Bug 162079

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.7.6) Gecko/20050322 Firefox/1.0.2

Description of problem:
When using the options mentioned above in the my.cnf file, I get the following in the /var/log/mysqld.log file:
050629 09:19:58  mysqld started
/usr/libexec/mysqld: unrecognized option `--ssl-ca=/etc/mysql/openssl/cacert.pem'

It is apparent that MySQLd is built without ssl suppport.

Version-Release number of selected component (if applicable):
mysql-server-3.23.58-16.FC3.1

How reproducible:
Always

Steps to Reproduce:
1. Generate cacert.pem, server-cert.pem server-key.pem
2. Add the following to the mysqld section of the my.cnf file:
ssl-ca=/etc/mysql/openssl/cacert.pem
ssl-cert=/etc/mysql/openssl/server-cert.pem
ssl-key=/etc/mysql/openssl/server-key.pem

3. /etc/init.d/mysqld restart

Actual Results:  Stopping MySQL:                                            [  OK  ]
Timeout error occurred trying to start MySQL Daemon.
Starting MySQL:                                            [FAILED]

Log contains error mentioned above

Expected Results:  Should use options as explained in section 5.7.7.5. SSL Command-Line Options of the MySQL online manual.

Additional info:

I beleive all that is needed is an adjustment in the spec file to include a dependancy for ssl and to compile ssl into the rpm.

Although marked as an enhancement, I beleive that this is really a security issue for systems where the DB backend and web frontend are disjoint.  I levase it up to the EIC to make that judgement.