MDEV-35581 On servers linked against WolfSSL SSL_Cipher and SSL_cipher_list are always the same

vuvova · vuvova · commit 1ac4aeb5d8d9 · 2025-07-17T09:18:17.000+02:00
emulate OpenSSL behavior in WolfSSL:
* use wolfSSL_get_cipher_list(i) for SSL_get_cipher_list(ctx, i),
  not wolfSSL_get_cipher_list_ex(ctx, i), which returns only
  the cipher used in the current connection.
diff --git a/include/ssl_compat.h b/include/ssl_compat.h
@@ -57,6 +57,8 @@
 #define ERR_remove_state(x) do {} while(0)
 #undef SSL_get_cipher
 #define SSL_get_cipher(ssl) (SSL_version(ssl) == TLS1_3_VERSION ? wolfSSL_get_cipher(ssl) : wolfSSL_get_cipher_name(ssl))
+#undef SSL_get_cipher_list
+#define SSL_get_cipher_list(ctx,i) wolfSSL_get_cipher_list(i)
 #elif defined (HAVE_ERR_remove_thread_state)
 #define ERR_remove_state(X) ERR_remove_thread_state(NULL)
 #endif /* HAVE_ERR_remove_thread_state */
diff --git a/mysql-test/main/ssl.result b/mysql-test/main/ssl.result
@@ -2188,11 +2188,20 @@ drop table t1;
 SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
 have_ssl
 1
+#
+# MDEV-7697 Client reports ERROR 2006 (MySQL server has gone away) or ERROR 2013 (Lost connection to server during query) while executing AES* functions under SSL
+#
 select aes_decrypt('MySQL','adf');
 aes_decrypt('MySQL','adf')
 NULL
 select 'still connected?';
 still connected?
 still connected?
+#
+# MDEV-35581 On servers linked against WolfSSL SSL_Cipher and SSL_cipher_list are always the same
+#
+select variable_value like '%:%' from information_schema.session_status where variable_name='ssl_cipher_list';
+variable_value like '%:%'
+1
 connection default;
 disconnect ssl_con;
diff --git a/mysql-test/main/ssl.test b/mysql-test/main/ssl.test
@@ -29,12 +29,17 @@ SHOW STATUS LIKE 'Ssl_server_not_after';
 # Check ssl turned on
 SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
 
-#
-# MDEV-7697 Client reports ERROR 2006 (MySQL server has gone away) or ERROR 2013 (Lost connection to server during query) while executing AES* functions under SSL
-#
+--echo #
+--echo # MDEV-7697 Client reports ERROR 2006 (MySQL server has gone away) or ERROR 2013 (Lost connection to server during query) while executing AES* functions under SSL
+--echo #
 select aes_decrypt('MySQL','adf');
 select 'still connected?';
 
+--echo #
+--echo # MDEV-35581 On servers linked against WolfSSL SSL_Cipher and SSL_cipher_list are always the same
+--echo #
+select variable_value like '%:%' from information_schema.session_status where variable_name='ssl_cipher_list';
+
 connection default;
 disconnect ssl_con;
 
