Bug #87121 | Unable to connect to a MySQL server using TLSv1.2 | ||
---|---|---|---|
Submitted: | 19 Jul 2017 14:42 | Modified: | 3 May 2018 22:25 |
Reporter: | Paulo Jesus | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | Connector / Python | Severity: | S2 (Serious) |
Version: | 2.1.5 | OS: | Any |
Assigned to: | CPU Architecture: | Any |
[19 Jul 2017 14:42]
Paulo Jesus
[19 Jul 2017 14:58]
Paulo Jesus
Posted by developer: Additional information: ssl_version=ssl.PROTOCOL_TLSv1 is being used in mysql.connector.network. The ssl_version might need to use a different value, avoid the use of a version specific SSL/TLS version (e.g., ssl.PROTOCOL_TLS for Python 2.7.13+) or use the version according to the one supported by the server.
[22 Nov 2017 14:35]
Luis Delgado
We have the same problem here. In our case we are using sqlachemy to create a connection with a MySQL database. The connection is done using the mysqlconnector and we want to use TLSv1.1. As in the example by Paulo, if the server allows TLS1 then it works but when limitng the server to TLS1.1 we get the following error: "Lost connection to MySQL server, system error: 1 [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:748)" Allow the connector to use the TLS defined by the server. Thanks
[30 Jan 2018 23:15]
Jesper wisborg Krogh
Posted by developer: Two workarounds: * Use the C Extension (use_pure = False) * Change the define symbol to ssl.PROTOCOL_TLSv1_2 From Connector/Python 2.1.7 on Oracle Linux 7: shell$ diff lib/mysql/connector/network.py \ /usr/lib/python2.7/site-packages/mysql/connector/network.py 420c420 < ssl_version=ssl.PROTOCOL_TLSv1, ciphers=cipher) --- > ssl_version=ssl.PROTOCOL_TLSv1_2, ciphers=cipher)
[16 Feb 2018 10:17]
MySQL Verification Team
Bug #89687 marked as duplicate of this one
[16 Feb 2018 10:20]
MySQL Verification Team
Bug #86828 marked as duplicate of this one
[3 May 2018 22:25]
Philip Olson
Posted by developer: Fixed as of the upcoming MySQL Connector/Python 2.1.8 release, and here's the changelog entry: Connecting to a MySQL server configured to use TLS versions other than TLSv1, such as as TLSv1.1 and TLSv1.2), was not possible and failed with a "[SSL: WRONG_VERSION_NUMBER] wrong version number" error. This is because the connector restricted the connection to use TLSv1. In addition, tsl_version support was added. Thank you for the bug report.
[22 Mar 2021 12:32]
MySQL Verification Team
Bug #102640 marked as duplicate of this one.