From 14be19518703542a6934c28536421d47ff08ec09 Mon Sep 17 00:00:00 2001
From: Anirudh Mangipudi <anirudh.mangipudi@oracle.com>
Date: Wed, 8 Jan 2014 18:31:42 +0530
Subject: Bug#16715064 MYSQL COMMUNITY UTILITIES CANNOT CONNECT TO MYSQL
 ENTERPRISE WITH SSL ENABLED Problem: It was reported that MySQL community
 utilities cannot connect to a MySQL Enterprise 5.6.x server with SSL
 configured. We can reproduce the issue when we try to connect an MySQL
 Enterprise Server with a MySQL Client with --ssl-ca parameter enabled. We get
 an ERROR 2026 (HY000): SSL connection error: unknown error number.

Solution:
The root cause of the problem was determined to be the difference in handling
of the certificates by OpenSSL(Enterprise) and yaSSL(Community). OpenSSL expects
a blank certificate to be sent when a parameter (ssl-ca, or ssl-cert or ssl-key)
has not been specified.On the other hand yaSSL doesn't send any certificate and
since OpenSSL does not expect this behaviour it returns an Unknown SSL error.
The issue was resolved by yaSSL adding capability to send blank certificate when
any of the parameter is missing.
---
 extra/yassl/taocrypt/test/test.cpp | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'extra/yassl/taocrypt')

diff --git a/extra/yassl/taocrypt/test/test.cpp b/extra/yassl/taocrypt/test/test.cpp
index 0643b79e51b..a7d5cb3e8af 100644
--- a/extra/yassl/taocrypt/test/test.cpp
+++ b/extra/yassl/taocrypt/test/test.cpp
@@ -1,5 +1,5 @@
 /*
-   Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2006, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -1165,12 +1165,12 @@ int rsa_test()
     RSAES_Encryptor enc(priv);
     byte message[] = "Everyone gets Friday off.";
     const word32 len = (word32)strlen((char*)message);
-    byte cipher[64];
+    byte cipher[512];
     enc.Encrypt(message, len, cipher, rng);
 
     RSAES_Decryptor dec(priv);
-    byte plain[64];
-    dec.Decrypt(cipher, sizeof(plain), plain, rng);
+    byte plain[512];
+    dec.Decrypt(cipher, priv.FixedCiphertextLength(), plain, rng);
 
     if (memcmp(plain, message, len))
         return -70;
@@ -1242,11 +1242,11 @@ int dh_test()
 int dsa_test()
 {
     Source source;
-    FileSource("../certs/dsa512.der", source);
+    FileSource("../certs/dsa1024.der", source);
     if (source.size() == 0) {
-        FileSource("../../certs/dsa512.der", source);  // for testsuite
+        FileSource("../../certs/dsa1024.der", source);  // for testsuite
         if (source.size() == 0) {
-            FileSource("../../../certs/dsa512.der", source); // win32 Debug dir
+            FileSource("../../../certs/dsa1024.der", source); // win32 Debug dir
             if (source.size() == 0)
                 err_sys("where's your certs dir?", -89);
         }
-- 
cgit v1.2.1