vio/viossl.c fails to compile with OpenSSL 0.9.8

Bug #1183610 reported by Ignacio Nin on 2013-05-23
This bug affects 1 person
Affects Status Importance Assigned to Milestone
MySQL Server
Percona Server moved to
Fix Released
Ignacio Nin
Fix Released
Ignacio Nin
Fix Released
Ignacio Nin
Fix Released
Ignacio Nin

Bug Description

Trying to compile in a system with OpenSSL 0.9.8 (CentOS 5, debian squeeze) with -DWITH_SSL=system using OpenSSL fails in vio/viossl.c with the following error:

[ 68%] Building C object vio/CMakeFiles/vio.dir/viossl.c.o
/dev/shm/work/BUILD/Percona-Server-5.5.31-rel30.3/vio/viossl.c: In functionsl_do':
/dev/shm/work/BUILD/Percona-Server-5.5.31-rel30.3/vio/viossl.c:175: error: [ 68%] Building C object vio/CMakeFiles/vio.dir/viossl.c.o
SL_OP_NO_COMPRESSION' undeclared (first use in this function)
/dev/shm/work/BUILD/Percona-Server-5.5.31-rel30.3/vio/viossl.c:175: error: (Each undeclared identifier is reported only once
/dev/shm/work/BUILD/Percona-Server-5.5.31-rel30.3/vio/viossl.c:175: error: for each function it appears in.)
make[2]: *** [vio/CMakeFiles/vio.dir/viossl.c.o] Error 1
make[1]: *** [vio/CMakeFiles/vio.dir/all] Error 2
make: *** [all] Error 2

vio/viossl.c uses the following construct (line 174)

#ifndef HAVE_YASSL
  SSL_set_options(ssl, SSL_OP_NO_COMPRESSION);

SSL_OP_NO_COMPRESSION was introduced in OpenSSL post 1.0.

The fix for this would be to avoid using SSL_OP_NO_COMPRESSION unless explicitely defined.

This change was introduced in revno 517 of Percona Server 5.5 (exactly revno 0.16782.113) so it's for now impossible to base its fix in a GCA with 5.6.

Related branches

Changed in percona-server:
importance: Undecided → Critical
milestone: none → 5.5.31-30.4
status: In Progress → Invalid
importance: Critical → Undecided
milestone: 5.5.31-30.4 → none
tags: added: upstream

Confirmed for 5.6 by code reading.

El 27/05/13 00:31, Laurynas Biveinis escribió:
> Confirmed for 5.6 by code reading.
As noted in,
the 5.5 bug-fixing branch is still unmergeable (33 extra revisions).

We can either wait for the GCA to grow, or we can cherry-pick the change
(bzr diff | patch -p0) to 5.6 and forget the issue/expect it to merge
smoothly later. Please advise the recommended course of action for these



Ignacio Nin
Build Engineer, Percona Inc.
(+1 877) 862-4316 ext 524
skype ignacio-nin

Our blog:

Got MySQL support?

Go for a separate commit in 5.6. The change in 5.5 is dependent on 5.5.31, and GCA will not advance past it until 5.6.12 is merged, which is by definition too late.

Ignacio Nin (ignacio-nin) wrote :

Bugfix ported to 5.6.

Unfortunately, this bugfix is yet difficult to test since our 5.6 tree is still using YaSSL, and the proposed merge that switches it to -DWITH_SSL=system still has got some issues compiling. Namely, ssl.cmake cannot properly detect a system OpenSSL, even if specified with -DWITH_SSL=/usr, so this still needs to be studied.

Leaving the bugfix without an MP until the problematic code is fully merged.

Ignacio Nin (ignacio-nin) wrote :

Bug has been confirmed for 5.1, will need to be backported from 5.5 including null merges to 5.5/5.6.

Percona now uses JIRA for bug reports so this bug report is migrated to:

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.