Comment 8 for bug 1169505

Olaf van Zandwijk (olafz) wrote :

I've been looking into this a bit more. When connecting to localhost on a working and a non-working server, I see these differences (only different values are shown):

The '5.5.30-30.1' server (accepting ssl clients):
mysql> show status like 'ssl%';
+--------------------------------+---------+
| Variable_name | Value |
+--------------------------------+---------+
| Ssl_accepts | 0 |
| Ssl_ctx_verify_depth | 0 |
| Ssl_ctx_verify_mode | 0 |
| Ssl_finished_accepts | 0 |
| Ssl_session_cache_mode | Unknown |
| Ssl_session_cache_size | 0 |
+--------------------------------+---------+

The '5.5.30-30.2' server (not accepting ssl clients):
mysql> show status like 'ssl%';
+--------------------------------+----------------------+
| Variable_name | Value |
+--------------------------------+----------------------+
| Ssl_accepts | 626 |
| Ssl_ctx_verify_depth | 18446744073709551615 |
| Ssl_ctx_verify_mode | 5 |
| Ssl_finished_accepts | 3 |
| Ssl_session_cache_mode | SERVER |
| Ssl_session_cache_size | 128 |
+--------------------------------+----------------------+

Also, lsof on the 5.5.30-30.1 server shows

root@server:~# lsof | grep ssl | grep mysql
mysqld 27521 mysql mem REG 254,9 356608 41213 /usr/lib/libssl.so.0.9.8

while the 5.5.30-30.2 server does not show this line. I'm not sure if the server is supposed to have this shared library opened at all times?