db_mysql: new module param opt_ssl_ca to configure CA certs

ERROR: db_mysql [km_my_con.c:200]: db_mysql_new_connection():
driver error: SSL connection error: CA certificate is required
if ssl-mode is VERIFY_CA or VERIFY_IDENTITY

When opt_ssl_mode = 4 | 5 libmysqclient
requires that the trusted CAs be configured.
Fixed with:
mysql_options(ptr->con, MYSQL_OPT_SSL_CA, (void *)db_mysql_opt_ssl_mode)

Note: libmariadb3  doesn't require this setting
and uses the system trust store.

src/modules/db_mysql/db_mysql.c

@@ -47,6 +47,7 @@ unsigned int my_server_timezone =
 unsigned long my_client_ver = 0;
 int db_mysql_unsigned_type = 0;
 int db_mysql_opt_ssl_mode = 0;
+char *db_mysql_opt_ssl_ca = NULL;
 
 struct mysql_counters_h mysql_cnts_h;
 counter_def_t mysql_cnt_defs[] = {
@@ -100,6 +101,7 @@ static param_export_t params[] = {
 		{"insert_delayed", INT_PARAM, &db_mysql_insert_all_delayed},
 		{"update_affected_found", INT_PARAM, &db_mysql_update_affected_found},
 		{"unsigned_type", PARAM_INT, &db_mysql_unsigned_type},
+		{"opt_ssl_ca", PARAM_STRING, &db_mysql_opt_ssl_ca},
 		{"opt_ssl_mode", PARAM_INT, &db_mysql_opt_ssl_mode}, {0, 0, 0}};
 
 

src/modules/db_mysql/km_my_con.c

@@ -41,6 +41,7 @@
 #include "db_mysql.h"
 
 extern int db_mysql_opt_ssl_mode;
+extern char *db_mysql_opt_ssl_ca;
 
 /*! \brief
  * Create a new connection structure,
@@ -167,6 +168,9 @@ struct my_con *db_mysql_new_connection(const struct db_id *id)
 	}
 #endif /* MYSQL_VERSION_ID */
 #endif /* MARIADB_BASE_VERSION */
+	if(db_mysql_opt_ssl_ca)
+		mysql_options(
+				ptr->con, MYSQL_OPT_SSL_CA, (const void *)db_mysql_opt_ssl_ca);
 
 #if MYSQL_VERSION_ID > 50012
 	/* set reconnect flag if enabled */