Bug #45770 errors reading server SSL files are printed, but

not logged
        
Errors encountered during initialization of the SSL subsystem
are printed to stderr, rather than to the error log.
        
This patch adds a parameter to several SSL init functions to
report the error (if any) out to the caller. The function
init_ssl() in mysqld.cc is moved after the initialization of
the log subsystem, so that any error messages can be logged to
the error log. Printing of messages to stderr has been 
retained to get diagnostic output in a client context.


include/violite.h:
  Adding an enumeration for the various errors that can
  occur during initialization of the SSL module.
sql/mysqld.cc:
  Adding more logging of SSL init errors, and moving
  init_ssl() till after initialization of logging 
  subsystem.
vio/viosslfactories.c:
  Define error strings, provide an access method for these
  strings, and maintain an error parameter in several funcs
  to return the error (if any) to the caller.

1 files changed, 9 insertions, 1 deletions

diff --git a/include/violite.h b/include/violite.h
index 7b57667541a..b04fe108314 100644
--- a/include/violite.h
+++ b/include/violite.h
@@ -109,6 +109,14 @@ typedef my_socket YASSL_SOCKET_T;
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 
+enum enum_ssl_init_error
+{
+  SSL_INITERR_NOERROR= 0, SSL_INITERR_CERT, SSL_INITERR_KEY, 
+  SSL_INITERR_NOMATCH, SSL_INITERR_BAD_PATHS, SSL_INITERR_CIPHERS, 
+  SSL_INITERR_MEMFAIL, SSL_INITERR_LASTERR
+};
+const char* sslGetErrString(enum enum_ssl_init_error err);
+
 struct st_VioSSLFd
 {
   SSL_CTX *ssl_context;
@@ -124,7 +132,7 @@ struct st_VioSSLFd
 struct st_VioSSLFd
 *new_VioSSLAcceptorFd(const char *key_file, const char *cert_file,
 		      const char *ca_file,const char *ca_path,
-		      const char *cipher);
+		      const char *cipher, enum enum_ssl_init_error* error);
 #endif /* HAVE_OPENSSL */
 
 #ifdef HAVE_SMEM