• Arun Kuruvila's avatar
    Bug#26482173: TLS CIPHER NEGOTIATION INCORRECTLY MATCHES ON · f2f6025a
    Arun Kuruvila authored
                  LAST BYTE ONLY (YASSL)
    
    
    Description:- TLS cipher negociation happens incorrectly
    leading to the use of a different
    
    Analysis:- YaSSL based MySQL server will compare only the
    last byte of each cipher sent in the Client Hello message.
    This can cause TLS connections to fail, due to the server
    picking a cipher which the client doesn't actually support.
    
    Fix:- A fix for detecting cipher suites with non leading
    zeros is included as YaSSL only supports cipher suites with
    leading zeros.
    f2f6025a
yassl_imp.cpp 62 KB