From 2e1ec53c9cf687a123d41376c207f828378f3dc6 Mon Sep 17 00:00:00 2001
From: Eric Lippmann <eric.lippmann@icinga.com>
Date: Mon, 19 Jul 2021 13:58:11 +0200
Subject: [PATCH 1/2] Don't accept empty strings for MySQL SSL attributes

---
 src/Adapter/Mysql.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/Adapter/Mysql.php b/src/Adapter/Mysql.php
index 891f43a..ff34470 100644
--- a/src/Adapter/Mysql.php
+++ b/src/Adapter/Mysql.php
@@ -23,24 +23,24 @@ public function getOptions(Config $config)
     {
         $options = parent::getOptions($config);
 
-        if (isset($config->use_ssl) && $config->use_ssl === '1') {
-            if (isset($config->ssl_key)) {
+        if (! empty($config->use_ssl)) {
+            if (! empty($config->ssl_key)) {
                 $options[PDO::MYSQL_ATTR_SSL_KEY] = $config->ssl_key;
             }
 
-            if (isset($config->ssl_cert)) {
+            if (! empty($config->ssl_cert)) {
                 $options[PDO::MYSQL_ATTR_SSL_CERT] = $config->ssl_cert;
             }
 
-            if (isset($config->ssl_ca)) {
+            if (! empty($config->ssl_ca)) {
                 $options[PDO::MYSQL_ATTR_SSL_CA] = $config->ssl_ca;
             }
 
-            if (isset($config->ssl_capath)) {
+            if (! empty($config->ssl_capath)) {
                 $options[PDO::MYSQL_ATTR_SSL_CAPATH] = $config->ssl_capath;
             }
 
-            if (isset($config->ssl_cipher)) {
+            if (! empty($config->ssl_cipher)) {
                 $options[PDO::MYSQL_ATTR_SSL_CIPHER] = $config->ssl_cipher;
             }
 

From d0da92ba090d781bea42a82615020d7c4e1c804e Mon Sep 17 00:00:00 2001
From: Eric Lippmann <eric.lippmann@icinga.com>
Date: Mon, 19 Jul 2021 13:59:44 +0200
Subject: [PATCH 2/2] Fix too greedy disable of the MySQL server cert
 verification

Before, it was sufficient to set ssl_do_not_verify_server_cert to any value.
Now it is necessary to set a value that is not considered empty().
---
 src/Adapter/Mysql.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Adapter/Mysql.php b/src/Adapter/Mysql.php
index ff34470..b9a18c5 100644
--- a/src/Adapter/Mysql.php
+++ b/src/Adapter/Mysql.php
@@ -46,7 +46,7 @@ public function getOptions(Config $config)
 
             if (
                 defined('PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT')
-                && isset($config->ssl_do_not_verify_server_cert)
+                && ! empty($config->ssl_do_not_verify_server_cert)
             ) {
                 $options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = false;
             }