Bug#39178: non-RSA keys in connection to a RSA-keyed yaSSL-using server \

		using crashes server

When the server is configured to use a RSA key, and when the client sends
a cipher-suite list that contains a non-RSA key as acceptable, the server 
would try to process that key even though it was impossible.

Now, yaSSL sets its own acceptable-cipher list according to what kind of
key the server is started with, and will never explore and try to pair 
impossible combinations.

This involves a partial import of the current YaSSL tree, not the whole
thing, so as to try to avoid introducing new bugs.

(Updated to avoid many whitespace changes and make diff smaller.)

1 files changed, 14 insertions, 3 deletions

diff --git a/mysql-test/r/openssl_1.result b/mysql-test/r/openssl_1.result
index a042d0a5dc3..70151acda22 100644
--- a/mysql-test/r/openssl_1.result
+++ b/mysql-test/r/openssl_1.result
@@ -73,11 +73,10 @@ variable_name LIKE 'SSL_CALLBACK_CACHE_HITS';
 END$$
 SELECT variable_name, variable_value FROM thread_status;
 variable_name	variable_value
-SSL_ACCEPTS	0
-SSL_CALLBACK_CACHE_HITS	0
+SSL_ACCEPTS	#
+SSL_CALLBACK_CACHE_HITS	#
 DROP TABLE thread_status;
 SET GLOBAL event_scheduler=0;
-End of 5.1 tests
 SHOW STATUS LIKE 'Ssl_cipher';
 Variable_name	Value
 Ssl_cipher	AES128-SHA
@@ -192,3 +191,15 @@ UNLOCK TABLES;
 SSL error: Unable to get private key from 'MYSQL_TEST_DIR/std_data/client-cert.pem'
 mysqldump: Got error: 2026: SSL connection error when trying to connect
 DROP TABLE t1;
+Variable_name	Value
+Ssl_cipher	DHE-RSA-AES256-SHA
+Variable_name	Value
+Ssl_cipher	EDH-RSA-DES-CBC3-SHA
+Variable_name	Value
+Ssl_cipher	EDH-RSA-DES-CBC-SHA
+Variable_name	Value
+Ssl_cipher	RC4-SHA
+select 'is still running; no cipher request crashed the server' as result from dual;
+result
+is still running; no cipher request crashed the server
+End of 5.1 tests