MySQL Bugs: #116520: TLS SNI Support

Bug #116520	TLS SNI Support
Submitted:	31 Oct 2024 22:00	Modified:	1 Nov 2024 5:37
Reporter:	Máté Gelencsér	Email Updates:
Status:	Verified	Impact on me:	None
Category:	MySQL Server: C API (client library)	Severity:	S4 (Feature request)
Version:	9.1.0	OS:	Any
Assigned to:		CPU Architecture:	Any

View
Add Comment
Files
Developer
Edit Submission
View Progress Log
Contributions

Description:
The SNI support was added here https://bugs.mysql.com/bug.php?id=84849
This sends the SNI after the server (first) started the handshake.
The issue is that tcp/tls proxies that try to route based on the SNI value to serve multiple mysql servers under one port, is not possible, since the protocol is designed to be server-first.

How to repeat:
-

Suggested fix:
A protocol update where there would be an option so that after the tcp connection is established the client would send the SNI, meaning the proxies could route based on that (and maybe a signature to let the proxy know that this is a mysql protocol).

Hello Máté Gelencsér,

Thank you for the feature request!

regards,
Umesh