Skip to content

Commit 3dc8e43

Browse files
author
Roberto E. Garcia
committed
Ensure TLSv1 for SSL connections.
Changed default SSL mode to Preferred in connection string. Now the server connections will be using SSL if server allows it by default but it's possible to override this configuration.
1 parent f0089b7 commit 3dc8e43

File tree

4 files changed

+41
-4
lines changed

4 files changed

+41
-4
lines changed

CHANGES

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,7 @@
1+
6.7.8
2+
- Changed default SSL mode to Preferred in connection string. Now the server connections will be using SSL if server allows it by default but it's possible to override this configuration.
3+
4+
15
6.7.7
26
- Fix for Exception "The given key was not present in the dictionary" when using utf16le charset in a query. (MySql #72737, Oracle Bug #19355906)
37
- Fix for Memory leak in a loop opening a connection to the database and executing a command (MySql Bug #73122, Oracle Bug #19467233).

Source/MySql.Data/MySqlConnectionStringBuilder.cs

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright © 2013, 2014, Oracle and/or its affiliates. All rights reserved.
1+
// Copyright © 2013, 2015, Oracle and/or its affiliates. All rights reserved.
22
//
33
// MySQL Connector/NET is licensed under the terms of the GPLv2
44
// <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>, like most
@@ -185,7 +185,7 @@ static MySqlConnectionStringBuilder()
185185
options.Add(new MySqlConnectionStringOption("blobasutf8includepattern", null, typeof(string), "", false));
186186
options.Add(new MySqlConnectionStringOption("blobasutf8excludepattern", null, typeof(string), "", false));
187187
#if !CF
188-
options.Add(new MySqlConnectionStringOption("sslmode", "ssl mode", typeof(MySqlSslMode), MySqlSslMode.None, false));
188+
options.Add(new MySqlConnectionStringOption("sslmode", "ssl mode", typeof(MySqlSslMode), MySqlSslMode.Preferred, false));
189189
#endif
190190
}
191191

Source/MySql.Data/NativeDriver.cs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -376,7 +376,7 @@ private void StartSSL()
376376
new RemoteCertificateValidationCallback(ServerCheckValidation);
377377
SslStream ss = new SslStream(baseStream, true, sslValidateCallback, null);
378378
X509CertificateCollection certs = GetClientCertificates();
379-
ss.AuthenticateAsClient(Settings.Server, certs, SslProtocols.Default, false);
379+
ss.AuthenticateAsClient(Settings.Server, certs, SslProtocols.Tls, false);
380380
baseStream = ss;
381381
stream = new MySqlStream(ss, Encoding, false);
382382
stream.SequenceByte = 2;

Tests/MySql.Data.Tests/MySqlConnectionTests.cs

Lines changed: 34 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright © 2013 Oracle and/or its affiliates. All rights reserved.
1+
// Copyright © 2013, 2015 Oracle and/or its affiliates. All rights reserved.
22
//
33
// MySQL Connector/NET is licensed under the terms of the GPLv2
44
// <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>, like most
@@ -1205,5 +1205,38 @@ public void TestNonSupportedOptions()
12051205
Assert.Equal(ConnectionState.Open, c.State);
12061206
}
12071207
}
1208+
1209+
[Fact]
1210+
public void SslPreferredByDefault()
1211+
{
1212+
string connectionString = st.GetConnectionString(true);
1213+
Assert.DoesNotContain("ssl", connectionString, StringComparison.OrdinalIgnoreCase);
1214+
using (MySqlConnection connection = new MySqlConnection(connectionString))
1215+
{
1216+
connection.Open();
1217+
MySqlCommand command = new MySqlCommand("SHOW SESSION STATUS LIKE 'Ssl_version';", connection);
1218+
using (MySqlDataReader reader = command.ExecuteReader())
1219+
{
1220+
Assert.True(reader.Read());
1221+
Assert.Equal("TLSv1", reader.GetString(1));
1222+
}
1223+
}
1224+
}
1225+
1226+
[Fact]
1227+
public void SslOverrided()
1228+
{
1229+
string connectionString = st.GetConnectionString(true) + ";Ssl mode=None";
1230+
using (MySqlConnection connection = new MySqlConnection(connectionString))
1231+
{
1232+
connection.Open();
1233+
MySqlCommand command = new MySqlCommand("SHOW SESSION STATUS LIKE 'Ssl_version';", connection);
1234+
using (MySqlDataReader reader = command.ExecuteReader())
1235+
{
1236+
Assert.True(reader.Read());
1237+
Assert.Equal(string.Empty, reader.GetString(1));
1238+
}
1239+
}
1240+
}
12081241
}
12091242
}

0 commit comments

Comments
 (0)