From 17ecb186a58d5d0f7ba50853eff4c0dae4afe612 Mon Sep 17 00:00:00 2001
From: games647 <games647@users.noreply.github.com>
Date: Thu, 23 Sep 2021 14:43:24 +0200
Subject: [PATCH] Require full verification if SSL is enabled in MySQL

---
 .../games647/fastlogin/core/storage/MySQLStorage.java       | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/com/github/games647/fastlogin/core/storage/MySQLStorage.java b/core/src/main/java/com/github/games647/fastlogin/core/storage/MySQLStorage.java
index fff9624b..ce22d79f 100644
--- a/core/src/main/java/com/github/games647/fastlogin/core/storage/MySQLStorage.java
+++ b/core/src/main/java/com/github/games647/fastlogin/core/storage/MySQLStorage.java
@@ -17,8 +17,10 @@ public class MySQLStorage extends SQLStorage {
         config.addDataSourceProperty("useSSL", useSSL);
         config.addDataSourceProperty("requireSSL", useSSL);
 
-        // prefer encrypted if possible
-        config.addDataSourceProperty("sslMode", "PREFERRED");
+        if (useSSL) {
+            // require encrypted if possible
+            config.addDataSourceProperty("sslMode", "VerifyFull");
+        }
 
         // adding paranoid hides hostname, username, version and so
         // could be useful for hiding server details