[MDEV-14101] Provide option to select TLS protocol version - Jira

XML

Word

Printable

Details

Type: Task
Status: Closed (View Workflow)
Priority: Blocker
Resolution: Fixed
Fix Version/s: 10.4.6
Component/s: SSL
Labels:
None

Description

Currently it's not possible to run MariaDB with a specific TLS protocol, option --ssl_cipher=:TLSv1.2 excludes cipher suites < TLSv1.2, but doesn't set the protocol to TLSv1.2 only.

Suggestion:

--tls-version=versions

Valid values are TLSv1, TLSv1.1, TLSv1.2, TLSv1.3 (OpenSSL only) or a combination (separated by comma) of them.
If not specified default=TLSv1,TLSv1.1,TLSv1.2, TLSv1.3 will be used for OpenSSL, TLSv1,TLSv1.1 for Yassl.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

MDEV_14101_10_2.patch
21 kB
2018-11-30 15:30
MDEV-14101.patch
16 kB
2018-11-19 08:37
MDEV14101.patch_new
15 kB
2018-11-23 08:11

Issue Links

blocks

MDEV-15596 10.2 doesn't work with openssl 1.1.1

Closed

MDEV-17184 main.ssl* and main.openssl* tests are failing with OpenSSL 1.1.1.

Closed

MDEV-19542 Disable SSLv3 and TLSv1.0 by default

Closed

relates to

MDEV-19475 Add support for OpenSSL configuration files

Closed

ODBC-228 Add parameter that corresponds to MARIADB_OPT_TLS_VERSION option from MariaDB Connector/C

Closed

CONC-403 Disable TLS v1.0

Open

MDEV-19847 Update mysqladmin man page

Closed

(2 relates to)

Activity

People

Assignee:: Georg Richter

Reporter:: Georg Richter

Votes:: 2 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 2017-10-22 06:22

Updated:: 2024-07-08 00:37

Resolved:: 2019-06-17 12:20

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.