Bug #42428 openssl_1 test case failing on all version of Redhat Enterprise Linux
Submitted: 28 Jan 2009 16:30 Modified: 28 Jan 2009 16:33
Reporter: BJ Dierkes Email Updates:
Status: Duplicate Impact on me:
Category:Tests: Server Severity:S3 (Non-critical)
Version:5.0.x OS:Linux (Redhat Enterprise Linux 3, 4, and 5)
Assigned to:

[28 Jan 2009 16:30] BJ Dierkes
Recently, MySQL test cases for openssl_1 began failing on all version of Redhat Enterprise Linux.  The issue is exactly the same across the board, and has been verified with both mysql-5.0.67 and mysql-5.0.75.  It appears that this issue may be related to a recent security update to the openssl package by Redhat:


These are the same builds that had no issue before the openssl update.  I imagine that the openssl functionality is fine, and just the test case is not functional but I'm not familiar enough with MySQL OpenSSL Support to be able to fully verify that.

Systems Failing:

EL3 64bit (stock) w/ openssl-0.9.7a-33.24
EL4 32bit (stock) w/ openssl-0.9.7a-43.17.el4_7.2
EL5 64bit (stock) w/ openssl-0.9.8e-7.el5

Failure Output:

openssl_1                      [ fail ]

mysqltest: At line 19: query 'connect  con1,localhost,ssl_user1,,,,,SSL' failed: 2026: SSL connection error

The result from queries just before the failure was:
drop table if exists t1;
create table t1(f1 int);
insert into t1 values (5);
grant select on test.* to ssl_user1@localhost require SSL;
grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";
grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com";
grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
flush privileges;

More results from queries before failure can be found in /home/wdierkes/buildroot/BUILD/mysql-5.0.75/mysql-test/var/log/openssl_1.log

Aborting: openssl_1 failed in default mode. 
To continue, re-run with '--force'.
Stopping All Servers
make: *** [test-ns] Error 1

How to repeat:
./configure --with-openssl && make && make test

As a side note, my full configure line is as follows:

./configure --host=x86_64-redhat-linux-gnu --build=x86_64-redhat-linux-gnu -
-target=x86_64-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/u
sr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share 
--includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --locals
tatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/sh
are/info --with-readline --with-openssl --without-debug --enable-shared --with-b
ench --localstatedir=/var/lib/mysql --with-unix-socket-path=/var/lib/mysql/mysql
.sock --with-mysqld-user=mysql --with-extra-charsets=all --with-innodb --with-be
rkeley-db --enable-local-infile --enable-largefile --enable-thread-safe-client -
-disable-dependency-tracking --with-archive-storage-engine --with-federated-stor
age-engine --with-blackhole-storage-engine --with-csv-storage-engine --with-name

Suggested fix:
[28 Jan 2009 16:33] Georgi Kodinov
Duplicate of bug #42366