[MDEV-18531] Use WolfSSL instead of YaSSL as "bundled" SSL Created: 2019-02-11 Updated: 2021-01-02 Resolved: 2019-05-22 |
|
| Status: | Closed |
| Project: | MariaDB Server |
| Component/s: | Compiling, SSL |
| Fix Version/s: | 10.4.6 |
| Type: | Task | Priority: | Major |
| Reporter: | Vladislav Vaintroub | Assignee: | Vladislav Vaintroub |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Issue Links: |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description |
|
YaSSL is out of support for several years. Newest TLS (e.g 1.2) does not work with it |
| Comments |
| Comment by Vladislav Vaintroub [ 2019-02-14 ] |
|
the patches are in https://github.com/MariaDB/server/tree/bb-10.4-wlad-wolfssl |
| Comment by Otto Kekäläinen [ 2020-09-30 ] |
|
In Ubuntu 20.04 we have MariaDB 10.3 and it does not have any functional TLS since Ubuntu 20.04 mandates TLSv1.2 at minimum, and the bundled YaSSL/WolfSSL only supports up to TLSv.1.1: https://bugs.launchpad.net/ubuntu/+source/mariadb-10.3/+bug/1885632 Should I backport https://github.com/mariadb/server/commit/5e4b657dd44dce601c91bc77a41f6e382bc32000 to MariaDB 10.3 in Ubuntu? |
| Comment by Vladislav Vaintroub [ 2020-09-30 ] |
|
otto, This question is best asked on mailing list. As far as I understand, this would be a break of policy , no new features in old releases. |
| Comment by Otto Kekäläinen [ 2020-10-27 ] |
|
I marked https://bugs.launchpad.net/ubuntu/+source/mariadb-10.3/+bug/1885632 "won't fix" now, as I don't have the bandwidth to do all the communication required to coordinate such an upload to Ubuntu stable updates. |