Bug #104649 | Contribution: Add the TLS SNI extension when connecting over TLS to a serve ... | ||
---|---|---|---|
Submitted: | 17 Aug 2021 19:28 | Modified: | 18 Aug 2021 6:05 |
Reporter: | OCA Admin (OCA) | Email Updates: | |
Status: | Verified | Impact on me: | |
Category: | MySQL Server: Security: Encryption | Severity: | S3 (Non-critical) |
Version: | 8.0 | OS: | Any |
Assigned to: | CPU Architecture: | Any | |
Tags: | Contribution |
[17 Aug 2021 19:28]
OCA Admin
[17 Aug 2021 19:28]
OCA Admin
Contribution submitted via Github - Add the TLS SNI extension when connecting over TLS to a server (*) Contribution by Dirkjan Bussink (Github dbussink, mysql-server/pull/358#issuecomment-900431766): I confirm the code being submitted is offered under the terms of the OCA, and that I am authorized to contribute it.
Contribution: git_patch_708966545.txt (text/plain), 24.17 KiB.
[18 Aug 2021 6:05]
MySQL Verification Team
Hello Dirkjan Bussink, Thank you for the report and contribution. regards, Umesh
[24 Aug 2021 10:07]
Daniël van Eeden
Related: Bug #82872 Bug #84849
[27 Aug 2021 9:17]
Dirkjan Bussink
Thanks Daniël. Looks like I'm not the first one to add the SNI parts. Is there anything I can help with to make sure it does land this time around? Similarly for the CA default system roots, would love to help where needed to make this happen.
[20 Jul 2023 6:09]
Daniël van Eeden
From https://dev.mysql.com/doc/relnotes/mysql/8.1/en/news-8-1-0.html "MySQL now implements client-side Server Name Indication (SNI), which is an extension to the TLS protocol. Client applications can pass a server name to the libmysqlclient C API library with the new MYSQL_OPT_TLS_SNI_SERVERNAME option for mysql_options(). Similarly, each MySQL client program now includes a --tls-sni-servername command option to pass in a name. The new Tls_sni_server_name server status variable indicates the name if one is set for the session. Our thanks to Meta for the contribution. (Bug #33176362, WL #14839)"