[CONC-394] Some TLS-related options are not settable in my.cnf Created: 2019-03-21  Updated: 2020-08-25  Resolved: 2019-04-06

Status: Closed
Project: MariaDB Connector/C
Component/s: None
Affects Version/s: 3.0.8
Fix Version/s: 3.1.1

Type: Bug Priority: Major
Reporter: Geoff Montee (Inactive) Assignee: Georg Richter
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Blocks
blocks MDEV-19035 Make MariaDB Connector/C handle my.cn... Open
Relates
relates to CONC-327 !include/!includedir not parsed in my... Closed
relates to CONC-395 Dashes and underscores are not interc... Closed
relates to CONC-396 !includedir in my.cnf does not includ... Open
relates to CONC-402 Replace underscores with dashes in co... Closed
relates to ODBC-229 Add parameters that correspond to MYS... Closed
relates to CONC-415 Option prefixes not supported in my.cnf Open
relates to CONC-416 On Windows, C/C looks for first my.cn... Closed

 Description   

If we look at the mariadb_defaults[] array that's used to parse options from my.cnf or other option/configuration files, it looks like some TLS-related options are not settable in these files.

For example, here's the array in 3.0:

https://github.com/MariaDB/mariadb-connector-c/blob/68d05007bbf0dd9ef725bddf312fbb72ed0c7d52/libmariadb/mariadb_lib.c#L608

And here's the array in 3.1:

https://github.com/MariaDB/mariadb-connector-c/blob/af47d1beab92970f1d79824e29e4c36f89400584/libmariadb/mariadb_lib.c#L606

Some options that are not listed are:

  • MYSQL_OPT_SSL_CRL
  • MYSQL_OPT_SSL_CRLPATH
  • MYSQL_OPT_SSL_ENFORCE
  • MARIADB_OPT_TLS_CIPHER_STRENGTH
  • MARIADB_OPT_TLS_PEER_FP
  • MARIADB_OPT_TLS_PEER_FP_LIST

Does it make sense to add some or all of these to the mariadb_defaults[] array?
Generated at Thu Feb 08 03:05:00 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.