SSL MTR tests broken on CentOS 7

Bug #1341131 reported by Laurynas Biveinis on 2014-07-12
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
MySQL Server
Unknown
Unknown
Percona Server
High
Unassigned
5.1
Undecided
Unassigned
5.5
High
Unassigned
5.6
High
Unassigned
5.7
High
Unassigned

Bug Description

main.ssl [ fail ]
        Test ended at 2014-07-12 17:31:25

CURRENT_TEST: main.ssl
mysqltest: At line 9: query 'connect ssl_con,localhost,root,,,,,SSL' failed: 2026: SSL connection error: error:00000001:lib(0):func(0):reason(1)

Affected tests:

rpl.rpl_heartbeat_ssl 'mix'
rpl.rpl_heartbeat_ssl 'row'
rpl.rpl_heartbeat_ssl 'mix'
rpl.rpl_heartbeat_ssl 'stmt'
rpl.rpl_heartbeat_ssl 'row'
rpl.rpl_ssl 'mix'
rpl.rpl_heartbeat_ssl 'stmt'
rpl.rpl_ssl 'row'
rpl.rpl_ssl 'mix'
rpl.rpl_ssl 'stmt'
rpl.rpl_ssl 'row'
rpl.rpl_ssl1 'mix'
rpl.rpl_ssl 'stmt'
rpl.rpl_ssl1 'row'
rpl.rpl_ssl1 'mix'
rpl.rpl_ssl1 'stmt'
rpl.rpl_ssl1 'row'
main.ssl_8k_key
main.ssl_8k_key
main.ssl_cipher
main.ssl_cipher
rpl.rpl_ssl1 'stmt'
main.ssl
main.ssl
main.ssl_compress
main.ssl_compress
main.ssl_connect
main.ssl_connect
main.percona_mysqlbinlog_ssl_compress
main.percona_mysqlbinlog_ssl_compress
main.openssl_1
main.openssl_1
main.percona_ssl_connections_count
main.percona_ssl_connections_count

tags: added: ci ssl

SSL error on the server side is
error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error

on the client side
error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm
followed by
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

tags: added: upstream

An upstream bug, and it seems proper fix will require testsuite certificate regeneration, which is best left for upstream to fix IMHO.

A workaround is available of setting environment variable OPENSSL_ENABLE_MD5_VERIFY if needed.

openssl_1 test still failing with a workaround because it's testing a removed cipher, reported as http://bugs.mysql.com/bug.php?id=73281. Not worth fixing by us until the current bug is fixed.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.