From 1ac4aeb5d8d92d29ec211a7bc0b86ce9a45ddd01 Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Thu, 3 Jul 2025 22:16:45 +0200 Subject: [PATCH] MDEV-35581 On servers linked against WolfSSL SSL_Cipher and SSL_cipher_list are always the same emulate OpenSSL behavior in WolfSSL: * use wolfSSL_get_cipher_list(i) for SSL_get_cipher_list(ctx, i), not wolfSSL_get_cipher_list_ex(ctx, i), which returns only the cipher used in the current connection. --- include/ssl_compat.h | 2 ++ mysql-test/main/ssl.result | 9 +++++++++ mysql-test/main/ssl.test | 11 ++++++++--- 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/include/ssl_compat.h b/include/ssl_compat.h index 340c5b6358d..6bec4f48285 100644 --- a/include/ssl_compat.h +++ b/include/ssl_compat.h @@ -57,6 +57,8 @@ #define ERR_remove_state(x) do {} while(0) #undef SSL_get_cipher #define SSL_get_cipher(ssl) (SSL_version(ssl) == TLS1_3_VERSION ? wolfSSL_get_cipher(ssl) : wolfSSL_get_cipher_name(ssl)) +#undef SSL_get_cipher_list +#define SSL_get_cipher_list(ctx,i) wolfSSL_get_cipher_list(i) #elif defined (HAVE_ERR_remove_thread_state) #define ERR_remove_state(X) ERR_remove_thread_state(NULL) #endif /* HAVE_ERR_remove_thread_state */ diff --git a/mysql-test/main/ssl.result b/mysql-test/main/ssl.result index 8d209fb3808..c402f02b859 100644 --- a/mysql-test/main/ssl.result +++ b/mysql-test/main/ssl.result @@ -2188,11 +2188,20 @@ drop table t1; SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; have_ssl 1 +# +# MDEV-7697 Client reports ERROR 2006 (MySQL server has gone away) or ERROR 2013 (Lost connection to server during query) while executing AES* functions under SSL +# select aes_decrypt('MySQL','adf'); aes_decrypt('MySQL','adf') NULL select 'still connected?'; still connected? still connected? +# +# MDEV-35581 On servers linked against WolfSSL SSL_Cipher and SSL_cipher_list are always the same +# +select variable_value like '%:%' from information_schema.session_status where variable_name='ssl_cipher_list'; +variable_value like '%:%' +1 connection default; disconnect ssl_con; diff --git a/mysql-test/main/ssl.test b/mysql-test/main/ssl.test index 642af380be9..53d93ff1593 100644 --- a/mysql-test/main/ssl.test +++ b/mysql-test/main/ssl.test @@ -29,12 +29,17 @@ SHOW STATUS LIKE 'Ssl_server_not_after'; # Check ssl turned on SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; -# -# MDEV-7697 Client reports ERROR 2006 (MySQL server has gone away) or ERROR 2013 (Lost connection to server during query) while executing AES* functions under SSL -# +--echo # +--echo # MDEV-7697 Client reports ERROR 2006 (MySQL server has gone away) or ERROR 2013 (Lost connection to server during query) while executing AES* functions under SSL +--echo # select aes_decrypt('MySQL','adf'); select 'still connected?'; +--echo # +--echo # MDEV-35581 On servers linked against WolfSSL SSL_Cipher and SSL_cipher_list are always the same +--echo # +select variable_value like '%:%' from information_schema.session_status where variable_name='ssl_cipher_list'; + connection default; disconnect ssl_con;