Build MySQL/MariaDB drivers for Android on Windows
-
wrote on 14 Feb 2023, 05:33 last edited by Kyef
I have been developing with Qt Creator for Windows and mainly working with Databases and therefore QtSql is inevitable. But I decided to dive into android and I need to connect to remote server and I have a need to create drivers for android and it is a very big hurdle for me as few materials are available. The Tutorial here https://wiki.qt.io/Build_Qt_5_MySQL_Plugin_for_Android :- seem to be deprecated and/or working for Linux platform. Has any one managed to build MySQL/MariaDB drivers successfully on Windows? Please, help me if possible!
-
I have been developing with Qt Creator for Windows and mainly working with Databases and therefore QtSql is inevitable. But I decided to dive into android and I need to connect to remote server and I have a need to create drivers for android and it is a very big hurdle for me as few materials are available. The Tutorial here https://wiki.qt.io/Build_Qt_5_MySQL_Plugin_for_Android :- seem to be deprecated and/or working for Linux platform. Has any one managed to build MySQL/MariaDB drivers successfully on Windows? Please, help me if possible!
wrote on 17 Feb 2023, 08:11 last edited by KyefWhy is nobody interested in this topic. Is it that no body is implementing SQL/MYSQL connections on android using Qt on Windows? What are the alternatives if I want to develop an app directly connected to an online MYSQL/MariaDB server? I need to be advised?
-
Why is nobody interested in this topic. Is it that no body is implementing SQL/MYSQL connections on android using Qt on Windows? What are the alternatives if I want to develop an app directly connected to an online MYSQL/MariaDB server? I need to be advised?
@Kyef said in Build MySQL/MariaDB drivers for Android on Windows:
Is it that no body is implementing SQL/MYSQL connections on android using Qt on Windows?
I don't think there are many people doing this. I mean, why would you want to access MySQL server directly (without REST API or similar between server and mobile device) from a mobile device?
-
@Kyef said in Build MySQL/MariaDB drivers for Android on Windows:
Is it that no body is implementing SQL/MYSQL connections on android using Qt on Windows?
I don't think there are many people doing this. I mean, why would you want to access MySQL server directly (without REST API or similar between server and mobile device) from a mobile device?
wrote on 17 Feb 2023, 14:30 last edited by@jsulm Thanks. I understand but this is a simple application that would access a few resources from an online server. I don't need to go through an API. Communication between my app and the server is already protected by SSL. What are the actual dangers here?
-
@jsulm Thanks. I understand but this is a simple application that would access a few resources from an online server. I don't need to go through an API. Communication between my app and the server is already protected by SSL. What are the actual dangers here?
@Kyef you are asking about the dangers of having a database directly connected to internet ?
-
@Kyef you are asking about the dangers of having a database directly connected to internet ?
-
@SGaist
For security the connection should be in VPN,
So the database port is not exposed.@piervalli said in Build MySQL/MariaDB drivers for Android on Windows:
@SGaist
For security the connection should be in VPN,
So the database port is not exposed.You don't have to convince me ;-)
-
wrote on 1 Mar 2023, 09:29 last edited by Kyef 3 Jan 2023, 11:01
Thanks @SGaist. I understand the risks involved, but this is a managed database where they have given me an SSL certificate to ensure data traffic is encrypted between the app and the remote database. I have also reviewed tens of posts on this case some of which @SGaist and @jsulm have given a few suggestions but there is no clear cutting edge to building MYSQL plugin especially on windows. What are your experience: Have you build these plugins before? Is there a modern way of building these plugins using clang? How can we go about this? I have tried option 2 of the wiki guide tens of trials on windows using MSYS2 but I get errors continuously:
ar r ../libcrypto.a cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o o_fips.o o_init.o fips_ers.o armcap.o armv4cpuid.o make[1]: ar: No such file or directory make[1]: *** [Makefile:104: ../libcrypto.a] Error 127 make[1]: Leaving directory '/c/Qt/android/build_mysql_drivers_android/openssl-1.0.2e/crypto' make: *** [Makefile:285: build_crypto] Error 1 making all in crypto... make[1]: Entering directory '/c/Qt/android/build_mysql_drivers_android/openssl-1.0.2e/crypto' ar r ../libcrypto.a cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o o_fips.o o_init.o fips_ers.o armcap.o armv4cpuid.o make[1]: ar: No such file or directory make[1]: *** [Makefile:104: ../libcrypto.a] Error 127 make[1]: Leaving directory '/c/Qt/android/build_mysql_drivers_android/openssl-1.0.2e/crypto' make: *** [Makefile:285: build_crypto] Error 1 Changes: ./buildAndroidMysql.sh: line 18: diff: command not foundI really do not understand whether the error is related to the NDK, OpenSSL or Qt packages I am using.
-
@jsulm Thanks. I understand but this is a simple application that would access a few resources from an online server. I don't need to go through an API. Communication between my app and the server is already protected by SSL. What are the actual dangers here?
wrote on 1 Mar 2023, 10:40 last edited by@Kyef It's a general rule of thumb not to expose directly your database. The actual danger depends on how and especially WHO will be using the app. If your app is just for your personnal use, or perhaps for a few people you faith, there's no problem.
If you distribute your app, via the google store for example, this will be problematic because most databases offer very poor access control (simple role access in most cases, that is basically granting them read or write access to the database, without being able to filter WHAT they are able to read and write) and all your users can get too large access to your database.
Hence the purpose of an intermediate api like REST (as already suggested by @jsulm (I personnaly use GraphQl to access my Neo4j database) that can give you finer control.
-
@Kyef It's a general rule of thumb not to expose directly your database. The actual danger depends on how and especially WHO will be using the app. If your app is just for your personnal use, or perhaps for a few people you faith, there's no problem.
If you distribute your app, via the google store for example, this will be problematic because most databases offer very poor access control (simple role access in most cases, that is basically granting them read or write access to the database, without being able to filter WHAT they are able to read and write) and all your users can get too large access to your database.
Hence the purpose of an intermediate api like REST (as already suggested by @jsulm (I personnaly use GraphQl to access my Neo4j database) that can give you finer control.
wrote on 1 Mar 2023, 11:08 last edited by Kyef 3 Jan 2023, 11:14Thanks @ankou29666. I have understood the dangers but the database is managed by a third party host who promised to help me with security issues. I have been advised to continue building the plugin first and then we will pick up the security issues thereafter. I have moved on and I managed to build OpenSSL by adding a directive for AR as AR="$BR"ar; but now its failing to compile Libiconv. Am still following the guide at wiki. Here is the error:
libtool: link: ar cru .libs/libcharset.a localcharset.o relocatable.o ../libtool: line 1090: ar: command not found make[2]: *** [Makefile:59: libcharset.la] Error 127 make[2]: Leaving directory '/c/Qt/android/build_mysql_drivers_android/libiconv-1.14/libcharset/lib' make[1]: *** [Makefile:34: all] Error 2 make[1]: Leaving directory '/c/Qt/android/build_mysql_drivers_android/libiconv-1.14/libcharset' make: *** [Makefile:42: lib/localcharset.h] Error 2 Changes: ./buildAndroidMysql.sh: line 18: diff: command not foundI would appreciate if any assistance is accorded.
-
Thanks @ankou29666. I have understood the dangers but the database is managed by a third party host who promised to help me with security issues. I have been advised to continue building the plugin first and then we will pick up the security issues thereafter. I have moved on and I managed to build OpenSSL by adding a directive for AR as AR="$BR"ar; but now its failing to compile Libiconv. Am still following the guide at wiki. Here is the error:
libtool: link: ar cru .libs/libcharset.a localcharset.o relocatable.o ../libtool: line 1090: ar: command not found make[2]: *** [Makefile:59: libcharset.la] Error 127 make[2]: Leaving directory '/c/Qt/android/build_mysql_drivers_android/libiconv-1.14/libcharset/lib' make[1]: *** [Makefile:34: all] Error 2 make[1]: Leaving directory '/c/Qt/android/build_mysql_drivers_android/libiconv-1.14/libcharset' make: *** [Makefile:42: lib/localcharset.h] Error 2 Changes: ./buildAndroidMysql.sh: line 18: diff: command not foundI would appreciate if any assistance is accorded.
wrote on 1 Mar 2023, 11:30 last edited by@Kyef once again, it depends on which security issues you are talking about. The access control is something that databases aren't made for and openssl is totally helpless about that issue. If you want your app to be able to connect directly to the database, then you have to store the database's password DIRECTLY into the app and thus freely exposed to anyone reverse-engeneering your code who then could easily recover it and get full access to the database. I seriously doubt your third party host can do anything about this security leak.
So as I said, as long as your app is just for you, this is ok, but if you plan to distribute your app, this is damn unsafe, and in this case I recommend that you take security in consideration right now, otherwise you might struggle to do the modifications.
And, still assuming you distribute your app (coz we still don't know to who this app is intended to), you all simply would have to wipe out (thus making you waste your time writing it) your plugin to replace it by a REST api to solve this security leak.
-
@Kyef once again, it depends on which security issues you are talking about. The access control is something that databases aren't made for and openssl is totally helpless about that issue. If you want your app to be able to connect directly to the database, then you have to store the database's password DIRECTLY into the app and thus freely exposed to anyone reverse-engeneering your code who then could easily recover it and get full access to the database. I seriously doubt your third party host can do anything about this security leak.
So as I said, as long as your app is just for you, this is ok, but if you plan to distribute your app, this is damn unsafe, and in this case I recommend that you take security in consideration right now, otherwise you might struggle to do the modifications.
And, still assuming you distribute your app (coz we still don't know to who this app is intended to), you all simply would have to wipe out (thus making you waste your time writing it) your plugin to replace it by a REST api to solve this security leak.
wrote on 1 Mar 2023, 14:13 last edited by@ankou29666 Great insight. I guess I need to crosscheck these details before I can proceed. Thanks for you guidance