Bug #18399 yaSSL: reports all cipers at once in SSL_get_cipher_list
Submitted: 21 Mar 2006 16:13 Modified: 4 May 2006 17:01
Reporter: Magnus Blåudd Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server Severity:S3 (Non-critical)
Version:5.1.8 OS:Any (all)
Assigned to: Magnus Blåudd CPU Architecture:Any

[21 Mar 2006 16:13] Magnus Blåudd
Description:
The function 'SSL_get_cipher_list' in yaSSL returns all avalible ciphers in one call to the function. This is not compatibel with the openSSL implementation that only one cipher is returned for each call, and eventually NULL when there is no cipher with the given pritority.

How to repeat:
Function is used in 'show_ssl_get_cipher_list'.

static int show_ssl_get_cipher_list(THD *thd, SHOW_VAR *var, char *buff)
{
  var->type= SHOW_CHAR;
  var->value= buff;
  if (thd->net.vio->ssl_arg)
  {
    int i;
    const char *p;
    char *end= buff + SHOW_VAR_FUNC_BUFF_SIZE;
    for (i=0; (p= SSL_get_cipher_list((SSL*) thd->net.vio->ssl_arg,i)) &&
               buff < end; i++)
    {
      buff= strnmov(buff, p, end-buff-1);
      *buff++= ':';
    }
    if (i)
      buff--;
  }
  *buff=0;
  return 0;
}

Suggested fix:
Make only one cipher be returned for each priotity level.
[21 Apr 2006 10:05] Magnus Blåudd
Commited to upstream yaSSL to be inlcuded in MySQL soon
[27 Apr 2006 20:13] Magnus Blåudd
Updated our yaSSL dsitribbution from upstreame im 5.0.21 and thus fixed thie problem.
[4 May 2006 17:01] Paul DuBois
Noted in 5.0.21 changelog.