Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-375

SSL handshake fails (no cipher match)

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • 3.0.7, 3.1.0
    • 3.0.8, 3.1.0
    • None
    • None

    Description

      When establishing a secure connection (both client and server running with OpenSSL v1.1.1) the handshake fails if we pass a cipher suite mix of TLSv1.3 and non TLSv1.3 cipher suites.

      According to the OpenSSL documentation TLSv1.3 cipher suites differ from < TLSv1.3 cipher suites and need to be set via SSL_CTX_set_ciphersuites API call. Since OpenSSL currently supports only 3 cipher suites by default, mysql_ssl_set and MYSQL_OPT_SSL_CIPHER (or --ssl_cipher command line option) should only support cipher suites from SSLv3 to TLSv1.2.

      Attachments

        Activity

          There are no comments yet on this issue.

          People

            georg Georg Richter
            georg Georg Richter
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.