MySQL Connector/C++ Release Notes
OpenSSL is ending support for version 1.0.1 in December 2016; see https://www.openssl.org/policies/releasestrat.html. Consequently, Connector/C++ Commercial builds now use version 1.0.2 rather than version 1.0.1, and the linked OpenSSL library for the Connector/C++ Commercial has been updated from version 1.0.1 to version 1.0.2j. For a description of issues fixed in this version, see https://www.openssl.org/news/vulnerabilities.html.
This change does not affect Oracle-produced MySQL Community builds of Connector/C++, which use the yaSSL library instead.
Connector/C++ now supports a OPT_TLS_VERSION
connection option for specifying the protocols permitted for
encrypted connections. The option value is string containing a
comma-separated list of one or more protocol versions. Example:
connection_properties["OPT_TLS_VERSION"] = sql::SQLString("TLSv1.1,TLSv1.2");
The permitted values depend on the SSL library used to compile
MySQL: TLSv1
, TLSv1.1
,
TLSv1.2
if OpenSSL was used;
TLSv1
and TLSv1.1
if yaSSL
was used. The default is to permit all available protocols.
For more information about TLS protocols in MySQL, see Encrypted Connection TLS Protocols and Ciphers. (Bug #23496967)
Connector/C++ now supports a OPT_SSL_MODE
connection
option for specifying the security state of the connection to
the server. Permitted option values are
SSL_MODE_PREFERRED
(the default),
SSL_MODE_DISABLED
,
SSL_MODE_REQUIRED
,
SSL_MODE_VERIFY_CA
, and
SSL_MODE_VERIFY_IDENTITY
. These values
correspond to the values of the --ssl-mode
option supported by MySQL client programs; see
Command Options for Encrypted Connections. For example,
this setting specifies that the connection should be
unencrypted:
connection_properties["OPT_SSL_MODE"] = sql::SSL_MODE_DISABLED;
The OPT_SSL_MODE
option comprises the
capabilities of the sslEnforce
and
sslVerify
connection options. Consequently,
both of those options are now deprecated.
(Bug #23496952)
Connector/C++ now supports OPT_MAX_ALLOWED_PACKET
and OPT_NET_BUFFER_LENGTH
connection options.
Each option takes a numeric value. They correspond to the
MYSQL_OPT_MAX_ALLOWED_PACKET
and
MYSQL_OPT_NET_BUFFER_LENGTH
options for the
mysql_options()
C API function.
Issues compiling Connector/C++ under Visual Studio 2015 were corrected.
A segmentation fault could occur for attempts to insert a large string using a prepared statement. (Bug #23212333, Bug #81213)
The certification verification checks that are enabled by the
verifySSL
connection option were not
performed properly.
(Bug #22931974)
Connector/C++ failed to compile against a version of the MySQL C API older than 5.7. (Bug #22838573, Bug #80539, Bug #25201287)