[#MDEV-32123] require_secure_transport doesn't allow TCP connections

[MDEV-32123] require_secure_transport doesn't allow TCP connections Created: 2023-09-07 Updated: 2023-10-11 Resolved: 2023-10-11
Status:	Closed
Project:	MariaDB Server
Component/s:	SSL
Affects Version/s:	11.2
Fix Version/s:	11.2.2

Type:

Bug

Priority:

Critical

Reporter:

Sergei Golubchik

Assignee:

Dmitry Shulga

Resolution:

Fixed

Votes:

Labels:

None

Issue Links:

Problem/Incident
is caused by	~~MDEV-13362~~	implement –require_secure_transport o...	Closed
is caused by	~~MDEV-30178~~	Error message when 'require_secure_tr...	Closed

Description

require_secure_transport doesn't allow TCP connections anymore. This was broken in ~~MDEV-30178~~ that moved the check for SSL to be done before the SSL layering is done.

And that was possible to happen without breaking any tests, because there were no tests whether require_secure_transport allows SSL or not.

Comments

Comment by Sergei Golubchik [ 2023-09-07 ]

The commit, besides the fix itself, must include:

a test for --require-secure-transport=1 (yes, there is no test for that)
a test for SSL under require_secure_transport

Generated at Thu Feb 08 10:29:00 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-32123] require_secure_transport doesn't allow TCP connections Created: 2023-09-07 Updated: 2023-10-11 Resolved: 2023-10-11