Bug #84849 | Extend MySQL handshake to allow TLS with SNI and virtual servers | ||
---|---|---|---|
Submitted: | 6 Feb 2017 21:01 | Modified: | 20 Jul 2023 6:09 |
Reporter: | Daniël van Eeden (OCA) | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: C API (client library) | Severity: | S4 (Feature request) |
Version: | 8.0 | OS: | Any |
Assigned to: | CPU Architecture: | Any | |
Tags: | SNI, SSL, tls |
[6 Feb 2017 21:01]
Daniël van Eeden
[30 Mar 2017 14:51]
Daniël van Eeden
SNI would fix this for connections which use TLS, but non-TLS connections also need some early indication about to which host the connection should go.
[31 Mar 2017 11:00]
Simon Mudd
Also applicable on the MySQL X protocol level
[6 Apr 2017 11:25]
Daniël van Eeden
Related: Bug #82872 Add TLS SNI support to the client. (contribution)
[2 May 2018 13:29]
Georgi Kodinov
Duplicate bug #90704.
[23 Aug 2021 13:20]
Georgi Kodinov
See also the related Bug#104649
[20 Jul 2023 6:09]
Daniël van Eeden
From https://dev.mysql.com/doc/relnotes/mysql/8.1/en/news-8-1-0.html "MySQL now implements client-side Server Name Indication (SNI), which is an extension to the TLS protocol. Client applications can pass a server name to the libmysqlclient C API library with the new MYSQL_OPT_TLS_SNI_SERVERNAME option for mysql_options(). Similarly, each MySQL client program now includes a --tls-sni-servername command option to pass in a name. The new Tls_sni_server_name server status variable indicates the name if one is set for the session. Our thanks to Meta for the contribution. (Bug #33176362, WL #14839)"