diff --git a/out/locale/en/LC_MESSAGES/default.po b/out/locale/en/LC_MESSAGES/default.po index 5c7a76f6..1b404526 100644 --- a/out/locale/en/LC_MESSAGES/default.po +++ b/out/locale/en/LC_MESSAGES/default.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: HeidiSQL\n" "POT-Creation-Date: 2012-11-05 21:40\n" -"PO-Revision-Date: 2024-04-29 07:40+0200\n" +"PO-Revision-Date: 2024-05-18 17:39+0200\n" "Last-Translator: Ansgar Becker \n" "Language-Team: English (http://www.transifex.com/projects/p/heidisql/language/en/)\n" "Language: en\n" @@ -15,7 +15,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Poedit 3.4.2\n" +"X-Generator: Poedit 3.4.4\n" #. AboutBox..Caption #: about.dfm:5 @@ -4001,6 +4001,9 @@ msgstr "Your %s is incompatible to %s, or your system is missing a dependent lib msgid "SSL parameters successfully set." msgstr "SSL parameters successfully set." +msgid "SSL parameters not fully set. Result: %d" +msgstr "SSL parameters not fully set. Result: %d" + #: dbconnection.pas:1151 msgid "Attempt to create SSH process, waiting %ds for response ..." msgstr "Attempt to create SSH process, waiting %ds for response ..." diff --git a/source/dbconnection.pas b/source/dbconnection.pas index 915b89be..4f69ea2d 100644 --- a/source/dbconnection.pas +++ b/source/dbconnection.pas @@ -2379,6 +2379,13 @@ begin FinalPort := FParameters.Port; if FParameters.WantSSL then begin + // Define which TLS protocol versions are allowed BEFORE calling mysql_ssl_set(). + // See https://www.heidisql.com/forum.php?t=27158 + // See https://mariadb.com/kb/en/library/mysql_optionsv/ + // See issue #1768 + // See https://mariadb.com/kb/en/mysql_ssl_set/ + SetOptionResult := FLib.mysql_options(FHandle, Integer(MARIADB_OPT_TLS_VERSION), PAnsiChar('TLSv1,TLSv1.1,TLSv1.2,TLSv1.3')); + SetOptionResult := SetOptionResult + FLib.mysql_options(FHandle, Integer(MYSQL_OPT_TLS_VERSION), PAnsiChar('TLSv1,TLSv1.1,TLSv1.2,TLSv1.3')); // mysql_ssl_set() wants nil, while PAnsiChar(AnsiString()) is never nil sslkey := nil; sslcert := nil; @@ -2393,13 +2400,17 @@ begin if FParameters.SSLCipher <> '' then sslcipher := PAnsiChar(AnsiString(FParameters.SSLCipher)); { TODO : Use Cipher and CAPath parameters } - FLib.mysql_ssl_set(FHandle, + SetOptionResult := SetOptionResult + FLib.mysql_ssl_set(FHandle, sslkey, sslcert, sslca, nil, sslcipher); - Log(lcInfo, _('SSL parameters successfully set.')); + if SetOptionResult = 0 then + Log(lcInfo, _('SSL parameters successfully set.')) + else + Log(lcError, f_('SSL parameters not fully set. Result: %d', [SetOptionResult])); + SetOptionResult := 0; end; case FParameters.NetType of @@ -2451,12 +2462,6 @@ begin raise EDbError.Create(f_('Plugin directory %s could not be set.', [PluginDir])); end; - // Define which TLS protocol versions are allowed. - // See https://www.heidisql.com/forum.php?t=27158 - // See https://mariadb.com/kb/en/library/mysql_optionsv/ - FLib.mysql_options(FHandle, Integer(MARIADB_OPT_TLS_VERSION), PAnsiChar('TLSv1,TLSv1.1,TLSv1.2,TLSv1.3')); - FLib.mysql_options(FHandle, Integer(MYSQL_OPT_TLS_VERSION), PAnsiChar('TLSv1,TLSv1.1,TLSv1.2,TLSv1.3')); - // Enable cleartext plugin if Parameters.CleartextPluginEnabled then FLib.mysql_options(FHandle, Integer(MYSQL_ENABLE_CLEARTEXT_PLUGIN), PAnsiChar('1')); diff --git a/source/dbstructures.mysql.pas b/source/dbstructures.mysql.pas index c581917a..bfaee5f9 100644 --- a/source/dbstructures.mysql.pas +++ b/source/dbstructures.mysql.pas @@ -358,7 +358,7 @@ type mysql_ping: function(Handle: PMYSQL): Integer; stdcall; mysql_real_connect: function(Handle: PMYSQL; const Host, User, Passwd, Db: PAnsiChar; Port: Cardinal; const UnixSocket: PAnsiChar; ClientFlag: Cardinal): PMYSQL; stdcall; mysql_real_query: function(Handle: PMYSQL; const Query: PAnsiChar; Length: Cardinal): Integer; stdcall; - mysql_ssl_set: function(Handle: PMYSQL; const key, cert, CA, CApath, cipher: PAnsiChar): Byte; stdcall; + mysql_ssl_set: function(Handle: PMYSQL; const key, cert, CA, CApath, cipher: PAnsiChar): Integer; stdcall; mysql_stat: function(Handle: PMYSQL): PAnsiChar; stdcall; mysql_store_result: function(Handle: PMYSQL): PMYSQL_RES; stdcall; mysql_thread_id: function(Handle: PMYSQL): Cardinal; stdcall;