Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
5.5.39, 10.0.13
-
None
-
mariadb built with OpenSSL
Description
Calling mysql_server_end calls OpenSSL cleanup functions via vio_end.
This is a problem, as OpenSSL might very well be still used in the application using libmysqlclient.
In my case, it's a plugin that's dynamicaly loaded and unloaded at runtime into an application that itself doesn't use mysql.
The plugin calls mysql_server_init on load, and mysql_server_end on unload, which is the latest point the plugin still has control.
As a result, the application that loads and unloads the plugin is no longer able to accept or initiate any SSL encrypted connections.
Depending on what it does with OpenSSL, it might very well also crash, but i haven't managed to trigger a crash.
Here's a short example on how to trigger the issue:
https://gist.github.com/BtbN/3445c13dc9095f371aa9
What could a fix be? For example, I can try to detect whether OpenSSL was initialized when libmysqlclient is loaded and skip the initialization (and, consequently, deinitialization) in this case. This won't work very well, though, if an application loads and unloads plugins dynamically, many plugins use SSL and libmysqlclient-linked plugin by pure chance is loaded first (the plugin will initialize OpenSSL, so it'll deinitialize it too, even if other plugins might be using SSL at the moment).
Perhaps, add a new option, something like
mysql_options(&mysql, MYSQL_DO_NOT_DEINITIALIZE_OPENSSL, NULL);