Bug #79832 Documentation about SSL should use TLS instead of SSL
Submitted: 4 Jan 2016 12:33 Modified: 29 Jan 2016 14:29
Reporter: Daniël van Eeden (OCA) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Documentation Severity:S3 (Non-critical)
Version:5.5, 5.6, 5.7 OS:Any
Assigned to: Paul DuBois CPU Architecture:Any
Tags: SSL, tls

[4 Jan 2016 12:33] Daniël van Eeden 
Description:
https://dev.mysql.com/doc/refman/5.5/en/secure-connections.html 

"MySQL supports secure (encrypted) connections between clients and the server using the Secure Sockets Layer (SSL) protocol"

This is not true. MySQL 5.5, 5.6 and 5.7 do not support SSL, but TLS (commonly referred as SSL).

https://github.com/mysql/mysql-server/blob/5.5/vio/viosslfactories.c#L225
https://github.com/mysql/mysql-server/blob/5.6/vio/viosslfactories.c#L228
https://github.com/mysql/mysql-server/blob/5.7/vio/viosslfactories.c#L534

So both 5.5 and 5.6 use TLSv1_server_method() which only does TLSv1.0

MySQL 5.7 (since 5.7.10 iirc) uses SSLv23_server_method which can currently do SSLv2, SSLv3, TLSv1.0, TLSv1.1 and TLSv1.2 (TLSv1.2 only with OpenSSL, not with YaSSL). But as SSL_OP_NO_SSLv2 and SSL_OP_NO_SSLv3 are set it won't do SSLv2 or SSLv3.

How to repeat:
Compare docs and code

Suggested fix:
Mention Transport Layer Security and add a note about the difference between SSL and TLS and that SSL is actually not supported...
[4 Jan 2016 12:57] MySQL Verification Team 
Hello Daniël,

Thank you for the report.

Thanks,
Umesh
[29 Jan 2016 14:29] Paul DuBois 
Thank you for your bug report. This issue has been addressed in the documentation. The updated documentation will appear on our website shortly.