[#MDEV-14027] Mysql command line client and tools: add support for Connector/C's new TLS/SSL options

[MDEV-14027] Mysql command line client and tools: add support for Connector/C's new TLS/SSL options Created: 2017-10-09 Updated: 2022-04-25
Status:	Stalled
Project:	MariaDB Server
Component/s:	Scripts & Clients, SSL
Fix Version/s:	None

Type:

Task

Priority:

Minor

Reporter:

Georg Richter

Assignee:

Georg Richter

Resolution:

Unresolved

Votes:

Labels:

beginner-friendly

Attachments:

MDEV_14027.patch

Sprint:

10.3.3-1

Description

Add support for Connector/C's TLS/SSL options in mysql command line tools:

--ssl_fp verify server certificate against SHA1 finger print (implies --ssl).
--ssl_fp_list verify server certificate against one or more SHA1 finger prints which are stored in the specified file (implies --ssl).
--ssl_passphrase Specifies a passphrase for the passphrase protected client certificate

Example:
mysql -uuser --ssl --ssl-fp="64:37:78:F9:51:B1:1E:89:73:1F:14:3C:1D:72:16:80:B4:3D:70:80"

Comments

Comment by Sergei Golubchik [ 2017-10-09 ]

How one is supposed to use them? Like

$ mysql --ssl-verify-fp="00:11:22:...."

If yes, then better call it --ssl-fp, without verify. Other options are also called --ssl-ca, --ssl-crl, etc.

Comment by Georg Richter [ 2018-11-30 ]

Serg, agreed - Description changed.

Comment by Ralf Gebhardt [ 2019-09-25 ]

serg and sanja, I have removed fixVersion 10.4. I can see commits, but is this something to be reviewed?

Generated at Thu Feb 08 08:10:20 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-14027] Mysql command line client and tools: add support for Connector/C's new TLS/SSL options Created: 2017-10-09 Updated: 2022-04-25