Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-50

Oracle and MariaDB API's differ in behaviour when establishing an SSL connection for a user with "REQURE SSL"

Details

    • Bug
    • Status: Closed (View Workflow)
    • Minor
    • Resolution: Fixed
    • None
    • None
    • None
    • None
    • Windows build , MariaDB client library revision 84.

    Description

      mysql_ssl_set(mysql, NULL,NULL,NULL, NULL, NULL);
      or
      mysql_ssl_set(mysql, NULL,NULL,"some_invalid_value", NULL, NULL);
      followed by,
      mysql_real_connect(mysql, host, user, passwd, db, port, unix_socket, clientflag);

      The above mentioned code successfully establishes MySql connection for a user with "REQUIRE SSL" using MariaDB API where as Oracle API returns error 2026 if the ca field is NULL or if the ca-certificate is invalid as mentioned in the code above.

      I have found the following bug report in MySql bug database:
      http://bugs.mysql.com/bug.php?id=62743

      Could you clarify the discussion that followed in the above bug report,if it is a bug or not?
      And Hence is the current behaviour of the client library correct?

      Attachments

        Activity

          Ascending order - Click to sort in descending order
          Sudhindra Bhat Sudhindra Bhat created issue -
          Sudhindra Bhat Sudhindra Bhat made changes -
          Field Original Value New Value
          Description mysql_ssl_set(mysql, NULL,NULL,NULL, NULL, NULL);
          or
          mysql_ssl_set(mysql, NULL,NULL,"some_invalid_value", NULL, NULL);
          followed by,
          mysql_real_connect(mysql, host, user, passwd, db, port, unix_socket, clientflag);

          The following code successfully establishes MySql connection for a user with "REQUIRE SSL" using MariaDB API where as Oracle API returns error 2026 if the ca field is NULL or if the ca-certificate is invalid as shown in the code above.

          I have found the following bug report in MySql bug database:
          http://bugs.mysql.com/bug.php?id=62743

          Could you clarify the discussion that followed in the above bug report,if it is a bug or not?
          And Hence is the current behaviour of the client library correct?
          		 mysql_ssl_set(mysql, NULL,NULL,NULL, NULL, NULL);
          or
          mysql_ssl_set(mysql, NULL,NULL,"some_invalid_value", NULL, NULL);
          followed by,
          mysql_real_connect(mysql, host, user, passwd, db, port, unix_socket, clientflag);

          The above mentioned code successfully establishes MySql connection for a user with "REQUIRE SSL" using MariaDB API where as Oracle API returns error 2026 if the ca field is NULL or if the ca-certificate is invalid as mentioned in the code above.

          I have found the following bug report in MySql bug database:
          http://bugs.mysql.com/bug.php?id=62743

          Could you clarify the discussion that followed in the above bug report,if it is a bug or not?
          And Hence is the current behaviour of the client library correct?
          georg Georg Richter added a comment -

          Fixed in rev. 85

          georg Georg Richter added a comment - Fixed in rev. 85
          georg Georg Richter made changes -
          Resolution Fixed [ 1 ]
          Status Open [ 1 ] Closed [ 6 ]
          Sudhindra Bhat Sudhindra Bhat added a comment -

          The issue is not completely fixed.

          mysql_ssl_set(MYSQL *mysql, const char *key, const char *cert, const char *ca, const char *capath, const char *cipher)

          1. For the parameter "ca" , even if we pass server-certificate or the client-certificate, the connection will be successful where as Oracle API returns an error if we do not pass a valid ca-certificate.
          2. If we pass an empty string to the parameters "key" and "cert" the connection is successful where as Oracle API returns an error if either of key or cert was an empty string.
          3. If we provide wrong path for "key" or "cert" connection will fail and return error 2026 but with ambiguous error message.It either returns "SSL connection error: No such file or directory" or "SSL connection error: system lib"

          Sudhindra Bhat Sudhindra Bhat added a comment - The issue is not completely fixed. mysql_ssl_set(MYSQL *mysql, const char *key, const char *cert, const char *ca, const char *capath, const char *cipher) 1. For the parameter "ca" , even if we pass server-certificate or the client-certificate, the connection will be successful where as Oracle API returns an error if we do not pass a valid ca-certificate. 2. If we pass an empty string to the parameters "key" and "cert" the connection is successful where as Oracle API returns an error if either of key or cert was an empty string. 3. If we provide wrong path for "key" or "cert" connection will fail and return error 2026 but with ambiguous error message.It either returns "SSL connection error: No such file or directory" or "SSL connection error: system lib"
          ratzpo Rasmus Johansson (Inactive) made changes -
          Workflow defaullt [ 29001 ] MariaDB connectors [ 54876 ]
          julien.fritsch Julien Fritsch made changes -
          Workflow MariaDB connectors [ 54876 ] MariaDB v4 [ 160929 ]

          People

            georg Georg Richter
            Sudhindra Bhat Sudhindra Bhat
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.