MySQL Connector/J 8.0.22 has been released

Dear MySQL users,

MySQL Connector/J 8.0.22 is the latest General Availability release of
the MySQL Connector/J 8.0 series. It is suitable for use with MySQL
Server versions 8.0, 5.7, and 5.6. It supports the Java Database
Connectivity (JDBC) 4.2 API, and implements the X DevAPI.

This release includes the following new features and changes, also
described in more detail on

https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/news-8.0.22.html

As always, we recommend that you check the “CHANGES” file in the
download archive to be aware of changes in behavior that might affect
your application.

To download MySQL Connector/J 8.0.22 GA, see the “General Availability
(GA) Releases” tab at http://dev.mysql.com/downloads/connector/j/

Enjoy!

Changes in MySQL Connector/J 8.0.22 (2020-10-19, General
Availability)

Functionality Added or Changed


     * Security Enhancement: Previously, the LOCAL data loading
       capability for the LOAD DATA statement can be controlled on the
       client side only by enabling it for all files accessible to the
       client or by disabling it altogether, using the connection
       property allowLoadLocalInfile. A new connection property,
       allowLoadLocalInfileInPath, has been introduced to allow LOCAL
       data loading only from a specific filepath; see the description
       for the option in Configuration Properties
(https://dev.mysql.com/doc/connector-j/8.0/en/connector-j-reference-configuration-properties.html)
       for details.

     * X DevAPI: A new connection property,
       xdevapi.compression-algorithms, has been introduced for
       specifying the compression algorithms to use and the priority in
       which they will be negotiated for.  Also, the older connection
       property xdevapi.compression-algorithm (without an “s” at the end
       of its name) has been renamed to xdevapi.compression-extensions;
       its function remains the same as before (providing
       implementations for compression algorithms), but the syntax for
       its value has been changed: each element in a triplet for an
       algorithm is now separated by a colon (:). See Connection
       Compression Using X DevAPI
(https://dev.mysql.com/doc/connector-j/8.0/en/connector-j-connection-compression-xdevapi.html)
       for details.

     * X DevAPI: The asynchronous variant of the X Protocol is no
       longer supported by Connector/J; the connection properties
       useAsyncProtocol and asyncResponseTimeout are now deprecated and
       have no effect when used.

     * X DevAPI: Connector/J now supports Java keystore for SSL client
       certificates for X DevAPI sessions. The following new connection
       properties have been introduced for the purpose:

          + xdevapi.ssl-keystore

          + xdevapi.ssl-keystore-type

          + xdevapi.ssl-keystore-password
       See Connecting Securely Using SSL
(https://dev.mysql.com/doc/connector-j/8.0/en/connector-j-reference-using-ssl.html)
       for details.

     * When trying to open multiple connections to a MySQL server using
       Connector/J with a named pipe on Windows systems, the attempt
       sometimes failed with the “All pipe instances are busy” error.
       With this fix, if a timeout has been set using the connection
       property connectTimeout or the method
       DriverManager.setLoginTimeout(), Connector/J will retry opening
       the named pipe repeatedly until the timeout is reached or the
       named pipe is opened successfully. As a side-effect of this new
       behavior, there will be a delay, equal to the length of the
       timeout, for throwing an error for a failed named-pipe connection
       even when it is caused by an error other than “All pipe instances
       are busy.” (Bug #31711961, Bug #98667)

     * When the connection option sslMode is set to VERIFY_IDENTITY,
       Connector/J now validates the host name in the connection string
       against the host names or IP addresses provided under the Subject
       Alternative Name (SAN) extension in the server’s X.509
       certificate. Also, verification against the Common Name (CN) is
       now performed when a SAN is not provided in the certificate or if
       it does not contain any DNS name or IP address entries. Host
       names listed in the certificate, under either the SAN or the CN,
       can contain a wildcard character as specified in the RFC 6125
       standard. Thanks to DaniĆ«l van Eeden for contributing to the
       patch. (Bug #31443178, Bug #99767, Bug #28834903, Bug #92903)

     * When using Connector/J, the AbandonedConnectionCleanupThread
       thread can now be disabled completely by setting the new system
       property com.mysql.disableAbandonedConnectionCleanup to true when
       configuring the JVM. The feature is for well-behaving
       applications that always close all connections they create.
       Thanks to Andrey Turbanov for contributing to the new feature.
       (Bug #30304764, Bug #96870)

     * Connector/J now supports client authentication with MySQL
       Enterprise Server using simple or SASL (SCRAM-SHA-1) LDAP
       authentication
(https://dev.mysql.com/doc/refman/8.0/en/ldap-pluggable-authentication.html#ldap-pluggable-authentication-usage)
       on Windows and Linux platforms.

     * Connector/J can now be prevented from falling back to the
       system-wide truststore and keystore for server and client
       identity authentication, respectively. For JDBC connections, two
       new connection properties, fallbackToSystemKeyStore and
       fallbackToSystemTrustStore, have been introduced for the control.
       While those properties are true by default (fallbacks enabled),
       setting them to false disable fallbacks. See Connecting Securely
       Using SSL
(https://dev.mysql.com/doc/connector-j/8.0/en/connector-j-reference-using-ssl.html)
       for details.  X DevAPI: Similar
       control for fallback for X DevAPI connections are provided by
       the new connection properties,
       xdevapi.fallback-to-system-keystore, and
       xdevapi.fallback-to-system-truststore.

     * The integration classes for JBoss have been removed from
       Connector/J.

Bugs Fixed


     * In a load balancing setup, if the connection parameter
       loadBalanceBlacklistTimeout was set, a server that was once
       unavailable remained in the blocklist even after a connection to
       it has been reestablished, and this affected the system’s
       performance. With this fix, the server is removed from the
       blocklist as soon as it becomes available again. (Bug #31699357,
       Bug #96309)

     * Using a PreparedStatement to store a Date into a database
       sometimes resulted in a NullPointerException. It was
       because some assignments were missing in
       ServerPreparedQueryBindValue.clone(), and this patch
       corrects the issue. (Bug #31418928, Bug #99713)

* When a client attempted to establish a JDBC connection using the server’s X Protocol port, Connector/J threw an ArrayIndexOutOfBoundsException. With this fix, Connector/J throws the proper exception for using the wrong protocol with the port and returns a proper error message. (Bug #31083755, Bug #99076)

     * LocalDate, LocalDateTime, and LocalTime values set through
       Connector/J were altered when there was a timezone difference
       between the server and the client.  This fix corrects the issue
       by handling the LocalDate, LocalTime, and LocalDateTime with no
       time zone conversion and no intermediate conversions to other
       date-time classes. Thanks to Iwao Abe for his contribution to the
       fix. (Bug #29015453, Bug #93444)

Enjoy and thanks for the support!

On behalf of the MySQL Release Team,
Nawaz Nazeer Ahamed