From d2e36e4258bbcdbaf72c2dde02fa5039317f99ed Mon Sep 17 00:00:00 2001
From: Mayank Prasad <mayank.prasad@oracle.com>
Date: Fri, 11 Mar 2011 16:16:34 +0530
Subject: [PATCH] BUG #11760210: 52596: SSL_CIPHER_LIST NOT SET OR RETURNED FOR
 "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"

Issue:
      SSL_CIPHER set to a specific CIPHER name was not getting picked up by SHOW STATUS Command.

Solution:
      If specific cipher name is specified, avoid overwriting of Cipher List with default Cipher names.


extra/yassl/src/yassl_int.cpp:
  If user specified Cipher name is there, avoid populating default
  cipher names' list.
mysql-test/r/ssl_cipher.result:
  Expected file for ssl_cipher.test test case
mysql-test/t/ssl_cipher-master.opt:
  Server option file for ssl_cipher.test test case.
mysql-test/t/ssl_cipher.test:
  Test case to verify that user specified SSL cipher name is shown in SHOW STATUS Command.
---
 extra/yassl/src/yassl_int.cpp      |  2 +-
 mysql-test/r/ssl_cipher.result     |  9 +++++++++
 mysql-test/t/ssl_cipher-master.opt |  1 +
 mysql-test/t/ssl_cipher.test       | 23 +++++++++++++++++++++++
 4 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 mysql-test/r/ssl_cipher.result
 create mode 100644 mysql-test/t/ssl_cipher-master.opt
 create mode 100644 mysql-test/t/ssl_cipher.test

diff --git a/extra/yassl/src/yassl_int.cpp b/extra/yassl/src/yassl_int.cpp
index 8e4a9aa95ec..5af2f180bb1 100644
--- a/extra/yassl/src/yassl_int.cpp
+++ b/extra/yassl/src/yassl_int.cpp
@@ -308,7 +308,7 @@ SSL::SSL(SSL_CTX* ctx)
             SetError(YasslError(err));
             return;
         }
-        else if (serverSide) {
+        else if (serverSide && !(ctx->GetCiphers().setSuites_)) {
             // remove RSA or DSA suites depending on cert key type
             ProtocolVersion pv = secure_.get_connection().version_;
             
diff --git a/mysql-test/r/ssl_cipher.result b/mysql-test/r/ssl_cipher.result
new file mode 100644
index 00000000000..78081300b5b
--- /dev/null
+++ b/mysql-test/r/ssl_cipher.result
@@ -0,0 +1,9 @@
+#
+# BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
+#
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name	Value
+Ssl_cipher	AES128-SHA
+SHOW STATUS LIKE 'Ssl_cipher_list';
+Variable_name	Value
+Ssl_cipher_list	AES128-SHA
diff --git a/mysql-test/t/ssl_cipher-master.opt b/mysql-test/t/ssl_cipher-master.opt
new file mode 100644
index 00000000000..9525c238c40
--- /dev/null
+++ b/mysql-test/t/ssl_cipher-master.opt
@@ -0,0 +1 @@
+--ssl-cipher=AES128-SHA
diff --git a/mysql-test/t/ssl_cipher.test b/mysql-test/t/ssl_cipher.test
new file mode 100644
index 00000000000..5346968175c
--- /dev/null
+++ b/mysql-test/t/ssl_cipher.test
@@ -0,0 +1,23 @@
+# Turn on ssl between the client and server
+# and run a number of tests
+
+--echo #
+--echo # BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
+--echo #
+
+-- source include/have_ssl.inc
+
+# Save the initial number of concurrent sessions
+--source include/count_sessions.inc
+
+connect (ssl_con,localhost,root,,,,,SSL);
+
+# Check Cipher Name and Cipher List
+SHOW STATUS LIKE 'Ssl_cipher';
+SHOW STATUS LIKE 'Ssl_cipher_list';
+
+connection default;
+disconnect ssl_con;
+
+# Wait till all disconnects are completed
+--source include/wait_until_count_sessions.inc