-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sep 5, 2007, at 22:06:55, Rasmus Lerdorf wrote:
It is documented at php.net/mysql in the section on connection
constants:
MYSQL_CLIENT_SSL
I found this but it didn't provide all the answers to the mysql-ssl
so I asked someone who tried to build PHP with MySQL-SSL but had no
luck making it work about build conditions and build errors and got
remnants of configured source tree from an attempt that failed to
provide a working solution.
Use SSL encryption. This flag is only available with version 4.x of
the
MySQL client library or newer. Version 3.23.x is bundled both with
PHP 4
and Windows binaries of PHP 5.
While waiting for a response I decided to do some testing based on
the build information of the failing build which was chalked up as
something they must have done wrong because they experienced no
issues when using someone elses provided binaries who built it and it
worked.
The only differences I could find was that openssl was enabled in the
working builds but not enabled in the failing build.
As a test I built PHP without openssl and with GD, MySQL (against
mysql-5.0.45 with SSL support) and ZLIB, what I found was unless
openssl is enabled it fails and crashes apache with symbols related
to ssl not found when attempting to perform an SSL connection.
I went a step further and manually added the ssl libraries (-lssl -
lcrypto) to the Makefile (both as bundled and shared) and all worked
well.
This cannot be considered a bug (or maybe it is), perhaps an
additional check could/should be performed to see if mysql is built
with SSL support and if so check whether openssl is enabled and add
the ssl libraries to the sapi build or to MYSQL_SHARED_LDADD if it's
not or to auto-enable openssl?
If this is the suggested approach, I have no objection to doing the
preliminary work and attempt to provide an acceptable solution in
compliance with the existing bug/feature policies.
If it's believed that it's unnecessary because openssl is usually
embedded or loaded at runtime then perhaps amending the documentation
to include information if mysql is built with SSL support and you
wish to use SSL with mysql then it is recommended that openssl also
be enabled?
What do you think?
-Rasmus
BuildSmart wrote:
I believe it's safe to question source code provided with the PHP
source
distributions in an attempt to ascertain a possible direction to
take if
any might be required.
I've been trying to determine if the mysql module provided with
the PHP
source distributions supports ssl connections with conflicting
results/opinions?
I see that the mysqli extension is essentially a wrapper and it
obtains
the required libraries from the mysql_config script so if mysql is
built
with ssl support the mysqli module will include this library and
theoretically should work with ssl connections.
My question though is related to the mysql module itself which
doesn't
have any ARGS for ssl support or a method to automatically retrieve
dependant libraries and is more of a client so before submitting a
feature request , writing a proof of concept or working on code for a
capability that might already exists but is undocumented, I
thought I'd
ask first.
-- Dale
- -- Dale
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (Darwin)
iD8DBQFG34FV0hzWbkf0eKgRAkyBAJ9EPFuhHoM/NeRQyD3O0RV2ZMVRfwCcCACE
2Hw4F+hbbWI9HyVp/X53Tz8=
=H+wS
-----END PGP SIGNATURE-----
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
