Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add server's RSA public key connection string option #286

Closed
bgrainger opened this issue Jun 27, 2017 · 2 comments
Closed

Add server's RSA public key connection string option #286

bgrainger opened this issue Jun 27, 2017 · 2 comments
Assignees
Milestone

Comments

@bgrainger
Copy link
Member

@bgrainger bgrainger commented Jun 27, 2017

If the client connects with sha256_password over an insecure connection, it has to encrypt the user's password with the server's RSA public key. This can be requested from the server in authentication negotiation.

However, as Protecting MySQL Passwords With the sha256_password Plugin says:

Distributing keys securely can be an operational headache. MySQL Server will supply its own RSA public key upon request from the client, so that the key doesn’t have to be explicitly distributed and configured for each client. But this introduces another security concern – a proxy in the middle may substitute an RSA public key for which it has the private key, decrypt and harvest the plain-text password, then re-encrypting the password with the actual server RSA public key for the connection attempt to continue. For this reason, it’s strongly recommended that clients define a local RSA public key to use instead of request the server RSA key during the handshake.

The mysql CLI supports specifying the server's RSA public key with the --server-public-key-path variable.

Connector/J has allowPublicKeyRetrieval (default false) and serverRSAPublicKeyFile properties.

We should add both these connection string options for RSA public key support.

@bgrainger
Copy link
Member Author

@bgrainger bgrainger commented Jun 27, 2017

Setting milestone to 1.0 as adding AllowPublicKeyRetrieval (with a sensible default of false) will be a breaking change.

@bgrainger
Copy link
Member Author

@bgrainger bgrainger commented Jul 27, 2017

Added in 0.24.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

No branches or pull requests

1 participant