Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • 5.5.39, 10.0.13
    • 5.5.42, 10.0.16
    • SSL
    • None
    • mariadb built with OpenSSL

    Description

      Calling mysql_server_end calls OpenSSL cleanup functions via vio_end.
      This is a problem, as OpenSSL might very well be still used in the application using libmysqlclient.

      In my case, it's a plugin that's dynamicaly loaded and unloaded at runtime into an application that itself doesn't use mysql.
      The plugin calls mysql_server_init on load, and mysql_server_end on unload, which is the latest point the plugin still has control.

      As a result, the application that loads and unloads the plugin is no longer able to accept or initiate any SSL encrypted connections.
      Depending on what it does with OpenSSL, it might very well also crash, but i haven't managed to trigger a crash.

      Here's a short example on how to trigger the issue:
      https://gist.github.com/BtbN/3445c13dc9095f371aa9

      Attachments

        Activity

          What could a fix be? For example, I can try to detect whether OpenSSL was initialized when libmysqlclient is loaded and skip the initialization (and, consequently, deinitialization) in this case. This won't work very well, though, if an application loads and unloads plugins dynamically, many plugins use SSL and libmysqlclient-linked plugin by pure chance is loaded first (the plugin will initialize OpenSSL, so it'll deinitialize it too, even if other plugins might be using SSL at the moment).

          Perhaps, add a new option, something like

              mysql_options(&mysql, MYSQL_DO_NOT_DEINITIALIZE_OPENSSL, NULL);

          serg Sergei Golubchik added a comment - What could a fix be? For example, I can try to detect whether OpenSSL was initialized when libmysqlclient is loaded and skip the initialization (and, consequently, deinitialization) in this case. This won't work very well, though, if an application loads and unloads plugins dynamically, many plugins use SSL and libmysqlclient-linked plugin by pure chance is loaded first (the plugin will initialize OpenSSL, so it'll deinitialize it too, even if other plugins might be using SSL at the moment). Perhaps, add a new option, something like mysql_options(&mysql, MYSQL_DO_NOT_DEINITIALIZE_OPENSSL, NULL);

          Oromit, are you still affected by this issue? I want to implement a solution that actually works for those, who are affected. And it seems that you're the only one who is.

          serg Sergei Golubchik added a comment - Oromit , are you still affected by this issue? I want to implement a solution that actually works for those, who are affected. And it seems that you're the only one who is.
          Oromit Timo R. added a comment -

          Yes, the issue still exists for me.
          The solution with a DO_NOT_(DE)INITIALIZE flag would be nice to have.

          Oromit Timo R. added a comment - Yes, the issue still exists for me. The solution with a DO_NOT_(DE)INITIALIZE flag would be nice to have.

          People

            serg Sergei Golubchik
            Oromit Timo R.
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.