Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.5.39, 10.0.13
    • Fix Version/s: 5.5.42, 10.0.16
    • Component/s: SSL
    • Labels:
      None
    • Environment:
      mariadb built with OpenSSL

      Description

      Calling mysql_server_end calls OpenSSL cleanup functions via vio_end.
      This is a problem, as OpenSSL might very well be still used in the application using libmysqlclient.

      In my case, it's a plugin that's dynamicaly loaded and unloaded at runtime into an application that itself doesn't use mysql.
      The plugin calls mysql_server_init on load, and mysql_server_end on unload, which is the latest point the plugin still has control.

      As a result, the application that loads and unloads the plugin is no longer able to accept or initiate any SSL encrypted connections.
      Depending on what it does with OpenSSL, it might very well also crash, but i haven't managed to trigger a crash.

      Here's a short example on how to trigger the issue:
      https://gist.github.com/BtbN/3445c13dc9095f371aa9

        Attachments

          Activity

            People

            • Assignee:
              serg Sergei Golubchik
              Reporter:
              Oromit Timo R.
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: