[#MDEV-17940] Documentation does not indicate that X509 and SSL are exclusive options

tls_option:

SSL

  | X509

  | CIPHER 'cipher'

  | ISSUER 'issuer'

  | SUBJECT 'subject'

which suggests that any of them can be used as elements of a list. In practice, if X509 or SSL is used, it has to be the only option:

MariaDB [test]> CREATE USER x1 REQUIRE X509 AND ISSUER 'i';

ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'AND ISSUER 'i'' at line 1

MariaDB [test]> CREATE USER x2 REQUIRE X509 AND ISSUER 'i';

ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'AND ISSUER 'i'' at line 1

MariaDB [test]> CREATE USER x2 REQUIRE ISSUER 'i' AND SSL;

ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'SSL' at line 1

Same is true for upstream 5.7 (manual vs server).
If the limitation is intentional, it should be documented accordingly.

Also, I don't know if it's obvious to users or not, but every other option can only be used once.

[MDEV-17940] Documentation does not indicate that X509 and SSL are exclusive options Created: 2018-12-08 Updated: 2018-12-27 Resolved: 2018-12-27
Status:	Closed
Project:	MariaDB Server
Component/s:	Authentication and Privilege System, Documentation
Affects Version/s:	N/A
Fix Version/s:	N/A

[MDEV-17940] Documentation does not indicate that X509 and SSL are exclusive options Created: 2018-12-08 Updated: 2018-12-27 Resolved: 2018-12-27