Uploaded image for project: 'Percona Server for MySQL'
  1. Percona Server for MySQL
  2. PS-926

LP #1501089: Please add support for for TLSv1.1 and TLSv1.2

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Done
    • Priority: High
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None

      Description

      **Reported in Launchpad by Sveta Smirnova last update 30-06-2016 07:19:46

      Originally reported at https://bugs.mysql.com/bug.php?id=75239

      Currently MySQL only supports TLSv1 protocol and does not support TLSv1.1 and TLSv1.2 which are recommended to use. There is upstream bug with patch provided.

      Please implement this patch for Percona Server with small difference: use TLS_method instead of deprecated SSLv23_method (https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_new.html)

      diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
      index 4ca8c74..35edd33 100644
      — a/vio/viosslfactories.c
      +++ b/vio/viosslfactories.c
      @@ -193,8 +193,8 @@ new_VioSSLFd(const char *key_file, const char *cert_file,
      DBUG_RETURN(0);

      if (!(ssl_fd->ssl_context= SSL_CTX_new(is_client ?

      • TLSv1_client_method() :
      • TLSv1_server_method())))
        + TLS_client_method() :
        + TLS_server_method())))
        {
        *error= SSL_INITERR_MEMFAIL;
        DBUG_PRINT("error", ("%s", sslGetErrString(*error)));

        • 2.1.0

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            lpjirasync lpjirasync (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Smart Checklist