Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-394

Some TLS-related options are not settable in my.cnf

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.8
    • Fix Version/s: 3.1.1
    • Component/s: None
    • Labels:
      None

      Description

      If we look at the mariadb_defaults[] array that's used to parse options from my.cnf or other option/configuration files, it looks like some TLS-related options are not settable in these files.

      For example, here's the array in 3.0:

      https://github.com/MariaDB/mariadb-connector-c/blob/68d05007bbf0dd9ef725bddf312fbb72ed0c7d52/libmariadb/mariadb_lib.c#L608

      And here's the array in 3.1:

      https://github.com/MariaDB/mariadb-connector-c/blob/af47d1beab92970f1d79824e29e4c36f89400584/libmariadb/mariadb_lib.c#L606

      Some options that are not listed are:

      • MYSQL_OPT_SSL_CRL
      • MYSQL_OPT_SSL_CRLPATH
      • MYSQL_OPT_SSL_ENFORCE
      • MARIADB_OPT_TLS_CIPHER_STRENGTH
      • MARIADB_OPT_TLS_PEER_FP
      • MARIADB_OPT_TLS_PEER_FP_LIST

      Does it make sense to add some or all of these to the mariadb_defaults[] array?

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              georg Georg Richter
              Reporter:
              GeoffMontee Geoff Montee
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: