StringValueCStr(database); | ||
| args.mysql = wrapper->client; | ||
| args.client_flag = NUM2ULONG(flags); |
There was a problem hiding this comment.
If this spacing off by one or is that a GitHub display bug? (I'm reviewing on web)
|
|
||
| if(sni_hostname != NULL) { | ||
| /* Set the TLS SNI name if provided */ | ||
| mysql_options(wrapper->client, MYSQL_OPT_TLS_SNI_SERVERNAME, sni_hostname); |
There was a problem hiding this comment.
I found that this wasn't added until MySQL 8.1:
https://dev.mysql.com/doc/relnotes/mysql/8.1/en/news-8-1-0.html
However MySQL 8.0 is still in support window, so #ifdef protection is required.
|
@mikemackintosh ping to continue work on this PR? |
2 participants
This pull request introduces support for specifying a TLS SNI (Server Name Indication) name during MySQL client connections. This enhancement allows users to set a custom SNI hostname for TLS connections, improving flexibility and compatibility with certain server configurations.
Enhancements to TLS Configuration:
rb_mysql_connectfunction inext/mysql2/client.cto accept an additional parameter,tls_sni_name, and use it to set the TLS SNI server name via theMYSQL_OPT_TLS_SNI_SERVERNAMEoption in the MySQL client library. [1] [2]init_mysql2_clientfunction inext/mysql2/client.cto reflect the updatedrb_mysql_connectmethod signature, increasing the number of expected arguments from 8 to 9.Updates to Ruby Client Initialization:
:tls_sni_nameoption in theinitializemethod oflib/mysql2/client.rb, allowing users to specify the SNI name when creating a MySQL client instance.tls_sni_namevalue is converted to a string if provided, and passed it as an argument to the updatedconnectmethod.