MDEV-22917 wolfssl might crash at startup when both SSL and encryption plugin are enabled

Make sure to initialize SSL early enough, when encryption plugins is loaded

MDEV-22917 wolfssl might crash at startup when both SSL and encryption plugin are enabled
Make sure to initialize SSL early enough, when encryption plugins is loaded
9c577c2b · Vladislav Vaintroub · a0d598a4 · 9c577c2b · 9c577c2b · 9c577c2b
Commit 9c577c2b authored Jun 16, 2020 by Vladislav Vaintroub
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 2 deletions

include/violite.h include/violite.h +2 -0

sql/encryption.cc sql/encryption.cc +3 -0

vio/viosslfactories.c vio/viosslfactories.c +2 -2

No files found.
--- a/include/violite.h
+++ b/include/violite.h
@@ -171,6 +171,8 @@ struct st_VioSSLFd
 int sslaccept(struct st_VioSSLFd*, Vio *, long timeout, unsigned long *errptr);
 int sslconnect(struct st_VioSSLFd*, Vio *, long timeout, unsigned long *errptr);

+void vio_check_ssl_init();
+
 struct st_VioSSLFd
 *new_VioSSLConnectorFd(const char *key_file, const char *cert_file,
 		       const char *ca_file,  const char *ca_path,

--- a/sql/encryption.cc
+++ b/sql/encryption.cc
@@ -18,6 +18,7 @@
 #include "log.h"
 #include "sql_plugin.h"
 #include <my_crypt.h>
+#include <violite.h>

 /* there can be only one encryption plugin enabled */
 static plugin_ref encryption_manager= 0;
@@ -63,6 +64,8 @@ int initialize_encryption_plugin(st_plugin_int *plugin)
  if (encryption_manager)
    return 1;

+  vio_check_ssl_init();
+
  if (plugin->plugin->init && plugin->plugin->init(plugin))
  {
    sql_print_error("Plugin '%s' init function returned error.",

--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -150,7 +150,7 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file,
 }


-static void check_ssl_init()
+void vio_check_ssl_init()
 {
  if (!ssl_algorithms_added)
  {
@@ -243,7 +243,7 @@ new_VioSSLFd(const char *key_file, const char *cert_file,
              crl_file ? crl_file : "NULL",
              crl_path ? crl_path : "NULL"));

-  check_ssl_init();
+  vio_check_ssl_init();

  if (!(ssl_fd= ((struct st_VioSSLFd*)
                 my_malloc(sizeof(struct st_VioSSLFd),MYF(0)))))