Bug #1241 Building Mysql 4.0 --with-openssl fails if IDEA not supported by OpenSSL
Submitted: 10 Sep 2003 10:01 Modified: 29 Sep 2003 12:31
Reporter: Carlos Amengual Email Updates:
Status: Not a Bug Impact on me:
None 
Category:MySQL Server: Compiling Severity:S2 (Serious)
Version:4.0.14 OS:FreeBSD (FreeBSD 4.8)
Assigned to: Antony Curtis CPU Architecture:Any

[10 Sep 2003 10:01] Carlos Amengual 
Description:
Compiling Mysql 4.0 --with-openssl fails if the IDEA algorithm has not been compiled into OpenSSL.

This is a frequent case in Europe, as IDEA requires commercial licensing.

How to repeat:
Build OpenSSL without IDEA support, and then build mysql --with-openssl.

Suggested fix:
A general fix would be to check each cipher type supported by the local OpenSSL installation. A quicker and simpler fix would be to look just for the IDEA cipher.

Another possibility would be to provide a configure option like --without-ssl-cipher=idea
[11 Sep 2003 15:13] Antony Curtis 
I have 4.8-STABLE, will test it out.
[11 Sep 2003 16:50] Antony Curtis 
Not enough information was provided for us to be able
to handle this bug. Please re-read the instructions at
http://bugs.mysql.com/how-to-report.php

If you can provide more information, feel free to add it
to this bug and change the status back to 'Open'.

Thank you for your interest in MySQL.

I cannot repeat it on 4.8-STABLE. 
 
Have tried building from ports/databases/mysql40-server using: 
# make WITH_OPENSSL=yes BUILD_OPTIMIZED=yes 
 
Have tried building from 4.0 bk (rev 1.1563) repository: 
# ./configure --with-low-memory --enable-thread-safe-client 
--enable-local-infile--with-berkeley-db --with-innodb --with-vio 
--without-pstack --with-extra-tools --with-embedded-server --with-openssl 
 
Related info: 
OpenSSL> version 
OpenSSL 0.9.7a Feb 19 2003 
OpenSSL> ciphers 
DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:DHE-DSS-RC4-SHA:RC4-SHA:RC4-MD5:RC4-MD5:RC4-64-MD5:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EXP1024-RC2-CBC-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP1024-DHE-DSS-RC4-SHA:EXP1024-RC4-SHA:EXP1024-RC4-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC4-MD5
[23 Sep 2003 9:10] Carlos Amengual 
azul# uname -a
FreeBSD azul.hin 4.8-RELEASE-p3 FreeBSD 4.8-RELEASE-p3 #0: Thu Aug 21 22:57:08 CEST 2003     amengual@azul.hin:/usr/obj/usr/src/sys/GENERIC  i386
azul# cd /usr/ports/databases/mysql40-server
azul# make WITH_OPENSSL=yes
[...]
Making all in vio
source='vio.c' object='vio.o' libtool=no  depfile='.deps/vio.Po' tmpdepfile='.deps/vio.TPo'  depmode=gcc /bin/sh ../depcomp  cc -DHAVE_CONFIG_H -I. -I. -I.. -I./../include -I../include -I/usr/local/include     -O3 -DDBUG_OFF -O -pipe -march=pentiumpro -O3 -fno-omit-frame-pointer  -DHAVE_BROKEN_REALPATH -c `test -f vio.c || echo './'`vio.c
In file included from /usr/local/include/openssl/pem.h:66,
                 from /usr/local/include/openssl/ssl.h:147,
                 from ../include/violite.h:82,
                 from vio_priv.h:24,
                 from vio.c:24:
/usr/local/include/openssl/evp.h:97: openssl/idea.h: No such file or directory
In file included from /usr/local/include/openssl/pem.h:66,
                 from /usr/local/include/openssl/ssl.h:147,
                 from ../include/violite.h:82,
                 from vio_priv.h:24,
                 from vio.c:24:
/usr/local/include/openssl/evp.h:371: syntax error before `IDEA_KEY_SCHEDULE'
*** Error code 1

Stop in /usr/ports/databases/mysql40-server/work/mysql-4.0.15/vio.
*** Error code 1

Stop in /usr/ports/databases/mysql40-server/work/mysql-4.0.15.
*** Error code 1

Stop in /usr/ports/databases/mysql40-server/work/mysql-4.0.15.
*** Error code 1

Stop in /usr/ports/databases/mysql40-server.
[23 Sep 2003 9:15] Carlos Amengual 
My OpenSSL version and cipher information was ommitted:

azul# openssl
OpenSSL> version
OpenSSL 0.9.7a Feb 19 2003
OpenSSL> ciphers
DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:DHE-DSS-RC4-SHA:RC4-SHA:RC4-MD5:RC4-MD5:RC4-64-MD5:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EXP1024-RC2-CBC-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP1024-DHE-DSS-RC4-SHA:EXP1024-RC4-SHA:EXP1024-RC4-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC4-MD5
OpenSSL>
[23 Sep 2003 10:45] Antony Curtis 
Is there an /etc/make.conf on the FreeBSD machine?

There is a possibility of an issue with -RELEASE which was resolved in -STABLE. I will set up a machine with 4.8-RELEASE and evaluate further.
[25 Sep 2003 7:37] Carlos Amengual 
Relevant parts of /etc/make.conf:

CPUTYPE=i686
MAKE_IDEA=      NO
USA_RESIDENT=           NO
[26 Sep 2003 0:30] Antony Curtis 
OpenSSL has been merged into the base of FreeBSD 4 - so its include files now exist at /usr/include/openssl. 

Probably have another OpenSSL installed via ports collection. I suggest uninstalling the port.

Make options, NO_IDEA and USA_RESIDENT only have effect during rebuild of world.
Not having IDEA only effects the internals of OpenSSL. The API should be unaffected.
[26 Sep 2003 8:04] Carlos Amengual 
While the package list gave no OpenSSL port installed, I had old include files in /usr/local/include, from the times of FreeBSD 3.x. After removing those files nad cleaning the port, I still cannot build. I'll keep investigating it.
[29 Sep 2003 11:10] Carlos Amengual 
I rebuilt the system to the latest patchlevel, and then recompiled. It works now, and bug should be closed.
[29 Sep 2003 12:31] Antony Curtis 
Problem resolved