mariadb/mysql-test/main/require_secure_transport_on.opt at 2345407b8c29ab16d188eb15b78bff5f63632b7d - mirror/mariadb - May the force be without you: git.fucktheforce.de

mirror/mariadb

mirror of https://github.com/MariaDB/server.git synced 2025-01-16 12:02:42 +01:00

Dmitry Shulga a05b5dd505 MDEV-32123: require_secure_transport doesn't allow TCP connections

In case the option require_secure_transport is on the user can't
establish a secure ssl connection over TCP protocol. Inability to set up
a ssl session over TCP was caused by the fact that a type of client's
connection was checked before ssl handshake performed (ssl handshake
happens at the function acl_authenticate()). At that moment vio type has
the value VIO_TYPE_TCPIP for client connection that uses TCP transport.
In result, checking for allowable vio type for fails despite the fact
that SSL session being established. To fix the issue move checking of
vio type for allowable values inside the function
  parse_client_handshake_packet()
right after client's capabilities discovered that SSL is not requested
by the client.

2023-10-11 14:47:05 +07:00

1 line

32 B

Text

Raw Blame History

--require-secure-transport=TRUE