Bug 1122914

Summary: Test case failure: /CoreOS/mysql/testsuite
Product: Red Hat Enterprise Linux 6 Reporter: Karel Volný <kvolny>
Component: mysqlAssignee: Jakub Dorňák <jdornak>
Status: CLOSED CURRENTRELEASE QA Contact: qe-baseos-daemons
Severity: urgent Docs Contact:
Priority: urgent    
Version: 6.6CC: byte, databases-maint, hhorak
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1163353 1187545 (view as bug list) Environment:
Last Closed: 2015-10-14 06:48:13 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1163353, 1187545    

Description Karel Volný 2014-07-24 11:56:00 UTC 
Filed from caserun https://tcms.engineering.redhat.com/run/161993/#caserun_6405268

Version-Release number of selected component (if applicable):
RHEL-6.6-20140718.0
mysql-server-5.1.73-3.el6_5.x86_64

Steps to Reproduce: 
run the test


Actual results: 
main.openssl_1                           [ fail ]
        Test ended at 2014-07-24 05:23:30

CURRENT_TEST: main.openssl_1
ERROR 2026 (HY000): SSL connection error
mysqltest: At line 217: command "$MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC-SHA" failed

Output from before failure:
exec of '/usr/bin/mysql --defaults-file=/var/lib/mysql/testKWc/my.cnf --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC-SHA' failed, error: 256, status: 1, errno: 0



The result from queries just before the failure was:
< snip >
INSERT INTO `t1` VALUES (1),(2);
/*!40000 ALTER TABLE `t1` ENABLE KEYS */;
UNLOCK TABLES;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;

/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;

SSL error: Unable to get private key from 'MYSQL_TEST_DIR/std_data/client-cert.pem'
mysqldump: Got error: 2026: SSL connection error when trying to connect
DROP TABLE t1;
Variable_name	Value
Ssl_cipher	DHE-RSA-AES256-SHA
Variable_name	Value
Ssl_cipher	EDH-RSA-DES-CBC3-SHA

More results from queries before failure can be found in /var/lib/mysql/testKWc/log/openssl_1.log

 - saving '/var/lib/mysql/testKWc/log/main.openssl_1/' to '/var/lib/mysql/testKWc/log/main.openssl_1/'

Retrying test main.openssl_1, attempt(2/3)...

main.openssl_1                           [ retry-fail ]
        Test ended at 2014-07-24 05:23:31

CURRENT_TEST: main.openssl_1
ERROR 2026 (HY000): SSL connection error
mysqltest: At line 217: command "$MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC-SHA" failed

Output from before failure:
exec of '/usr/bin/mysql --defaults-file=/var/lib/mysql/testKWc/my.cnf --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC-SHA' failed, error: 256, status: 1, errno: 0



The result from queries just before the failure was:
< snip >
INSERT INTO `t1` VALUES (1),(2);
/*!40000 ALTER TABLE `t1` ENABLE KEYS */;
UNLOCK TABLES;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;

/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;

SSL error: Unable to get private key from 'MYSQL_TEST_DIR/std_data/client-cert.pem'
mysqldump: Got error: 2026: SSL connection error when trying to connect
DROP TABLE t1;
Variable_name	Value
Ssl_cipher	DHE-RSA-AES256-SHA
Variable_name	Value
Ssl_cipher	EDH-RSA-DES-CBC3-SHA

More results from queries before failure can be found in /var/lib/mysql/testKWc/log/openssl_1.log

 - saving '/var/lib/mysql/testKWc/log/main.openssl_1/' to '/var/lib/mysql/testKWc/log/main.openssl_1/'

Test main.openssl_1 has failed 2 times, no more retries!

main.order_by                            [ pass ]   4070




Expected results:
(all pass)
Comment 2 Karel Volný 2014-07-24 12:14:15 UTC 
reassigning to openssl - just a wild shot, as mysql doesn't have an update in RHEL 6.6 while for openssl there is RHBA-2014:17970
Comment 3 Tomas Mraz 2014-07-24 12:23:53 UTC 
Yes, EDH-RSA-DES-CBC-SHA is no longer available by default as it is insecure.

https://bugzilla.redhat.com/show_bug.cgi?id=1057520

This needs to be fixed in mysql by skipping this test or by the test explicitly enabling the weak ciphersuite.
Comment 4 Karel Volný 2015-06-29 10:30:38 UTC 
this probably got fixed along the recent ssl changes - can someone confirm?