Description:
The openssl_1 regression test assumes a certificate subject that is at variance with the sample certificate actually provided; this guarantees a regression failure.  A second problem is that some of the error cases in the test print system-dependent messages from the OpenSSL library.  (This second problem does not manifest with yassl, because it has a stubbed-out ERR_print_errors_fp function.)

How to repeat:
Build with OpenSSL, then

./mysql-test-run --with-openssl openssl_1

Suggested fix:
There's more than one way you might address the error message problem, but what I've done for the moment is to restrict the ERR_print_errors_fp function to DBUG code:

--- mysql-5.0.27.orig/mysql-test/t/openssl_1.test	2006-10-20 20:36:43.000000000 -0400
+++ mysql-5.0.27/mysql-test/t/openssl_1.test	2006-11-09 15:10:29.000000000 -0500
@@ -10,8 +10,8 @@
 
 grant select on test.* to ssl_user1@localhost require SSL;
 grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";
-grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
-grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
+grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com";
+grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
 grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
 flush privileges;
 
diff -Naur mysql-5.0.27.orig/vio/viosslfactories.c mysql-5.0.27/vio/viosslfactories.c
--- mysql-5.0.27.orig/vio/viosslfactories.c	2006-10-20 20:22:39.000000000 -0400
+++ mysql-5.0.27/vio/viosslfactories.c	2006-11-09 16:02:14.000000000 -0500
@@ -88,7 +88,7 @@
       DBUG_PRINT("error",("unable to get certificate from '%s'\n", cert_file));
       /* FIX stderr */
       fprintf(stderr,"Error when connection to server using SSL:");
-      ERR_print_errors_fp(stderr);
+      DBUG_EXECUTE("error",ERR_print_errors_fp(stderr););
       fprintf(stderr,"Unable to get certificate from '%s'\n", cert_file);
       fflush(stderr);
       DBUG_RETURN(1);
@@ -102,7 +102,7 @@
       DBUG_PRINT("error", ("unable to get private key from '%s'\n", key_file));
       /* FIX stderr */
       fprintf(stderr,"Error when connection to server using SSL:");
-      ERR_print_errors_fp(stderr);
+      DBUG_EXECUTE("error",ERR_print_errors_fp(stderr););
       fprintf(stderr,"Unable to get private key from '%s'\n", key_file);
       fflush(stderr);
       DBUG_RETURN(1);

There are many ways the MySQL Server can be compiled and run. Our efforts has been concentrated on getting SSL working with the yaSSL package(distributed as part of our source).

I will see what we can do to test MySQL Server with SSL from OpenSSL. We will of course fiox any problems you report.

Meanwhile I would like to take a look at our build farm initiative -http://forge.mysql.com/wiki/MySQL_Build_Farm_Initiative - maybe you could setup a build of MySQL with the settings you prefer?

First part fixed by patch for bug#25988, now looking at the second part.

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/19422

ChangeSet@1.2403, 2007-02-06 17:33:11+01:00, msvensson@neptunus.(none) +1 -0
  Bug#24157 openssl_1 regression test is broken two different ways
   - Send output from 'ERR_print_errors_fp' to DBUG_FILE if --debug is used

Available in 5.0.36 and 5.1.16-beta.

Change to make a test case succeed. No
changelog entry needed.