[CONC-398] IANA cipher names are not accepted with Schannel - Jira

XML

Word

Printable

Details

Type: Task
Status: Open (View Workflow)
Priority: Minor
Resolution: Unresolved
Affects Version/s: 3.0.8
Fix Version/s: None
Component/s: None
Labels:
None

Description

In Microsoft's Schannel documentation, TLS ciphers are listed with their IANA names:

https://docs.microsoft.com/en-us/windows/desktop/secauthn/tls-cipher-suites-in-windows-10-v1809

The MariaDB Connector/C code stores these IANA names as the iana_name C-string in the cipher_map[] array that is used to map cipher strings to specific ALG_ID values:

https://github.com/MariaDB/mariadb-connector-c/blob/1285dc72a043f09d9a51abcfc3a4fbfb5192067e/libmariadb/secure/schannel.c#L33

However, the set_cipher function ignores the iana_name C-string when parsing ssl-cipher/MYSQL_OPT_SSL_CIPHER. It only looks at the openssl_name C-string:

https://github.com/MariaDB/mariadb-connector-c/blob/1285dc72a043f09d9a51abcfc3a4fbfb5192067e/libmariadb/secure/schannel.c#L263

Should we change MariaDB Connector/C to allow the IANA names of ciphers in ssl-cipher/MYSQL_OPT_SSL_CIPHER when using Schannel, if the names are already stored in the cipher_map[] array?

Attachments

Issue Links

relates to

CONC-393 TLSv1.2 ciphers are rejected on Windows with Schannel

Closed

ODBC-230 SSLCIPHER doesn't seem to work on Windows

Closed

Activity

People

Assignee:: Georg Richter

Reporter:: Geoff Montee (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2019-03-24 19:37

Updated:: 2019-03-25 07:33

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.