[#MDEV-8939] [PATCH] Disable SSL capabilities for named pipes and shared memory

[MDEV-8939] [PATCH] Disable SSL capabilities for named pipes and shared memory Created: 2015-10-13 Updated: 2015-10-17
Status:	Open
Project:	MariaDB Server
Component/s:	SSL
Affects Version/s:	10.1
Fix Version/s:	10.1

Type:

Bug

Priority:

Minor

Reporter:

Georg Richter

Assignee:

Sergei Golubchik

Resolution:

Unresolved

Votes:

Labels:

None

Description

During handhake (greeting packet) server indicates via CLIENT_SSL capability flag that he supports SSL. On Windows this is correct for socket/tcp connections, but not for named pipe and shared memory:

C:\Program Files\MariaDB 10.1\bin>mysql -uroot --pipe --ssl

ERROR 2026 (HY000): SSL connection error: socket layer send error

Suggested fix:

--- a/sql/sql_acl.cc

+++ b/sql/sql_acl.cc

@@ -11249,7 +11249,9 @@ static bool send_server_handshake_packet(MPVIO_EXT *mpvio,

   thd->client_capabilities|= CAN_CLIENT_COMPRESS;

-  if (ssl_acceptor_fd)

+  if (thd->active_vio->type != VIO_TYPE_NAMEDPIPE &&

+      thd->active_vio->type != VIO_TYPE_SHARED_MEMORY &&

+      ssl_acceptor_fd)

     thd->client_capabilities |= CLIENT_SSL;

     thd->client_capabilities |= CLIENT_SSL_VERIFY_SERVER_CERT;

Generated at Thu Feb 08 07:30:55 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-8939] [PATCH] Disable SSL capabilities for named pipes and shared memory Created: 2015-10-13 Updated: 2015-10-17