Bug #73280 SSL MTR tests broken on CentOS 7 with -DWITH_SSL=system
Submitted: 13 Jul 2014 11:57 Modified: 15 Jul 2014 9:53
Reporter: Laurynas Biveinis (OCA) Email Updates:
Status: Verified Impact on me:
None 
Category:Tests: Server Severity:S3 (Non-critical)
Version:5.5+, 5.6.19 OS:Linux (CentOS 7)
Assigned to: CPU Architecture:Any
Tags: mtr, openssl, SSL

[13 Jul 2014 11:57] Laurynas Biveinis
Description:
Built with -DWITH_SSL=system, the SSL tests in the testsuite fail with

main.ssl                                 w9 [ fail ]
        Test ended at 2014-07-13 14:32:39

CURRENT_TEST: main.ssl
mysqltest: At line 9: query 'connect  ssl_con,localhost,root,,,,,SSL' failed: 2026: SSL connection error: error:00000001:lib(0):func(0):reason(1)

Not sure if that's a testsuite or platform OpenSSL issue, thus erring on the side of S1.

How to repeat:
-DWITH_SSL=system, run any of rpl_heartbeat_ssl rpl_ssl rpl_ssl1 ssl_8k_key ssl_cipher ssl ssl_compress ssl_connect openssl_1

Suggested fix:
Don't know.
[13 Jul 2014 11:57] Laurynas Biveinis
Fixing title
[13 Jul 2014 12:16] Laurynas Biveinis
OpenSSL was patched not to accept MD5 certificate signatures unless OPENSSL_ENABLE_MD5_VERIFY environment variable is set.

Setting it enables all these tests except openssl_1 to pass.
[13 Jul 2014 12:37] Laurynas Biveinis
Fixing category.
[13 Jul 2014 12:42] Laurynas Biveinis
openssl_1 failure is bug 73281.
[15 Jul 2014 9:53] MySQL Verification Team
Hello Laurynas,

Thank you for the report.
Verified as described with CentOS7 and MySQL version 5.6.19.

Thanks,
Umesh
[15 Jul 2014 9:54] MySQL Verification Team
// 5.6.19

[ushastry@localhost mysql-test]$ ./mysql-test-run.pl ssl
Logging: ./mysql-test-run.pl  ssl
2014-07-15 05:45:26 13270 [Warning] Buffered warning: Changed limits: max_open_files: 1024 (requested 5000)

2014-07-15 05:45:26 13270 [Warning] Buffered warning: Changed limits: table_cache: 431 (requested 2000)

2014-07-15 05:45:26 13270 [Note] Plugin 'FEDERATED' is disabled.
2014-07-15 05:45:26 13270 [Note] Binlog end
2014-07-15 05:45:26 13270 [Note] Shutting down plugin 'CSV'
2014-07-15 05:45:26 13270 [Note] Shutting down plugin 'MyISAM'
MySQL Version 5.6.19
Checking supported features...
 - SSL connections supported
Collecting tests...
Removing old var directory...
Creating var directory '/home/ushastry/Downloads/mysql-5.6.19/mysql-test/var'...
Installing system database...

==============================================================================

TEST                                      RESULT   TIME (ms) or COMMENT
--------------------------------------------------------------------------

worker[1] Using MTR_BUILD_THREAD 300, with reserved ports 13000..13009
main.ssl                                 [ fail ]
        Test ended at 2014-07-15 05:45:32

CURRENT_TEST: main.ssl
mysqltest: At line 11: query 'connect  ssl_con,localhost,root,,,,,SSL' failed: 2026: SSL connection error: error:00000001:lib(0):func(0):reason(1)

 - saving '/home/ushastry/Downloads/mysql-5.6.19/mysql-test/var/log/main.ssl/' to '/home/ushastry/Downloads/mysql-5.6.19/mysql-test/var/log/main.ssl/'
--------------------------------------------------------------------------
The servers were restarted 0 times
Spent 0.000 of 6 seconds executing testcases

Completed: Failed 1/1 tests, 0.00% were successful.

Failing test(s): main.ssl

The log files in var/log may give you some hint of what went wrong.

If you want to report this error, please read first the documentation
at http://dev.mysql.com/doc/mysql/en/mysql-test-suite.html

mysql-test-run: *** ERROR: there were failing test cases
[ushastry@localhost mysql-test]$
[15 Jul 2014 10:29] MySQL Verification Team
// OS, openSSL 

[ushastry@localhost mysql-test]$ openssl
OpenSSL> version
OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL> quit
[ushastry@localhost mysql-test]$ cat /etc/*release
CentOS Linux release 7.0.1406 (Core) 
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CentOS Linux release 7.0.1406 (Core) 
CentOS Linux release 7.0.1406 (Core)