[debian-mysql] Bug#851132: Bug#851132: Bug#851132: Bug#851132: Bug#851132: /usr/sbin/mysqld: ssl_ciphers not working; mariadb built without TLS support?

Georg Richter georg at mariadb.com
Thu Jan 19 18:06:06 UTC 2017


Hi,

WolfSSL has another interface (it's not C++ anymore, but C) and can't
replace Yassl on the fly. Beside TLS/SSL communication also hash functions
and crypto functions need to be migrated.

I'm currently working on a new tls/crypto wrapper for MariaDB, supporting
OpenSSL/LibreSSL, GnuTLS and SChannel (Windows) - likely it will be part of
10.3 or a later 10.2 version of MariaDB server.

/Georg

On Thu, Jan 19, 2017 at 6:41 PM, Clint Byrum <spamaps at debian.org> wrote:

> Excerpts from Otto Kekäläinen's message of 2017-01-19 11:52:18 +0200:
> > For the record, I also tested this on Ubuntu Yakkety with the version
> > 10.0.28-0ubuntu0.16.10.1 and I get the same warning in syslog:
> >
> > mysqld: 170119  9:47:47 [Warning] Failed to setup SSL
> > mysqld: 170119  9:47:47 [Warning] SSL error: Failed to set ciphers to use
> >
> > It seems something with how we do " -DWITH_SSL=bundled" and YaSSL is
> > (and maybe always was) broken.
> >
>
> Otto, have you tried building with WolfSSL, which is the updated and
> renamed version of YaSSL? That would definitely be preferred over an
> embedded version.
>
> https://tracker.debian.org/pkg/wolfssl
>
> _______________________________________________
> pkg-mysql-maint mailing list
> pkg-mysql-maint at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mysql-maint




-- 
Georg Richter, Senior Software Engineer
MariaDB Corporation Ab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20170119/99c6ed22/attachment.html>


More information about the pkg-mysql-maint mailing list