| Bug #18399 | yaSSL: reports all cipers at once in SSL_get_cipher_list | ||
|---|---|---|---|
| Submitted: | 21 Mar 2006 17:13 | Modified: | 4 May 2006 19:01 |
| Reporter: | Magnus Svensson | ||
| Status: | Closed | ||
| Category: | Server | Severity: | S3 (Non-critical) |
| Version: | 5.1.8 | OS: | Any (all) |
| Assigned to: | Magnus Svensson | Target Version: | |
[21 Apr 2006 12:05]
Magnus Svensson
Commited to upstream yaSSL to be inlcuded in MySQL soon
[27 Apr 2006 22:13]
Magnus Svensson
Updated our yaSSL dsitribbution from upstreame im 5.0.21 and thus fixed thie problem.
[4 May 2006 19:01]
Paul DuBois
Noted in 5.0.21 changelog.
Description: The function 'SSL_get_cipher_list' in yaSSL returns all avalible ciphers in one call to the function. This is not compatibel with the openSSL implementation that only one cipher is returned for each call, and eventually NULL when there is no cipher with the given pritority. How to repeat: Function is used in 'show_ssl_get_cipher_list'. static int show_ssl_get_cipher_list(THD *thd, SHOW_VAR *var, char *buff) { var->type= SHOW_CHAR; var->value= buff; if (thd->net.vio->ssl_arg) { int i; const char *p; char *end= buff + SHOW_VAR_FUNC_BUFF_SIZE; for (i=0; (p= SSL_get_cipher_list((SSL*) thd->net.vio->ssl_arg,i)) && buff < end; i++) { buff= strnmov(buff, p, end-buff-1); *buff++= ':'; } if (i) buff--; } *buff=0; return 0; } Suggested fix: Make only one cipher be returned for each priotity level.