[#CONJ-1023] Connector/J doesn't set SSL cap bit in Handshake Response Packet

[CONJ-1023] Connector/J doesn't set SSL cap bit in Handshake Response Packet Created: 2022-11-14 Updated: 2023-01-11 Resolved: 2022-12-22
Status:	Closed
Project:	MariaDB Connector/J
Component/s:	SSL
Affects Version/s:	2.7.6, 3.0.9
Fix Version/s:	2.7.8, 3.0.10, 3.1.1

Type:

Bug

Priority:

Minor

Reporter:

Xiang Zhang

Assignee:

Diego Dupin

Resolution:

Fixed

Votes:

Labels:

None

Description

https://dev.mysql.com/doc/dev/mysql-server/latest/page_protocol_connection_phase.html#sect_protocol_connection_phase_initial_handshake_ssl_handshake

When using MariaDB Connector/J to establish TLS connection to servers, we find that MariaDB Connector/J is only set SSL cap bit in SSL Connection Request Packet, not in Handshake Response Packet. While MySQL Connector/J set it in both.

For example, when we are using MariaDB Connector/J 2.7.6, setting arguments `useSSL` and `serverSslCert`, the cap bytes are 1747586 in SSL Request Packet, 1745538 in Handshake Response Packet, which only differs in the SSL bit. And MySQL Connector/J are both 1747471 in two packets.

Comments

Comment by Diego Dupin [ 2022-11-21 ]

Right, this would make sense to add that in Handshake Response Packet.

This is not required, since this ssl flag is mostly to set initial SSL exchanges, and socket is at that point already using SSL, but it would be more coherent.

Generated at Thu Feb 08 03:20:03 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[CONJ-1023] Connector/J doesn't set SSL cap bit in Handshake Response Packet Created: 2022-11-14 Updated: 2023-01-11 Resolved: 2022-12-22