mirror of
https://github.com/MariaDB/server.git
synced 2025-01-27 17:33:44 +01:00
28fabc86db
Currently, if a user wants to require TLS for every connection made over the network, then every user account on the system needs to be created with "REQUIRE SSL" or one of the other TLS options. Implementing a require_secure_transport system varuable (which, in particular, can be set using the --require_secure_transport=ON command line option) in the MariaDB Server would make it a lot easier to require TLS (or other secure transport) system-wide. This patch implements this new system variable, adds the ability to set it with SQL statements, from the command line and from the configuration file, and also contains improvements for mtr that allow the user to establish non-secure TCP/IP connections (for example, to verify the operation of the new option).
8 lines
264 B
Text
8 lines
264 B
Text
CREATE TABLE t1 (t int(1));
|
|
SET GLOBAL require_secure_transport=ON;
|
|
ERROR 28000: Access denied for user 'root'@'localhost' (using password: NO)
|
|
connection default;
|
|
SET GLOBAL require_secure_transport=OFF;
|
|
disconnect without_ssl;
|
|
connection default;
|
|
DROP TABLE t1;
|