Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-7788

my_md5 crashes with openssl in fips mode

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 10.0
    • Fix Version/s: 10.0.18
    • Component/s: SSL
    • Labels:

      Description

      When FIPS is enabled (/proc/sys/crypto/fips_enabled is 1), OpenSSL disabled MD5, so my_md5() — that uses OpenSSL — doesn't work. It causes numerous failures and crashes as md5 is used internally for various purposes (e.g. checksums of views, MD5() SQL function, etc).

      The fix is to tell OpenSSL that MariaDB needs MD5 even if FIPS disables it. This is fine as long as it's not used for cryptographic purposes.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                serg Sergei Golubchik
                Reporter:
                serg Sergei Golubchik
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: