[MDEV-29811] server advertises ssl even if it's unusable - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Affects Version/s: 10.5, 10.6, 10.3(EOL), 10.4(EOL), 10.7(EOL), 10.8(EOL), 10.9(EOL), 10.10(EOL)
Fix Version/s: 10.3.37, 10.4.27, 10.5.18, 10.6.11, 10.7.7, 10.8.6, 10.9.4, 10.10.2, 10.11.1
Component/s: Server, SSL
Labels:
None

Description

if the server is started with --ssl but without properly configured certificates, it will advertise the ssl support in the handshake, but will not actually be able to use it. so a client with --ssl will fail to connect with the ssl error (e.g. "sslv3 alert handshake failure" in OpenSSL).

I think the server should not start if it was requested to use ssl, but it cannot actually do it.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

config-file.cnf
1 kB
2023-01-19 17:27
docker-compose.yml
0.6 kB
2023-01-19 17:28

Issue Links

causes

MDEV-30270 ssl_cipher on Non-SSL system results in confusing SSL error

Open

MDEV-30818 invalid ssl prevents bootstrap

Closed

Activity

People

Assignee:: Vladislav Vaintroub

Reporter:: Sergei Golubchik

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 2022-10-17 12:53

Updated:: 2024-08-19 15:38

Resolved:: 2022-10-25 11:40

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.