Skip to content

make tls=true do the same thing as tls=. otherwise it's pretty useless. #543

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 2 commits into from
Closed

make tls=true do the same thing as tls=. otherwise it's pretty useless. #543

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ccd0bf5
make tls=true do the same thing as tls=. otherwise it's pretty useless.
Feb 2, 2017
8649abc
update the README.md and AUTHORS
Feb 2, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions AUTHORS
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ Aaron Hopkins <go-sql-driver at die.net>
Arne Hormann <arnehormann at gmail.com>
Carlos Nieto <jose.carlos at menteslibres.net>
Chris Moos <chris at tech9computers.com>
Chris Toshok <toshok at honeycomb.io>
Daniel Nichter <nil at codenode.com>
Daniël van Eeden <git at myname.nl>
DisposaBoy <disposaboy at dby.me>
Expand Down
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -293,11 +293,11 @@ Default: OS default

```
Type: bool / string
Valid Values: true, false, skip-verify, <name>
Valid Values: true, false, skip-verify, <name>, <empty>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While I agree that we need a fix for tls=true, <empty> should not be a valid (/recommended) value. It doesn't make sense semantically and is the same as tls=true, I assume?

Default: false
```

`tls=true` enables TLS / SSL encrypted connection to the server. Use `skip-verify` if you want to use a self-signed or invalid certificate (server side). Use a custom value registered with [`mysql.RegisterTLSConfig`](https://godoc.org/github.com/go-sql-driver/mysql#RegisterTLSConfig).
Every value other than `false` enables TLS/SSL encrypted connection to the server. Use `skip-verify` if you want to use a self-signed or invalid certificate (server side). Use a custom `<name>` if you've registered it with [`mysql.RegisterTLSConfig`](https://godoc.org/github.com/go-sql-driver/mysql#RegisterTLSConfig). Both `true` and `<empty>` will use use the `host` from the address for the expected `ServerName`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please do not add double spaces after full stops.


##### `writeTimeout`

Expand Down
8 changes: 7 additions & 1 deletion dsn.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -493,7 +493,13 @@ func parseDSNParams(cfg *Config, params string) (err error) {
if isBool {
if boolValue {
cfg.TLSConfig = "true"
cfg.tls = &tls.Config{}

var host string
host, _, err = net.SplitHostPort(cfg.Addr)
if err != nil {
return
}
cfg.tls = &tls.Config{ServerName: host}
} else {
cfg.TLSConfig = "false"
}
Expand Down
12 changes: 12 additions & 0 deletions dsn_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -161,6 +161,18 @@ func TestDSNWithCustomTLS(t *testing.T) {
t.Errorf("did not get the correct ServerName (%s) parsing DSN (%s).", name, tst)
}

// tls=true should also pick localhost
tst = baseDSN + "true"
name = "localhost"
tlsCfg.ServerName = ""
cfg, err = ParseDSN(tst)

if err != nil {
t.Error(err.Error())
} else if cfg.tls.ServerName != name {
t.Errorf("did not get the correct ServerName (%s) parsing DSN (%s).", name, tst)
}

DeregisterTLSConfig("utils_test")
}

Expand Down