Uploaded image for project: 'MariaDB Connector/J'
  1. MariaDB Connector/J
  2. CONJ-1311

Connection.cancelCurrentQuery fails with SslMode.VERIFY_FULL when client.getSocketIp != null

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • 3.5.8
    • None
    • SSL
    • None

    Description

      We updated from 3.5.7 to 3.5.8 and ran into SSL hostname verification problems, presumably exposed by the fix for CONJ-1303.

      In 3.5.8 `Statement.cancel` unconditionally calls `Connection.cancelCurrentQuery` which uses the socket IP address of the current client if it is available and otherwise reuses the current connection configuration. When IP is available and that configuration specifies `SslMode.VERIFY_FULL,` the new connection will fail, since IP addresses are not covered by most SSL certificates where the expectation is connections are established via DNS.

      Attachments

        Activity

          People

            diego dupin Diego Dupin
            jgulotta Jacob Gulotta
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.