Fix for CONC-375: SSL handshake fails

Since new TLSv1.3 cipher suites differ from older cipher suites they can't me mixed and need to be set by a different API call, we disable the settings for TLSv1.3 cipher suites.
mariadb-corporation · Nov 27, 2018 · 418e338 · 418e338
1 parent f06bcba
commit 418e338
Showing 1 changed file with 1 addition and 5 deletions.
diff --git a/libmariadb/secure/openssl.c b/libmariadb/secure/openssl.c
@@ -460,11 +460,7 @@ static int ma_tls_set_certs(MYSQL *mysql, SSL *ssl)
   if ((mysql->options.ssl_cipher &&
         mysql->options.ssl_cipher[0] != 0))
    {
-     if(
-#ifdef TLS1_3_VERSION
-      SSL_set_ciphersuites(ssl, mysql->options.ssl_cipher) == 0 &&
-#endif
-      SSL_set_cipher_list(ssl, mysql->options.ssl_cipher) == 0)
+     if(SSL_set_cipher_list(ssl, mysql->options.ssl_cipher) == 0)
     goto error;
    }