Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-432

Use GnuTLS for Windows builds instead of Schannel

    XMLWordPrintable

Details

    • Task
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Won't Fix
    • None
    • N/A
    • None
    • None

    Description

      Since Schannel is closed source, it can be pretty difficult to debug when it doesn't work properly. CONC-417 / MDEV-13492 is an example of a bug with an unknown cause that has been very difficult to debug.

      We may want to consider using a different TLS library than Schannel.

      We can't use OpenSSL in MariaDB Connector/C's packages right now, because OpenSSL's custom license is incompatible with MariaDB Connector/C's LGPL license. There are plans to relicense OpenSSL with the Apache License 2.0, which would allow us to use it in MariaDB Connector/C's packages, but that process has not been completed.

      In contrast, GnuTLS is already licensed as LGPL, so it can be used in MariaDB Connector/C's packages already.

      If we moved from Schannel to GnuTLS on Windows, some potential changes are listed below.

      Losses:

      Gains:

      • MariaDB Connector/C doesn't support password-protected private keys when built with Schannel, but it does support them when built with GnuTLS.

      Attachments

        Issue Links

          Activity

            People

              georg Georg Richter
              GeoffMontee Geoff Montee (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.