Uploaded image for project: 'Percona XtraDB Cluster'
  1. Percona XtraDB Cluster
  2. PXC-1284

LP #1104977: Percona Server is still built with yaSSL



    • Type: Bug
    • Status: Done
    • Priority: Low
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Packaging
    • Labels:


      **Reported in Launchpad by Raghavendra D Prabhu last update 31-05-2013 03:47:58

      In lp:1028240, it looks like few conflicting yassl symbols were removed.

      But https://bugs.launchpad.net/percona-server/5.5/+bug/1028240/comments/17 states it is being build without yassl.


      nm -n /usr/lib/debug/usr/sbin/mysqld.debug| grep -iE 'yassl'

      reveals plenty of internal (with local visibility) yassl symbols suggesting an embedded yassl.

      00000000009a2420 t yaSSL_get_default_timeout
      00000000009a2430 t yaSSLeay_version
      00000000009a2480 t yaSSL_load_error_strings
      00000000009a2490 t yaSSL_set_connect_state
      00000000009a24a0 t yaSSL_get_verify_result
      00000000009a24b0 t yaSSL_CTX_sess_set_cache_size
      00000000009a24c0 t yaSSL_CTX_get_session_cache_mode
      00000000009a24d0 t yaSSL_CTX_set_default_verify_paths
      00000000009a24e0 t yaSSL_CTX_set_session_id_context
      00000000009a24f0 t yaSSL_CTX_check_private_key
      00000000009a2500 t yaSSL_CTX_set_options
      00000000009a2510 t yaSSL_CTX_set_info_callback
      00000000009a2530 t yaSSL_library_init
      00000000009a25b0 t yaSSL_get_certificate
      00000000009a25c0 t yaSSL_get_privatekey
      00000000009a25d0 t yaSSL_SESSION_free
      00000000009a2630 t yaSSLv2_client_method
      00000000009a2730 t yaSSLeay_add_ssl_algorithms
      00000000009a2820 t yaSSL_alert_type_string_long
      00000000009a2830 t yaSSL_alert_desc_string_long
      00000000009a2840 t yaSSL_state_string_long
      00000000009a2850 t yaSSL_CTX_set_tmp_rsa_callback
      00000000009a2860 t yaSSL_CTX_set_timeout
      00000000009a2870 t yaSSL_CTX_use_certificate_chain_file
      00000000009a2880 t yaSSL_CTX_use_RSAPrivateKey_file
      00000000009a2890 t yaSSL_set_rfd
      00000000009a28a0 t yaSSL_set_wfd
      00000000009a28b0 t yaSSL_want_read

      nm -n /usr/lib/debug/usr/bin/mysql.debug| grep -iE yassl

      also reveals something similar.


      The openssl compatibility layer file defines

      #ifdef YASSL_PREFIX
      #include "prefix_ssl.h"

      which equals to being built with embedded yaSSL.

      YASSL_PREFIX is true if WITH_SSL=bundled is passed or --with-ssl is passed in configure options.

      Passing WITH_SSL=system or --with-ssl= builds with openssl of the system.

      This is how it looks if mysql is built with system openssl:

      nm -D `which mysqld` | grep -i ssl

      U OPENSSL_add_all_algorithms_noconf
      U SSL_CIPHER_get_name
      U SSL_CTX_check_private_key
      U SSL_CTX_ctrl
      U SSL_CTX_free
      U SSL_CTX_get_verify_depth
      U SSL_CTX_get_verify_mode
      U SSL_CTX_load_verify_locations
      U SSL_CTX_new
      U SSL_CTX_set_cipher_list
      U SSL_CTX_set_default_verify_paths
      U SSL_CTX_set_session_id_context
      U SSL_CTX_set_verify
      U SSL_CTX_use_PrivateKey_file
      U SSL_CTX_use_certificate_file
      U SSL_SESSION_set_timeout
      U SSL_accept
      U SSL_clear
      U SSL_connect
      U SSL_ctrl
      U SSL_free
      U SSL_get_cipher_list

      with ldd revealing:

      ldd =mysqld
      linux-vdso.so.1 (0x00007fff069af000)
      libaio.so.1 => /usr/lib64/libaio.so.1 (0x00007f6ed73ef000)
      libz.so.1 => /usr/lib64/libz.so.1 (0x00007f6ed71d9000)
      libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f6ed6fbd000)
      libcrypt.so.1 => /usr/lib64/libcrypt.so.1 (0x00007f6ed6d86000)
      libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f6ed6b82000)
      libssl.so.1.0.0 => /usr/lib64/libssl.so.1.0.0 (0x00007f6ed6918000)
      libcrypto.so.1.0.0 => /usr/lib64/libcrypto.so.1.0.0 (0x00007f6ed650f000)
      libstdc+.so.6 => /usr/lib64/libstdc+.so.6 (0x00007f6ed620c000)
      libm.so.6 => /usr/lib64/libm.so.6 (0x00007f6ed5f0e000)
      libc.so.6 => /usr/lib64/libc.so.6 (0x00007f6ed5b61000)
      /lib/ld-linux-x86-64.so.2 (0x00007f6ed75f0000)
      libgcc_s.so.1 => /usr/lib64/libgcc_s.so.1 (0x00007f6ed594c000)

      /usr/lib64/libssl.so.1.0.0 owned by openssl.




            krunal.bauskar Krunal Bauskar (Inactive)
            lpjirasync lpjirasync (Inactive)
            0 Vote for this issue
            1 Start watching this issue



                Smart Checklist