All

Preparatory work is done to handle the configuration details. The next step is to discuss the way the MySQL backend protocol interfaces to database servers so as to allow for requesting a SSL connection.

johan.wikman martin brampton Is this task going to be complete in current sprint ?

Thanks,
Dipti

That is the goal.

On a straghtforward setup, backend SSL is working correctly. Tests on different configurations are to be done, and some code tidying. Certainly, the hope is that it will be complete for the next major release, as planned.

This could be facing delays. The SSL to backend database processing works fine for small amounts of data (up to 10K or maybe more) but frequently hangs on larger requests. Resolving this is likely to require deeper investigation into the workings of OpenSSL and epoll processing of non-blocking socket I/O. That could be time consuming.

Unfortunately, a check on the released client side SSL shows that it too fails on large data sends (test used a table dump about 0.5 MB in size, 10,000 rows). Many applications will run without ever sending very long queries, but if they do, the connection will hang. This demonstrates that the problem is to do with SSL implementation generally, rather than the logic of the MySQL protocols, mysql_client.c and mysql_backend.c. The previous comment is therefore confirmed, at least until we know more.

I am hopeful that the problems are now resolved.

The code has passed tests, and the specific faults referred to above are resolved. The code is merged into the develop branch. Work is needed to amend the documentation to describe back end SSL.

Documentation has been completed.