--- lbbs/src/database.c	2025/11/21 02:49:26	1.25
+++ lbbs/src/database.c	2025/12/19 06:16:26	1.28
@@ -13,9 +13,12 @@
 #include "common.h"
 #include "database.h"
 #include "log.h"
+#include <errno.h>
+#include <fcntl.h>
 #include <mysql.h>
 #include <stdio.h>
 #include <string.h>
+#include <sys/stat.h>
 
 // Global declaration for database
 char DB_ca_cert[FILE_PATH_LEN] = "conf/ca_cert.pem";
@@ -29,35 +32,54 @@ MYSQL *db_open()
 {
 	MYSQL *db = NULL;
 #ifdef HAVE_MARIADB_CLIENT
-	my_bool disabled = 0;
+	my_bool verify_server_cert = 0;
 #else
-	unsigned int ssl_mode = SSL_MODE_VERIFY_CA;
+	unsigned int ssl_mode = SSL_MODE_PREFERRED;
 #endif
 	char sql[SQL_BUFFER_LEN];
+	int fd;
+	int have_ca_cert = 0;
 
 	db = mysql_init(NULL);
 	if (db == NULL)
 	{
-		log_error("mysql_init() failed\n");
+		log_error("mysql_init() failed");
 		return NULL;
 	}
 
-	if (mysql_ssl_set(db, NULL, NULL, DB_ca_cert, NULL, NULL) != 0)
+	fd = open(DB_ca_cert, O_RDONLY);
+	if (fd == -1)
 	{
-		log_error("mysql_ssl_set() error\n");
+		if (errno != ENOENT)
+		{
+			log_error("open(%s) error: %d", DB_ca_cert, errno);
+		}
+	}
+	else
+	{
+		close(fd);
+		have_ca_cert = 1;
+#ifndef HAVE_MARIADB_CLIENT
+		ssl_mode = SSL_MODE_VERIFY_CA;
+#endif
+	}
+
+	if (mysql_ssl_set(db, NULL, NULL, (have_ca_cert ? DB_ca_cert : NULL), NULL, NULL) != 0)
+	{
+		log_error("mysql_ssl_set() error");
 		return NULL;
 	}
 
 #ifdef HAVE_MARIADB_CLIENT
-	if (mysql_optionsv(db, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, &disabled) != 0)
+	if (mysql_optionsv(db, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, &verify_server_cert) != 0)
 	{
-		log_error("mysql_optionsv() error\n");
+		log_error("mysql_optionsv() error");
 		return NULL;
 	}
 #else
 	if (mysql_options(db, MYSQL_OPT_SSL_MODE, &ssl_mode) != 0)
 	{
-		log_error("mysql_options() error\n");
+		log_error("mysql_options() error");
 		return NULL;
 	}
 #endif
@@ -65,14 +87,14 @@ MYSQL *db_open()
 	if (mysql_real_connect(db, DB_host, DB_username, DB_password, DB_database,
 						   0, NULL, 0) == NULL)
 	{
-		log_error("mysql_real_connect() error: %s\n", mysql_error(db));
+		log_error("mysql_real_connect() error: %s", mysql_error(db));
 		mysql_close(db);
 		return NULL;
 	}
 
 	if (mysql_set_character_set(db, "utf8") != 0)
 	{
-		log_error("Set character set error: %s\n", mysql_error(db));
+		log_error("Set character set error: %s", mysql_error(db));
 		mysql_close(db);
 		return NULL;
 	}
@@ -83,7 +105,7 @@ MYSQL *db_open()
 
 	if (mysql_query(db, sql) != 0)
 	{
-		log_error("Set timezone error: %s\n", mysql_error(db));
+		log_error("Set timezone error: %s", mysql_error(db));
 		mysql_close(db);
 		return NULL;
 	}