MDEV-6975 Implement TLS protocol

change SSL methods to be SSLv23 (according to openssl manpage: "A TLS/SSL connection established with these methods may understand the SSLv2, SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols") from TLSv1 methods, that go back to the initial SSL implementation in MySQL in 2001. OpenSSL default ciphers are different if TLSv1.2 is enabled, so tests need to take this into account.
author: Sergei Golubchik <sergii@pisem.net> 2014-11-18 17:57:06 +0100
committer: Sergei Golubchik <sergii@pisem.net> 2014-11-18 17:57:06 +0100
commit: cb8f837a3d0d16bdbfc9c545d32527ad28b0d841 (patch)
tree: 30fd5447e10cd587a0ff68c6e083c943f61b1e7b /vio
parent: 386e2e52f63971d3c1f33fb6b90715549d81ed1e (diff)
download: mariadb-git-cb8f837a3d0d16bdbfc9c545d32527ad28b0d841.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
index 3fde307e4dd..c64bba338a4 100644
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -190,8 +190,8 @@ new_VioSSLFd(const char *key_file, const char *cert_file,
     DBUG_RETURN(0);
 
   if (!(ssl_fd->ssl_context= SSL_CTX_new(is_client_method ? 
-                                         TLSv1_client_method() :
-                                         TLSv1_server_method())))
+                                         SSLv23_client_method() :
+                                         SSLv23_server_method())))
   {
     *error= SSL_INITERR_MEMFAIL;
     DBUG_PRINT("error", ("%s", sslGetErrString(*error)));
author	Sergei Golubchik <sergii@pisem.net>	2014-11-18 17:57:06 +0100
committer	Sergei Golubchik <sergii@pisem.net>	2014-11-18 17:57:06 +0100
commit	cb8f837a3d0d16bdbfc9c545d32527ad28b0d841 (patch)
tree	30fd5447e10cd587a0ff68c6e083c943f61b1e7b /vio
parent	386e2e52f63971d3c1f33fb6b90715549d81ed1e (diff)
download	mariadb-git-cb8f837a3d0d16bdbfc9c545d32527ad28b0d841.tar.gz