Bug #100336 performance_schema.status_by_thread table not populating on Linux
Submitted: 27 Jul 2020 15:58 Modified: 28 Jul 2020 12:50
Reporter: IGG t Email Updates:
Status: Verified Impact on me:
Category:MySQL Server: Performance Schema Severity:S3 (Non-critical)
Version:5.7 OS:Any
Assigned to: CPU Architecture:Any
Tags: SSL

[27 Jul 2020 15:58] IGG t
The performance_schema.status_by_thread table doesn't appear to populate on some versions of MySQL.

If I set up a MySQL 5.7 (tested with 5.7.29 and 5.7.31) database on Windows, and create a user that "REQUIRE SSL". If I then log into the database from another Windows server and check the performance_schema.status_by_thread table I can clearly see my connection is using SSL.

If I repeat the process on Linux (tested on "Ver 14.14 Distrib 5.7.29, for Linux (x86_64)" on Debian 9), when I check in the performance_schema.status_by_thread table it is empty. 

In both cases the performance schema is fully enabled, and checking the 'status' of the connection shows that the client end believes it is using SSL.

It appears to be fine when using MySQL 8.0.

How to repeat:
Set up a MySQL 5.7 Database on Windows.

Create a user:

CREATE USER 'ssltest'@'%' identified by 'ssltest';
GRANT ALL ON *.* TO 'ssltest'@'%' REQUIRE SSL;

From another windows location log onto the server using the new user and check the status:

mysql -h1.2.3.4 -P3306 -ussltest -pssltest -e status | grep SSL 
SSL:                    Cipher in use is ECDHE-RSA-AES128-GCM-SHA256

Now log into mysql with that user and run:

	sbt.variable_value AS tls_version,  
    t2.variable_value AS cipher, 
    processlist_user AS user, 
    processlist_host AS host 
FROM performance_schema.status_by_thread  AS sbt 
JOIN performance_schema.threads AS t ON t.thread_id = sbt.thread_id 
JOIN performance_schema.status_by_thread AS t2 ON t2.thread_id = t.thread_id 
WHERE sbt.variable_name = 'Ssl_version' 
and t2.variable_name = 'Ssl_cipher' 
ORDER BY tls_version;

You should see your login listed with tls version and cipher.

Now repeat the process using a Linux server. This time when you run the final query the result will be empty.

Suggested fix:
Ideally all connections should be included in the performance_schema.status_by_thread table on both Windows and Linux  to help prove that connections are using SSL.
[28 Jul 2020 12:50] MySQL Verification Team
Hi Mr. t,

Thank you for your bug report.

I have been able to repeat your test case.

Verified as reported.
[28 Jul 2020 12:51] MySQL Verification Team
Two small notes.

1. This is not a serious bug

2. This bug is already fixed in 8.0, hence this is 5.7-only bug.