Bug #90704 Support customizing the SNI field in the TLS ClientHello message
Submitted: 30 Apr 2018 18:49 Modified: 2 May 2018 13:28
Reporter: Jason Rahman Email Updates:
Status: Duplicate Impact on me:
Category:MySQL Server: C API (client library) Severity:S4 (Feature request)
Version: OS:Any
Assigned to: CPU Architecture:Any

[30 Apr 2018 18:49] Jason Rahman
The C API does not support setting the TLS SNI (Server Name Indicator) field in the ClientHello packet sent during the TLS handshake.

How to repeat:
Documentation does not show an API for doing this today.

Suggested fix:
Allow specifying the Server Name Indicator field when performing an SSL handshake. MySQL or proxies can leverage this information when performing admission control to avoid performing the SSL handshake for usernames/databases that are above the connection limit. This allows the connection to be terminated before the SSL handshake is performed, which is the most expensive portion of the connection establishment process.
[2 May 2018 13:28] Georgi Kodinov
Please do not submit the same bug more than once. An existing bug report already describes this very problem. Even if you feel that your issue is somewhat different, the resolution is likely
to be the same. Because of this, we hope you add your comments to the original bug instead.

Thank you for your interest in MySQL.

See Bug #84849.