Closed ahtik closed 3 years ago
Hello, I'm facing the same issue. How did you manage to connect without TLS to your MySQL database?
@abarbare Eventually the certs became available, so I was able to connect with TLS. This specific issue remained unsolved for me.
Ubuntu Server:
18.04.2 LTS
mariadb-client, libmariadbclient-dev:10.1.40
Postgres:10.8
openssl:1.1.1
mysql_fdw fails to open the connection to a MariaDB Server which has SSL enabled but I want to connect without it because the certs are not configured locally:
At this point there doesn't seem to be an easy way to connect:
mysql_ssl_set
(https://mariadb.com/kb/en/library/mysql_ssl_set/) call at https://github.com/EnterpriseDB/mysql_fdw/blob/REL-2_5_1/connection.c#L211 is always causingmysql_real_connect()
to return an error.When I comment out the
mysql_ssl_set
call then non-SSL connection is successful/everything OK. I also did log all themysql_ssl_set
arguments (ssl_key, ssl_cert, ssl_ca, ssl_capath, ssl_cipher) and they were null.It's one of these cases where it's not clear how it ever worked, but it did, even for me ~6 months ago, so maybe the mariadb lib behavior changed?
What could be a reasonable fix or am I missing something obvious?
Would it suffice to just have a check that if all
mysql_ssl_set
arguments are null then not invoking it? Alternatively introducinguse_ssl
parameter for server foreign object which defaults tofalse
if none of the mysql_fdw connection ssl_params are defined.From https://github.com/MariaDB/server/blob/592fe954ef82be1bc08b29a8e54f7729eb1e1343/sql-common/client.c#L1422 it looks like any call to
mysql_ssl_set
causes mariadb client to set use_ssl=TRUE making it impossible (guessing from the first skim) to connect without SSL.