[#CONC-375] SSL handshake fails (no cipher match)

[CONC-375] SSL handshake fails (no cipher match) Created: 2018-11-27 Updated: 2018-12-01 Resolved: 2018-12-01
Status:	Closed
Project:	MariaDB Connector/C
Component/s:	None
Affects Version/s:	3.0.7, 3.1.0
Fix Version/s:	3.0.8, 3.1.0

Type:

Bug

Priority:

Major

Reporter:

Georg Richter

Assignee:

Georg Richter

Resolution:

Fixed

Votes:

Labels:

None

Description

When establishing a secure connection (both client and server running with OpenSSL v1.1.1) the handshake fails if we pass a cipher suite mix of TLSv1.3 and non TLSv1.3 cipher suites.

According to the OpenSSL documentation TLSv1.3 cipher suites differ from < TLSv1.3 cipher suites and need to be set via SSL_CTX_set_ciphersuites API call. Since OpenSSL currently supports only 3 cipher suites by default, mysql_ssl_set and MYSQL_OPT_SSL_CIPHER (or --ssl_cipher command line option) should only support cipher suites from SSLv3 to TLSv1.2.

Generated at Thu Feb 08 03:04:52 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[CONC-375] SSL handshake fails (no cipher match) Created: 2018-11-27 Updated: 2018-12-01 Resolved: 2018-12-01