Bug #44145 FLUSH DES_KEY_FILE does not reload the DES key file
Submitted: 8 Apr 2009 9:26 Modified: 11 Feb 2011 9:51
Reporter: Dan Gardner (OCA) Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: General Severity:S3 (Non-critical)
Version:4.0.1+, 5.1 bzr OS:Any
Assigned to: CPU Architecture:Any
Tags: Contribution
Triage: Triaged: D3 (Medium)

[8 Apr 2009 9:26] Dan Gardner
Description:
The "FLUSH DES_KEY_FILE" command does not actually reload the file specified with --des-key-file, as indicated in the documentation. This appears to be because the #ifdef in sql_parse.cc which surrounds the call to load_des_key_file() is incorrect (it should be "#ifdef HAVE_OPENSSL" instead of "#ifdef OPENSSL").

How to repeat:
1. Start MySQL with the --des-key-file option.
2. Examine the atime (time of last access) for the key file.
3. Issue a "FLUSH DES_KEY_FILE".
4. Re-examine the atime for the key file - it will not have changed.

or

1. Start MySQL with the --des-key-file option.
2. Add an invalid key to the key file (i.e. a line not starting with a single digit followed by space)
3. Issue a "FLUSH DES_KEY_FILE".
4. Note the absence of a "load_des_file:  Found wrong key_number" error in the logs.

Suggested fix:
In sql/sql_parse.cc, replace the "#ifdef OPENSSL" with "#ifdef HAVE_OPENSSL".
[13 Apr 2009 20:04] Sveta Smirnova
Thank you for the report.

Verified as described.
[8 Jun 2009 22:40] liz drachnik
Hello Dan - 

In order for us to continue the process of reviewing your contribution to MySQL - We need you to review and sign the Sun|MySQL contributor agreement (the "SCA")

The process is explained here: 
http://forge.mysql.com/wiki/Sun_Contributor_Agreement

Getting a signed/approved SCA on file will help us facilitate your contribution-- this one, and others in the future.

Thank you ! 

Liz Drachnik  - Program Manager - MySQL
[11 Feb 2011 9:51] Dan Gardner
I completed the MCA many months ago. Any progress on this bug?