MDEV-35580 Server using WolfSSL shows different name than OpenSSL for some ciphers

vuvova · vuvova · commit 0d20ed9eae8b · 2025-07-17T09:18:17.000+02:00
emulate OpenSSL behavior in WolfSSL:
* use IANA cipher names (TLS_ prefix, underscore) for TLSv1.3
  e.g. TLS_AES_256_GCM_SHA384
* use OpenSSL names (no previx, dash) otherwise
  e.g. AES256-GCM-SHA384
diff --git a/include/ssl_compat.h b/include/ssl_compat.h
@@ -55,6 +55,8 @@
 #ifdef HAVE_WOLFSSL
 #undef ERR_remove_state
 #define ERR_remove_state(x) do {} while(0)
+#undef SSL_get_cipher
+#define SSL_get_cipher(ssl) (SSL_version(ssl) == TLS1_3_VERSION ? wolfSSL_get_cipher(ssl) : wolfSSL_get_cipher_name(ssl))
 #elif defined (HAVE_ERR_remove_thread_state)
 #define ERR_remove_state(X) ERR_remove_thread_state(NULL)
 #endif /* HAVE_ERR_remove_thread_state */
diff --git a/mysql-test/main/ssl_cipher_tlsv13.result b/mysql-test/main/ssl_cipher_tlsv13.result
@@ -0,0 +1,11 @@
+#
+# MDEV-35580 Server using WolfSSL shows different name than OpenSSL for some ciphers
+#
+connect c,localhost,root,,,,,SSL;
+show status like 'ssl_cipher';
+Variable_name	Value
+Ssl_cipher	TLS_AES_256_GCM_SHA384
+show status like 'ssl_version';
+Variable_name	Value
+Ssl_version	TLSv1.3
+# End of 10.11 tests
diff --git a/mysql-test/main/ssl_cipher_tlsv13.test b/mysql-test/main/ssl_cipher_tlsv13.test
@@ -0,0 +1,11 @@
+--source include/have_ssl_communication.inc
+--source include/have_tlsv13.inc
+--echo #
+--echo # MDEV-35580 Server using WolfSSL shows different name than OpenSSL for some ciphers
+--echo #
+connect c,localhost,root,,,,,SSL;
+
+show status like 'ssl_cipher';
+show status like 'ssl_version';
+
+--echo # End of 10.11 tests
