Fixes MySQL custom TLS connection failure.

2018-08-13 11:43:19 +00:00 · 2018-08-13 11:43:19 +00:00 · 9905791932
parent dd00ca926e
commit 9905791932
2 changed files with 18 additions and 13 deletions
--- a/database/mysql/README.md
+++ b/database/mysql/README.md
@ -10,6 +10,7 @@
 | `password` | | The user's password | 
 | `host` | | The host to connect to. |
 | `port` | | The port to bind to. |
 | `tls`  | | The custom TLS config name, use with `x-tls-` queries. |
 | `x-tls-ca` | | The location of the root certificate file. |
 | `x-tls-cert` | | Cert file location. |
 | `x-tls-key` | | Key file location. | 
--- a/database/mysql/mysql.go
+++ b/database/mysql/mysql.go
@ -123,15 +123,6 @@ func (m *Mysql) Open(url string) (database.Driver, error) {
 	q.Set("multiStatements", "true")
 	purl.RawQuery = q.Encode()
 	c, err := urlToMySQLConfig(*migrate.FilterCustomQuery(purl))
 	if err != nil {
 		return nil, err
 	}
 	db, err := sql.Open("mysql", c.FormatDSN())
 	if err != nil {
 		return nil, err
 	}
 	migrationsTable := purl.Query().Get("x-migrations-table")
 	if len(migrationsTable) == 0 {
 		migrationsTable = DefaultMigrationsTable
@ -151,9 +142,13 @@ func (m *Mysql) Open(url string) (database.Driver, error) {
 				return nil, ErrAppendPEM
 			}
-			certs, err := tls.LoadX509KeyPair(purl.Query().Get("x-tls-cert"), purl.Query().Get("x-tls-key"))
+			clientCert := make([]tls.Certificate, 0, 1)
-			if err != nil {
+			if purl.Query().Get("x-tls-cert") != "" && purl.Query().Get("x-tls-key") != "" {
-				return nil, err
+				certs, err := tls.LoadX509KeyPair(purl.Query().Get("x-tls-cert"), purl.Query().Get("x-tls-key"))
 				if err != nil {
 					return nil, err
 				}
 				clientCert = append(clientCert, certs)
 			}
 			insecureSkipVerify := false
@ -167,12 +162,21 @@ func (m *Mysql) Open(url string) (database.Driver, error) {
 			mysql.RegisterTLSConfig(ctls, &tls.Config{
 				RootCAs:            rootCertPool,
-				Certificates:       []tls.Certificate{certs},
+				Certificates:       clientCert,
 				InsecureSkipVerify: insecureSkipVerify,
 			})
 		}
 	}
 	c, err := urlToMySQLConfig(*migrate.FilterCustomQuery(purl))
 	if err != nil {
 		return nil, err
 	}
 	db, err := sql.Open("mysql", c.FormatDSN())
 	if err != nil {
 		return nil, err
 	}
 	mx, err := WithInstance(db, &Config{
 		DatabaseName:    purl.Path,
 		MigrationsTable: migrationsTable,