[Enterprise-support] [Bug 1501089] [NEW] Please add support for for TLSv1.1 and TLSv1.2

Sveta Smirnova Tue, 29 Sep 2015 15:39:02 -0700

Public bug reported:

Originally reported at https://bugs.mysql.com/bug.php?id=75239


Currently MySQL only supports TLSv1 protocol and does not support
TLSv1.1 and TLSv1.2 which are recommended to use. There is upstream bug
with patch provided.

Please implement this patch for Percona Server with small difference:
use TLS_method instead of deprecated SSLv23_method
(https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_new.html)

diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
index 4ca8c74..35edd33 100644
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -193,8 +193,8 @@ new_VioSSLFd(const char *key_file, const char *cert_file,
     DBUG_RETURN(0);
 
   if (!(ssl_fd->ssl_context= SSL_CTX_new(is_client ?
-                                         TLSv1_client_method() :
-                                         TLSv1_server_method())))
+                                         TLS_client_method() :
+                                         TLS_server_method())))
   {
     *error= SSL_INITERR_MEMFAIL;
     DBUG_PRINT("error", ("%s", sslGetErrString(*error)));
-- 
2.1.0

** Affects: mysql-server
     Importance: Unknown
         Status: Unknown

** Affects: percona-server
     Importance: Undecided
         Status: Confirmed

** Affects: percona-server/5.5
     Importance: Undecided
         Status: Confirmed

** Affects: percona-server/5.6
     Importance: Undecided
         Status: Confirmed

** Affects: percona-server/5.7
     Importance: Undecided
         Status: Confirmed


** Tags: i59961

** Also affects: percona-server/5.7
   Importance: Undecided
       Status: New

** Also affects: percona-server/5.5
   Importance: Undecided
       Status: New

** Also affects: percona-server/5.6
   Importance: Undecided
       Status: Confirmed

** Bug watch added: MySQL Bug System #75239
   http://bugs.mysql.com/bug.php?id=75239

** Also affects: mysql-server via
   http://bugs.mysql.com/bug.php?id=75239
   Importance: Unknown
       Status: Unknown

** Changed in: percona-server/5.5
       Status: New => Confirmed

** Changed in: percona-server/5.7
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to MySQL.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1501089

Title:
  Please add support for for TLSv1.1 and TLSv1.2

To manage notifications about this bug go to:
https://bugs.launchpad.net/mysql-server/+bug/1501089/+subscriptions

-- 
Mailing list: https://launchpad.net/~enterprise-support
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~enterprise-support
More help   : https://help.launchpad.net/ListHelp

[Enterprise-support] [Bug 1501089] [NEW] Please add support for for TLSv1.1 and TLSv1.2

Reply via email to