From be251d3ff570110b13f6b9577a372c5898980e19 Mon Sep 17 00:00:00 2001
From: look-was-here <look.was.here@outlook.com>
Date: Mon, 9 Sep 2024 20:07:34 -0500
Subject: mysql: SSL not working due to wrong socket/flags

- Remove inappropriate setting of socket.
- Updated to use appropriate bitwise operations to check for set SSL
  client flags and update the default to not overwrite set user flags.
- Add friendly error to let user know they need to add a SSL client flag
  when using certificates.

Fixes #919, #1043

Signed-off-by: Damien Regad <dregad@mantisbt.org>
---
 drivers/adodb-mysqli.inc.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/drivers/adodb-mysqli.inc.php b/drivers/adodb-mysqli.inc.php
index 73632c28..7efd1878 100644
--- a/drivers/adodb-mysqli.inc.php
+++ b/drivers/adodb-mysqli.inc.php
@@ -233,9 +233,14 @@ class ADODB_mysqli extends ADOConnection {
 
 		// SSL Connections for MySQLI
 		if ($this->ssl_key || $this->ssl_cert || $this->ssl_ca || $this->ssl_capath || $this->ssl_cipher) {
+
 			mysqli_ssl_set($this->_connectionID, $this->ssl_key, $this->ssl_cert, $this->ssl_ca, $this->ssl_capath, $this->ssl_cipher);
-			$this->socket = MYSQLI_CLIENT_SSL;
-			$this->clientFlags = MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT;
+
+			// Check for any SSL client flag set, NOTE: bitwise operation.
+			if (!($this->clientFlags & MYSQLI_CLIENT_SSL)) {
+        			ADOConnection::outp('When using certificates, set the client flag MYSQLI_CLIENT_SSL_VERIFY_SERVER_CERT or MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT');
+				return false;
+			}
 		}
 
 		#if (!empty($this->port)) $argHostname .= ":".$this->port;
-- 
cgit v1.3