Bug #8777 | MySQL 4.1.10 with OpenSSL 0.9.7e GRANT..REQUIRE..ISSUER..AND..SUBJECT problem | ||
---|---|---|---|
Submitted: | 24 Feb 2005 12:32 | Modified: | 4 Jul 2007 10:20 |
Reporter: | Paul Doctor | Email Updates: | |
Status: | Can't repeat | Impact on me: | |
Category: | MySQL Server | Severity: | S2 (Serious) |
Version: | 4.1.14 | OS: | Any (Any) |
Assigned to: | Sergei Glukhov | CPU Architecture: | Any |
[24 Feb 2005 12:32]
Paul Doctor
[26 Jul 2005 2:15]
Lachlan Mulcahy
Verified this bug. It appears that as long as the x509 ISSUER _or_ SUBJECT matches one of the REQUIREd criteria the user is allowed to connect. The CIPHER required is always enforced. (ie. it is ANDed).
[1 Dec 2005 6:13]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/internals/32890
[4 Jul 2007 10:20]
Sveta Smirnova
Bug is not repeatable with current sources.