From bbc2e37fe4e0ca3a7cfa1437a763dc43829e98e2 Mon Sep 17 00:00:00 2001 From: Arun Kuruvila Date: Mon, 14 May 2018 11:28:13 +0530 Subject: Bug#27759871: BACKRONYM ISSUE IS STILL IN MYSQL 5.7 Description:- Client applications establishes connection to server, which does not support SSL, via TCP even when SSL is enforced via MYSQL_OPT_SSL_MODE or MYSQL_OPT_SSL_ENFORCE or MYSQL_OPT_SSL_VERIFY_SERVER_CERT. Analysis:- There exist no error handling for catching client applications which enforces SSL connection to connect to a server which does not support SSL. Fix:- Error handling is done to catch above mentioned scenarios. --- include/sql_common.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'include/sql_common.h') diff --git a/include/sql_common.h b/include/sql_common.h index 45e90d438fb..9571dff9778 100644 --- a/include/sql_common.h +++ b/include/sql_common.h @@ -1,7 +1,7 @@ #ifndef SQL_COMMON_INCLUDED #define SQL_COMMON_INCLUDED -/* Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved. +/* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -96,6 +96,9 @@ void set_stmt_error(MYSQL_STMT *stmt, int errcode, const char *sqlstate, void set_mysql_error(MYSQL *mysql, int errcode, const char *sqlstate); void set_mysql_extended_error(MYSQL *mysql, int errcode, const char *sqlstate, const char *format, ...); +#ifdef EMBEDDED_LIBRARY +int embedded_ssl_check(MYSQL *mysql); +#endif /* client side of the pluggable authentication */ struct st_plugin_vio_info; -- cgit v1.2.1