`SSL` configuration option enables SSL handshaking regardless of the configuration value
jasperfect opened this issue · comments
Bug Report
Versions
- Driver: 0.8.6-RELEASE
- Database: MSSQL 2008R2
- Java: 11
- OS: Windows2008R2
Current Behavior
As long as the dependency "io.netty:netty-tcnative-boringssl-static:2.0.40.final" exists in class path, then R2DBC always tries to handshaking with MSSQL with SSLv3, then protocol not supported exception pops up.
Steps to reproduce
Input Code
1. add "io.netty:netty-tcnative-boringssl-static:2.0.40.final" to deps
2. setup R2DBC like below
@Bean
fun connectionFactory(): ConnectionFactory = ConnectionFactories.get(
ConnectionFactoryOptions.builder()
.option(ConnectionFactoryOptions.DRIVER, "sqlserver")
.option(ConnectionFactoryOptions.HOST, "localhost")
.option(ConnectionFactoryOptions.PORT, "1433")
.option(ConnectionFactoryOptions.USER, "user")
.option(ConnectionFactoryOptions.PASSWORD, "pwd")
.option(ConnectionFactoryOptions.DATABASE, "foo")
.option(ConnectionFactoryOptions.SSL, false)
.option(Option.valueOf("sslTunnel"), false)
.option(Option.valueOf("trustServerCertificate"), true)
.build()
)
Expected behavior/code
Set ConnectionFactoryOptions.SSL to false should disable SSL handshaking, even with dependency "io.netty:netty-tcnative-boringssl-static" exists in class path
This is a bug in MssqlConnectionFactoryProvider. As soon as the SSL option is being configured, the driver enables SSL regardless of the configuration values. If you remove option(ConnectionFactoryOptions.SSL, false), then it will work.
We need to fix this.