Add client cert and key to MySQL connector

Author: ThibsG

sqlx-core/src/mysql/connection/tls.rs

@@ -53,8 +53,8 @@ async fn upgrade(stream: &mut MySqlStream, options: &MySqlConnectOptions) -> Res
             accept_invalid_certs,
             accept_invalid_host_names,
             options.ssl_ca.as_ref(),
-            None,
-            None,
+            options.ssl_client_cert.as_ref(),
+            options.ssl_client_key.as_ref(),
         )
         .await?;
 

sqlx-core/src/mysql/options/mod.rs

@@ -61,6 +61,8 @@ pub struct MySqlConnectOptions {
     pub(crate) database: Option<String>,
     pub(crate) ssl_mode: MySqlSslMode,
     pub(crate) ssl_ca: Option<CertificateInput>,
+    pub(crate) ssl_client_cert: Option<CertificateInput>,
+    pub(crate) ssl_client_key: Option<CertificateInput>,
     pub(crate) statement_cache_capacity: usize,
     pub(crate) charset: String,
     pub(crate) collation: Option<String>,
@@ -87,6 +89,8 @@ impl MySqlConnectOptions {
             collation: None,
             ssl_mode: MySqlSslMode::Preferred,
             ssl_ca: None,
+            ssl_client_cert: None,
+            ssl_client_key: None,
             statement_cache_capacity: 100,
             log_settings: Default::default(),
         }
@@ -184,6 +188,36 @@ impl MySqlConnectOptions {
         self
     }
 
+    /// Sets the name of a file containing SSL client certificate.
+    ///
+    /// # Example
+    ///
+    /// ```rust
+    /// # use sqlx_core::mysql::{MySqlSslMode, MySqlConnectOptions};
+    /// let options = MySqlConnectOptions::new()
+    ///     .ssl_mode(MySqlSslMode::VerifyCa)
+    ///     .ssl_client_cert("path/to/client.crt");
+    /// ```
+    pub fn ssl_client_cert(mut self, cert: impl AsRef<Path>) -> Self {
+        self.ssl_client_cert = Some(CertificateInput::File(cert.as_ref().to_path_buf()));
+        self
+    }
+
+    /// Sets the name of a file containing SSL client key.
+    ///
+    /// # Example
+    ///
+    /// ```rust
+    /// # use sqlx_core::mysql::{MySqlSslMode, MySqlConnectOptions};
+    /// let options = MySqlConnectOptions::new()
+    ///     .ssl_mode(MySqlSslMode::VerifyCa)
+    ///     .ssl_client_key("path/to/client.key");
+    /// ```
+    pub fn ssl_client_key(mut self, key: impl AsRef<Path>) -> Self {
+        self.ssl_client_key = Some(CertificateInput::File(key.as_ref().to_path_buf()));
+        self
+    }
+
     /// Sets the capacity of the connection's statement cache in a number of stored
     /// distinct statements. Caching is handled using LRU, meaning when the
     /// amount of queries hits the defined limit, the oldest statement will get

sqlx-core/src/mysql/options/parse.rs

@@ -59,6 +59,10 @@ impl FromStr for MySqlConnectOptions {
                     options = options.collation(&*value);
                 }
 
+                "sslcert" => options = options.ssl_client_cert(&*value),
+
+                "sslkey" => options = options.ssl_client_key(&*value),
+
                 "statement-cache-capacity" => {
                     options =
                         options.statement_cache_capacity(value.parse().map_err(Error::config)?);

sqlx-core/src/postgres/options/mod.rs

@@ -331,8 +331,8 @@ impl PgConnectOptions {
     ///     .ssl_mode(PgSslMode::VerifyCa)
     ///     .ssl_client_key("./client.key");
     /// ```
-    pub fn ssl_client_key(mut self, cert: impl AsRef<Path>) -> Self {
-        self.ssl_client_key = Some(CertificateInput::File(cert.as_ref().to_path_buf()));
+    pub fn ssl_client_key(mut self, key: impl AsRef<Path>) -> Self {
+        self.ssl_client_key = Some(CertificateInput::File(key.as_ref().to_path_buf()));
         self
     }