• Sergei Golubchik's avatar
    auto-disable --ssl-verify-server-cert in clients, if · 853bdf57
    Sergei Golubchik authored
    * --ssl-verify-server-cert was not enabled explicitly, and
    * CA was not specified, and
    * fingerprint was not specified, and
    * protocol is TCP, and
    * no password was provided
    
    insecure passwordless logins are common in test environment, let's
    not break them. practically, it hardly makes sense to have strong
    MitM protection if an attacker can simply login without a password.
    
    Covers mariadb, mariadb-admin, mariadb-binlog, mariadb-dump
    853bdf57
sslopt-longopts.h 2.94 KB