[CONC-260] Connection through SSL always gives error on one failed attempt Created: 2017-06-09 Updated: 2017-07-05 Resolved: 2017-07-05 |
|
| Status: | Closed |
| Project: | MariaDB Connector/C |
| Component/s: | None |
| Affects Version/s: | 2.3.3 |
| Fix Version/s: | N/A |
| Type: | Bug | Priority: | Blocker |
| Reporter: | Sibin | Assignee: | Georg Richter |
| Resolution: | Won't Fix | Votes: | 0 |
| Labels: | None | ||
| Environment: |
OS: Windows 7 |
||
| Issue Links: |
|
||||||||
| Description |
|
Below are the steps to reproduce the issue, 1. Connect to a server through SSL (Self-signed certificates in my case) without any Cipher. 2. Connect to an Azure MySQL instance 3. Connecting to the Azure server with SSL gives 'Error No. 2026 Unknown SSL error' 4. Entering a random string as Cipher to the Azure instance connection gives the error 'Error No. 2026 SSL connection error: no cipher match' 5. Now connecting to a normal MySQL server with SSL (self-signed certificate) gives the error 'Error No. 2026 SSL connection error: no cipher match' though earlier it used to connect fine without Cipher. 6. On entering a valid Cipher for the normal MySQL server like 'DHE-RSA-AES256-SHA', the connection works fine. |
| Comments |
| Comment by Georg Richter [ 2017-06-10 ] |
|
Hi, thank you for your bug report. Could you please provide some more information:
Thanks! |
| Comment by Georg Richter [ 2017-07-05 ] |
|
Microsoft Azure's MySQL servers are configured with yassl library, which doesn't support TLS v.1.2 protocol. Yassl isn't able to negotiate the protocol version according to RFC 4346 and RFC 5246 and just drops the connection. We fixed this behavior in MariaDB 10.2 server already. MariaDB Connector/C uses OpenSSL which by default offers TLS v.1.2 - as a workaround you can set the protocol version by using mysql_options(mysql, MARIADB_CONNECTION_TLS_VERSION, "TLS1.0") (available in Connector/C 3.0 only). |