Skip to content

Commit 0379c69

Browse files
amitabamitab
committed
BUG26179150: Check for invalid connection options
The session is successfully established when using invalid options. This is prone to accidental wrong usage. This patch will not allow usage of invalid connection option and will throw a ProgrammingError. Tests have been added for regression.
1 parent 3c1a3d1 commit 0379c69

File tree

2 files changed

+35
-6
lines changed

2 files changed

+35
-6
lines changed

lib/mysqlx/__init__.py

Lines changed: 17 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,8 @@
4747
_SPLIT = re.compile(r',(?![^\(\)]*\))')
4848
_PRIORITY = re.compile(r'^\(address=(.+),priority=(\d+)\)$', re.VERBOSE)
4949
ssl_opts = ["ssl-cert", "ssl-ca", "ssl-key", "ssl-crl"]
50+
sess_opts = ssl_opts + ["user", "password", "schema", "host", "port",
51+
"routers", "socket", "ssl-mode"]
5052

5153
def _parse_address_list(path):
5254
"""Parses a list of host, port pairs
@@ -135,18 +137,27 @@ def _validate_settings(settings):
135137
Args:
136138
settings: dict containing connection settings.
137139
"""
140+
invalid_opts = set(settings.keys()).difference(sess_opts)
141+
if invalid_opts:
142+
raise ProgrammingError("Invalid options: {0}."
143+
"".format(", ".join(invalid_opts)))
144+
138145
if "routers" in settings:
139146
for router in settings["routers"]:
140147
_validate_hosts(router)
141148
elif "host" in settings:
142149
_validate_hosts(settings)
143150

144-
if "ssl-mode" in settings and settings["ssl-mode"] not in SSLMode:
145-
raise InterfaceError("Invalid SSL Mode '{0}'."
146-
"".format(settings["ssl-mode"]))
147-
elif settings.get("ssl-mode") == SSLMode.DISABLED and \
148-
any(key in settings for key in ssl_opts):
149-
raise InterfaceError("SSL options used with ssl-mode 'disabled'.")
151+
if "ssl-mode" in settings:
152+
try:
153+
settings["ssl-mode"] = settings["ssl-mode"].lower()
154+
SSLMode.index(settings["ssl-mode"])
155+
except (AttributeError, ValueError):
156+
raise InterfaceError("Invalid SSL Mode '{0}'."
157+
"".format(settings["ssl-mode"]))
158+
if settings["ssl-mode"] == SSLMode.DISABLED and \
159+
any(key in settings for key in ssl_opts):
160+
raise InterfaceError("SSL options used with ssl-mode 'disabled'.")
150161

151162
if "ssl-crl" in settings and not "ssl-ca" in settings:
152163
raise InterfaceError("CA Certificate not provided.")

tests/test_mysqlx_connection.py

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -231,6 +231,24 @@ def test___init__(self):
231231
except InterfaceError as err:
232232
self.assertEqual(4001, err.errno)
233233

234+
# Invalid option with URI
235+
uri = "mysqlx://{0}:{1}@{2}:{3}?invalid=option" \
236+
"".format(user, password, host, port)
237+
self.assertRaises(ProgrammingError, mysqlx.get_session, uri)
238+
239+
# Invalid option with dict
240+
config = {
241+
"user": user,
242+
"password": password,
243+
"host": host,
244+
"port": port,
245+
"invalid": "option"
246+
}
247+
self.assertRaises(ProgrammingError, mysqlx.get_session, config)
248+
249+
# Invalid option with kwargs
250+
self.assertRaises(ProgrammingError, mysqlx.get_session, **config)
251+
234252
@unittest.skipIf(tests.MYSQL_VERSION < (5, 7, 15), "--mysqlx-socket option tests not available for this MySQL version")
235253
def test_mysqlx_socket(self):
236254
# Connect with unix socket

0 commit comments

Comments
 (0)