← Back to team overview

maria-developers team mailing list archive

bzr commit into MariaDB 5.1, with Maria 1.5:maria branch (monty:2807)

 

#At lp:maria based on revid:monty@xxxxxxxxxxxx-20100128144914-lqwgn4dphka023yz

 2807 Michael Widenius	2010-01-29 [merge]
      Changed version number from RC to stable
      Fixed bug in Yassle to get correct error messages in case of errors
      Provide better error messages in case of ssl connect failure
      Updated out-of-date ssl certificates to fix failing mysql-test-system (certificates now active for 10 years)
      Fixed bug in query_cache that could cause asserts and hangs in DEBUG builds.
      Fixed bug where one connection did not see changes done by another connection.
      modified:
        configure.in
        extra/yassl/src/yassl_error.cpp
        include/violite.h
        mysql-test/mysql-test-run.pl
        mysql-test/r/grant.result
        mysql-test/r/openssl_1.result
        mysql-test/std_data/cacert.pem
        mysql-test/std_data/client-cert.pem
        mysql-test/std_data/client-key.pem
        mysql-test/std_data/server-cert.pem
        mysql-test/std_data/server-key.pem
        mysql-test/t/grant.test
        mysql-test/t/openssl_1.test
        mysql-test/t/query_cache_debug.test
        sql-common/client.c
        sql/net_serv.cc
        sql/slave.cc
        sql/sql_cache.cc
        sql/sql_connect.cc
        sql/sql_parse.cc
        vio/viossl.c

per-file messages:
  configure.in
    Changed version number from RC to stable
  extra/yassl/src/yassl_error.cpp
    Fixed bug in Yassle to get correct error messages in case of errors
    - 'error' is an enum that hold more error numbers than the enum was defined for
  include/violite.h
    Added error output string for sslaccept() and sslconnect() to get reason for connect failure
  mysql-test/mysql-test-run.pl
    Write failed test cases if mysql-test-run fails because of too many errors
  mysql-test/r/grant.result
    Update results to reflect new certificates
  mysql-test/r/openssl_1.result
    Update results to reflect new certificates
  mysql-test/std_data/cacert.pem
    Update ssl certificate
  mysql-test/std_data/client-cert.pem
    Update ssl certificate
  mysql-test/std_data/client-key.pem
    Update ssl certificate
  mysql-test/std_data/server-cert.pem
    Update ssl certificate
  mysql-test/std_data/server-key.pem
    Update ssl certificate
  mysql-test/t/grant.test
    Update test to reflect new certificates
  mysql-test/t/openssl_1.test
    Update test to reflect new certificates
  mysql-test/t/query_cache_debug.test
    Remove 'big_test' as test is now fast
  sql-common/client.c
    Give a better error message if ssl connect fails
  sql/net_serv.cc
    Fixed compiler warnings
  sql/slave.cc
    Give a better error message in logs if ssl connect fails
  sql/sql_cache.cc
    debug_wait_for_kill() now removes the set watch variable after kill signal
    This is needed as invalidate_table() may be called twice for one query.
    Ensure that net->query_cache_query is reset after query. This fixes assert in
    query_cache_end_of_result() if query_cache_query holds results from previous query.
    Removed DBUG_ASSERT(0), as this code can be run by query_cache_debug.test
  sql/sql_connect.cc
    Give a better error message if ssl connect fails
  sql/sql_parse.cc
    Fixed bug where one connection did not see changes done by another connection.
    For statements that changes tables, close_thread_tables() MUST be called before
    sending OK as a table handler may not make the changes available for other connections
    before unlock_tables().
  vio/viossl.c
    Give a better error message if ssl connect fails
=== modified file 'configure.in'
--- a/configure.in	2010-01-17 17:22:46 +0000
+++ b/configure.in	2010-01-29 10:42:31 +0000
@@ -10,7 +10,7 @@ AC_CANONICAL_SYSTEM
 #
 # When changing major version number please also check switch statement
 # in mysqlbinlog::check_master_version().
-AM_INIT_AUTOMAKE(mysql, 5.1.42-MariaDB-rc)
+AM_INIT_AUTOMAKE(mysql, 5.1.42-MariaDB)
 AM_CONFIG_HEADER([include/config.h:config.h.in])
 
 # Request support for automake silent-rules if available.

=== modified file 'extra/yassl/src/yassl_error.cpp'
--- a/extra/yassl/src/yassl_error.cpp	2008-11-18 16:45:44 +0000
+++ b/extra/yassl/src/yassl_error.cpp	2010-01-29 10:42:31 +0000
@@ -60,7 +60,7 @@ void SetErrorString(YasslError error, ch
     using namespace TaoCrypt;
     const int max = MAX_ERROR_SZ;  // shorthand
 
-    switch (error) {
+    switch ((int) error) {
 
         // yaSSL proper errors
     case range_error :

=== modified file 'include/violite.h'
--- a/include/violite.h	2010-01-15 15:27:55 +0000
+++ b/include/violite.h	2010-01-29 10:42:31 +0000
@@ -123,8 +123,8 @@ struct st_VioSSLFd
   SSL_CTX *ssl_context;
 };
 
-int sslaccept(struct st_VioSSLFd*, Vio *, long timeout);
-int sslconnect(struct st_VioSSLFd*, Vio *, long timeout);
+int sslaccept(struct st_VioSSLFd*, Vio *, long timeout, char *error_string);
+int sslconnect(struct st_VioSSLFd*, Vio *, long timeout, char *error_string);
 
 struct st_VioSSLFd
 *new_VioSSLConnectorFd(const char *key_file, const char *cert_file,

=== modified file 'mysql-test/mysql-test-run.pl'
--- a/mysql-test/mysql-test-run.pl	2010-01-27 17:41:05 +0000
+++ b/mysql-test/mysql-test-run.pl	2010-01-29 10:42:31 +0000
@@ -413,7 +413,6 @@ sub main {
     # Not all tests completed, failure
     mtr_report();
     mtr_report("Only ", int(@$completed), " of $num_tests completed.");
-    mtr_error("Not all tests completed");
   }
 
   mtr_print_line();
@@ -425,6 +424,10 @@ sub main {
 
   mtr_report_stats($fail, $completed, $extra_warnings);
 
+  if ( @$completed != $num_tests)
+  {
+    mtr_error("Not all tests completed");
+  }
   exit(0);
 }
 

=== modified file 'mysql-test/r/grant.result'
--- a/mysql-test/r/grant.result	2009-10-27 10:09:36 +0000
+++ b/mysql-test/r/grant.result	2010-01-29 10:42:31 +0000
@@ -29,15 +29,15 @@ show grants for mysqltest_1@localhost;
 Grants for mysqltest_1@localhost
 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
 GRANT SELECT ON `mysqltest`.* TO 'mysqltest_1'@'localhost'
-grant USAGE on mysqltest.* to mysqltest_1@localhost require cipher "EDH-RSA-DES-CBC3-SHA" AND SUBJECT "testsubject" ISSUER "MySQL AB";
+grant USAGE on mysqltest.* to mysqltest_1@localhost require cipher "EDH-RSA-DES-CBC3-SHA" AND SUBJECT "testsubject" ISSUER "Monty Program Ab";
 show grants for mysqltest_1@localhost;
 Grants for mysqltest_1@localhost
-GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE ISSUER 'MySQL AB' SUBJECT 'testsubject' CIPHER 'EDH-RSA-DES-CBC3-SHA'
+GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE ISSUER 'Monty Program Ab' SUBJECT 'testsubject' CIPHER 'EDH-RSA-DES-CBC3-SHA'
 GRANT SELECT ON `mysqltest`.* TO 'mysqltest_1'@'localhost'
 revoke all privileges on mysqltest.* from mysqltest_1@localhost;
 show grants for mysqltest_1@localhost;
 Grants for mysqltest_1@localhost
-GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE ISSUER 'MySQL AB' SUBJECT 'testsubject' CIPHER 'EDH-RSA-DES-CBC3-SHA'
+GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE ISSUER 'Monty Program Ab' SUBJECT 'testsubject' CIPHER 'EDH-RSA-DES-CBC3-SHA'
 delete from mysql.user where user='mysqltest_1';
 flush privileges;
 delete from mysql.user where user='mysqltest_1';

=== modified file 'mysql-test/r/openssl_1.result'
--- a/mysql-test/r/openssl_1.result	2009-05-25 13:00:18 +0000
+++ b/mysql-test/r/openssl_1.result	2010-01-29 10:42:31 +0000
@@ -3,8 +3,10 @@ create table t1(f1 int);
 insert into t1 values (5);
 grant select on test.* to ssl_user1@localhost require SSL;
 grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";
-grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@xxxxxxxxx";
-grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@xxxxxxxxx" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
+grant select on test.* to ssl_user3@localhost require cipher
+"DHE-RSA-AES256-SHA" AND SUBJECT "/C=FI/ST=Tuusula/O=Monty Program Ab/emailAddress=abstract.developer@xxxxxxxxxxxx";
+grant select on test.* to ssl_user4@localhost require cipher
+"DHE-RSA-AES256-SHA" AND SUBJECT "/C=FI/ST=Tuusula/O=Monty Program Ab/emailAddress=abstract.developer@xxxxxxxxxxxx" ISSUER "/C=FI/ST=Tuusula/O=Monty Program Ab/emailAddress=abstract.developer@xxxxxxxxxxxx";
 grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
 flush privileges;
 connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET);
@@ -44,9 +46,9 @@ ERROR 42000: DELETE command denied to us
 drop user ssl_user1@localhost, ssl_user2@localhost,
 ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost;
 drop table t1;
-mysqltest: Could not open connection 'default': 2026 SSL connection error
-mysqltest: Could not open connection 'default': 2026 SSL connection error
-mysqltest: Could not open connection 'default': 2026 SSL connection error
+mysqltest: Could not open connection 'default': 2026 SSL error: ASN: bad other signature confirmation
+mysqltest: Could not open connection 'default': 2026 SSL error: ASN: bad other signature confirmation
+mysqltest: Could not open connection 'default': 2026 SSL error: ASN: bad other signature confirmation
 SSL error: Unable to get private key from ''
 mysqltest: Could not open connection 'default': 2026 SSL connection error
 SSL error: Unable to get certificate from ''

=== modified file 'mysql-test/std_data/cacert.pem'
--- a/mysql-test/std_data/cacert.pem	2009-06-11 16:21:32 +0000
+++ b/mysql-test/std_data/cacert.pem	2010-01-29 10:42:31 +0000
@@ -1,17 +1,19 @@
 -----BEGIN CERTIFICATE-----
-MIICrTCCAhagAwIBAgIJAJXpePU0UOTVMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxhMRAwDgYDVQQHEwdVcHBzYWxhMREwDwYD
-VQQKEwhNeVNRTCBBQjAeFw0wOTAxMjgxMDQ5NDZaFw0xNDAxMjcxMDQ5NDZaMEQx
-CzAJBgNVBAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxhMRAwDgYDVQQHEwdVcHBzYWxh
-MREwDwYDVQQKEwhNeVNRTCBBQjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
-4XQHAe5R1+TXC8noZtWf+d5E0v1C59FWpn9SWEUCBjE5UiIwuJvi4Y+7xWGOXLAI
-/JzJx5gNXLBiTsE/zh0uX9fKlajLhxB0GN+QU0ZlpQ1BeYipEcNXeI/7cT499f6v
-XWabnTflivdCgHSWUOQ20/Lzs6kP6/e6OoZd/DPSjPECAwEAAaOBpjCBozAdBgNV
-HQ4EFgQU8uLqVWWkmuKsnZf1RWz294wRrd8wdAYDVR0jBG0wa4AU8uLqVWWkmuKs
-nZf1RWz294wRrd+hSKRGMEQxCzAJBgNVBAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxh
-MRAwDgYDVQQHEwdVcHBzYWxhMREwDwYDVQQKEwhNeVNRTCBBQoIJAJXpePU0UOTV
-MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAMMTE5sDN+Z0ZlV7KvH3g
-6+aKvql8dTpRT3hYukeQlWua0nq74WPGVw0c4e/M/vbiMwmJcCYpB9pd4+dHqzSw
-aPyoenjY6UF8n7B4quWy3SIUk2LSHeJLW+kzJn2afN9gvipFhdVh/uU2TIyLGOur
-Z/vmJX2W7hF1uqPnbfa8Lrw=
+MIIDIjCCAougAwIBAgIJAJhuvLP+2mGwMA0GCSqGSIb3DQEBBQUAMGoxCzAJBgNV
+BAYTAkZJMRAwDgYDVQQIEwdUdXVzdWxhMRkwFwYDVQQKExBNb250eSBQcm9ncmFt
+IEFiMS4wLAYJKoZIhvcNAQkBFh9hYnN0cmFjdC5kZXZlbG9wZXJAYXNrbW9udHku
+b3JnMB4XDTEwMDEyODIxNTcyNVoXDTEwMDIyNzIxNTcyNVowajELMAkGA1UEBhMC
+RkkxEDAOBgNVBAgTB1R1dXN1bGExGTAXBgNVBAoTEE1vbnR5IFByb2dyYW0gQWIx
+LjAsBgkqhkiG9w0BCQEWH2Fic3RyYWN0LmRldmVsb3BlckBhc2ttb250eS5vcmcw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMIaY4pwbst50S32xJH3bSXhPGep
+6gx1AWwZKsHTXL3VeMO6PHmC8zu5HM0zbOcrIJcXL3YVnpmE4b9OQxIiMSx1Yd+U
+u8/sTkxgpsEKhCbIzECIwPhppyT/JP5aSXCadEvg+PSjikv8dOVkD68wVG4CcFIX
+MFttsPebBVzEokZZAgMBAAGjgc8wgcwwHQYDVR0OBBYEFOCKaNHFFPrju8AwzWxS
+f96IKfRwMIGcBgNVHSMEgZQwgZGAFOCKaNHFFPrju8AwzWxSf96IKfRwoW6kbDBq
+MQswCQYDVQQGEwJGSTEQMA4GA1UECBMHVHV1c3VsYTEZMBcGA1UEChMQTW9udHkg
+UHJvZ3JhbSBBYjEuMCwGCSqGSIb3DQEJARYfYWJzdHJhY3QuZGV2ZWxvcGVyQGFz
+a21vbnR5Lm9yZ4IJAJhuvLP+2mGwMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
+BQADgYEAsmCX2/k9AInq2qhXtnkLip6cB0iOerLTNAzEijZc/aVf4wUjkL3cqhmC
+kSTCwAHIOxp+ICwh6ky3xghXjoI9QnPFDVkRkzPT2tV0IoBaeQuI4e0CU2EY7L3P
+XoDqp3oq1XtVcr9ZZdP68fBYUG/qcrWcXWk45ZFaBmBv3TotsGk=
 -----END CERTIFICATE-----

=== modified file 'mysql-test/std_data/client-cert.pem'
--- a/mysql-test/std_data/client-cert.pem	2009-06-11 16:21:32 +0000
+++ b/mysql-test/std_data/client-cert.pem	2010-01-29 10:42:31 +0000
@@ -1,55 +1,60 @@
 Certificate:
     Data:
         Version: 3 (0x2)
-        Serial Number: 3 (0x3)
+        Serial Number: 2 (0x2)
         Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=SE, ST=Uppsala, L=Uppsala, O=MySQL AB
+        Issuer: C=FI, ST=Tuusula, O=Monty Program Ab/emailAddress=abstract.developer@xxxxxxxxxxxx
         Validity
-            Not Before: Jan 28 11:04:39 2009 GMT
-            Not After : Jan 28 11:04:39 2010 GMT
-        Subject: C=SE, ST=Uppsala, O=MySQL AB/emailAddress=abstract.mysql.developer@xxxxxxxxx
+            Not Before: Jan 28 22:01:38 2010 GMT
+            Not After : Dec  7 22:01:38 2019 GMT
+        Subject: C=FI, ST=Tuusula, O=Monty Program Ab/emailAddress=abstract.developer@xxxxxxxxxxxx
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-            RSA Public Key: (512 bit)
-                Modulus (512 bit):
-                    00:e1:52:30:2c:d9:be:64:28:91:5d:7a:fd:d9:e9:
-                    14:35:7a:d2:94:4e:91:46:e0:db:9f:6b:79:f4:4c:
-                    ac:6e:07:61:34:86:74:62:a7:a8:44:af:fa:87:87:
-                    a8:7d:42:61:ff:ab:50:d4:7b:bf:75:fa:d5:d5:b3:
-                    74:fb:56:1e:37
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:bd:dc:3d:f8:3c:0b:d4:d2:c0:a3:9c:34:2d:e7:
+                    11:ff:4d:43:35:17:f6:0d:91:01:92:9e:4f:4d:c0:
+                    38:d5:62:03:55:33:db:66:a2:91:d3:f2:b6:23:34:
+                    95:53:50:3d:4f:e3:0c:d7:76:fd:f6:54:64:e6:f6:
+                    dc:70:74:7c:6b:74:41:59:b0:19:5d:62:90:3c:a7:
+                    c8:5e:21:8f:2b:22:6b:c7:43:9b:be:79:84:60:da:
+                    16:c9:ce:ee:fd:66:cb:54:81:e2:b5:1c:cf:f9:74:
+                    de:38:2b:28:d4:31:33:55:d2:30:1c:a3:e4:c2:c7:
+                    31:46:43:d5:33:3d:8a:0b:47
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Basic Constraints: 
                 CA:FALSE
+            Netscape Comment: 
+                OpenSSL Generated Certificate
             X509v3 Subject Key Identifier: 
-                58:30:B5:9B:2C:05:94:06:BA:3D:3C:F0:B2:CD:1D:67:65:E3:7F:85
+                BE:E6:DB:19:8D:DB:72:9A:85:EE:B2:B8:5D:E7:FF:61:DF:09:08:AF
             X509v3 Authority Key Identifier: 
-                keyid:F2:E2:EA:55:65:A4:9A:E2:AC:9D:97:F5:45:6C:F6:F7:8C:11:AD:DF
-                DirName:/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB
-                serial:95:E9:78:F5:34:50:E4:D5
+                keyid:E0:8A:68:D1:C5:14:FA:E3:BB:C0:30:CD:6C:52:7F:DE:88:29:F4:70
 
     Signature Algorithm: sha1WithRSAEncryption
-        05:19:e3:13:14:fc:c5:28:bf:69:f8:00:b3:25:cb:bd:ca:9f:
-        2f:4c:b3:a8:04:11:f0:74:27:bd:82:2c:b4:49:9b:a7:59:f0:
-        f7:87:d1:e0:ba:99:a2:fe:4b:1d:10:6f:e4:a2:b3:cd:7f:8b:
-        68:31:46:ee:cd:9e:e2:47:e1:4c:fa:74:d1:e2:8b:cc:a0:4b:
-        a8:24:d1:a4:c3:6b:2a:c6:28:cd:41:e0:06:48:e6:cf:f2:3c:
-        ca:37:95:d7:29:64:6b:91:91:83:e7:ac:c8:0b:87:bc:da:a6:
-        aa:f1:44:43:c8:74:7b:15:26:91:2e:03:c4:71:50:6c:f8:68:
-        dc:8c
+        41:95:6d:0a:a4:ee:af:68:cd:94:26:59:9a:18:b7:75:3c:c5:
+        0f:22:d3:5c:31:9b:85:a0:93:b3:f0:50:29:ba:1e:d3:5a:43:
+        0b:77:2d:98:87:a7:a7:39:0f:40:8d:03:d3:b3:67:43:77:bc:
+        3c:51:c2:f9:9e:7a:2d:39:c4:5c:16:d7:70:d6:74:d1:6c:e1:
+        6a:4d:fd:1f:10:af:64:3b:f4:64:e9:b2:b3:fb:c8:cd:c5:41:
+        cd:99:e0:ac:83:1d:81:2c:6b:99:ba:80:02:12:72:f7:3b:bb:
+        93:72:00:da:ff:d3:87:75:d2:3a:a4:ca:4d:c1:8b:c1:21:50:
+        cb:57
 -----BEGIN CERTIFICATE-----
-MIICfzCCAeigAwIBAgIBAzANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJTRTEQ
-MA4GA1UECBMHVXBwc2FsYTEQMA4GA1UEBxMHVXBwc2FsYTERMA8GA1UEChMITXlT
-UUwgQUIwHhcNMDkwMTI4MTEwNDM5WhcNMTAwMTI4MTEwNDM5WjBlMQswCQYDVQQG
-EwJTRTEQMA4GA1UECBMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwgQUIxMTAvBgkq
-hkiG9w0BCQEWImFic3RyYWN0Lm15c3FsLmRldmVsb3BlckBteXNxbC5jb20wXDAN
-BgkqhkiG9w0BAQEFAANLADBIAkEA4VIwLNm+ZCiRXXr92ekUNXrSlE6RRuDbn2t5
-9EysbgdhNIZ0YqeoRK/6h4eofUJh/6tQ1Hu/dfrV1bN0+1YeNwIDAQABo4GjMIGg
-MAkGA1UdEwQCMAAwHQYDVR0OBBYEFFgwtZssBZQGuj088LLNHWdl43+FMHQGA1Ud
-IwRtMGuAFPLi6lVlpJrirJ2X9UVs9veMEa3foUikRjBEMQswCQYDVQQGEwJTRTEQ
-MA4GA1UECBMHVXBwc2FsYTEQMA4GA1UEBxMHVXBwc2FsYTERMA8GA1UEChMITXlT
-UUwgQUKCCQCV6Xj1NFDk1TANBgkqhkiG9w0BAQUFAAOBgQAFGeMTFPzFKL9p+ACz
-Jcu9yp8vTLOoBBHwdCe9giy0SZunWfD3h9Hgupmi/ksdEG/korPNf4toMUbuzZ7i
-R+FM+nTR4ovMoEuoJNGkw2sqxijNQeAGSObP8jzKN5XXKWRrkZGD56zIC4e82qaq
-8URDyHR7FSaRLgPEcVBs+GjcjA==
+MIICxTCCAi6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADBqMQswCQYDVQQGEwJGSTEQ
+MA4GA1UECBMHVHV1c3VsYTEZMBcGA1UEChMQTW9udHkgUHJvZ3JhbSBBYjEuMCwG
+CSqGSIb3DQEJARYfYWJzdHJhY3QuZGV2ZWxvcGVyQGFza21vbnR5Lm9yZzAeFw0x
+MDAxMjgyMjAxMzhaFw0xOTEyMDcyMjAxMzhaMGoxCzAJBgNVBAYTAkZJMRAwDgYD
+VQQIEwdUdXVzdWxhMRkwFwYDVQQKExBNb250eSBQcm9ncmFtIEFiMS4wLAYJKoZI
+hvcNAQkBFh9hYnN0cmFjdC5kZXZlbG9wZXJAYXNrbW9udHkub3JnMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQC93D34PAvU0sCjnDQt5xH/TUM1F/YNkQGSnk9N
+wDjVYgNVM9tmopHT8rYjNJVTUD1P4wzXdv32VGTm9txwdHxrdEFZsBldYpA8p8he
+IY8rImvHQ5u+eYRg2hbJzu79ZstUgeK1HM/5dN44KyjUMTNV0jAco+TCxzFGQ9Uz
+PYoLRwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NM
+IEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUvubbGY3bcpqF7rK4Xef/
+Yd8JCK8wHwYDVR0jBBgwFoAU4Ipo0cUU+uO7wDDNbFJ/3ogp9HAwDQYJKoZIhvcN
+AQEFBQADgYEAQZVtCqTur2jNlCZZmhi3dTzFDyLTXDGbhaCTs/BQKboe01pDC3ct
+mIenpzkPQI0D07NnQ3e8PFHC+Z56LTnEXBbXcNZ00Wzhak39HxCvZDv0ZOmys/vI
+zcVBzZngrIMdgSxrmbqAAhJy9zu7k3IA2v/Th3XSOqTKTcGLwSFQy1c=
 -----END CERTIFICATE-----

=== modified file 'mysql-test/std_data/client-key.pem'
--- a/mysql-test/std_data/client-key.pem	2009-06-11 16:21:32 +0000
+++ b/mysql-test/std_data/client-key.pem	2010-01-29 10:42:31 +0000
@@ -1,9 +1,15 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIBOQIBAAJBAOFSMCzZvmQokV16/dnpFDV60pROkUbg259refRMrG4HYTSGdGKn
-qESv+oeHqH1CYf+rUNR7v3X61dWzdPtWHjcCAwEAAQJAXYooM8ZlcuEgj+VKU1ee
-qyEFIMqJJxqcMk+E/nWCM96WxCP3zHNSrqNfSpI3ld7QzMwhdRz+gFLxT2gGNpIw
-MQIhAPxzM/lDihe67X3ADYtDl9ZjA8Pm430x9sXlcxI17tCZAiEA5H1SyFl4mUee
-9VnfSC2XGW7lwz72ZygfVX+b7tLWF08CIEh40gzW5MfXM+KLxdea+fXjyursV5ZT
-R6KcMiKiNQLRAiAcmHqlzFzFgisotai2Fc6VRkXHG7gmzOSvBJt1VjmpDQIge6jf
-2N7whTdvC4ferB+zUlgWQdyvx1c3T4gnt6PYdaY=
+MIICXgIBAAKBgQC93D34PAvU0sCjnDQt5xH/TUM1F/YNkQGSnk9NwDjVYgNVM9tm
+opHT8rYjNJVTUD1P4wzXdv32VGTm9txwdHxrdEFZsBldYpA8p8heIY8rImvHQ5u+
+eYRg2hbJzu79ZstUgeK1HM/5dN44KyjUMTNV0jAco+TCxzFGQ9UzPYoLRwIDAQAB
+AoGBAJa2lprPT7UJ99Ho1aL6ota/RnKHKtNqII17DgjyZis9OtgP6kJ3GrvdF6iq
+vT79my4nVrJTyxYXuGF/5U1/qqNjuPPBE1Xbu1ubQlFv8CT0kKYynQ7Z3ls8fAHC
+B3VJXnUVlG+GHtUEFFG4FQVX1fn/Sga67ioJ6ivAiBlHKaPBAkEA5f2ToWlj4u9O
+KgfRkN54wdIp4yu2c40pbhMfKGjGGsBAHk92+qSBpzEmxLcI6Ay+4/QysSR4jYmK
+jCJuxiTu1QJBANNU3Hx8Il2SF/2BqGLcIh2SHxzKQIT5wAyD2jb+P2cHvbk6pKGR
+VTmw5bibxXmYMS6J/L2zUF2xtFe+Svwz96sCQEnKYSqBqOWvyBFeLtPfPTlal8vm
+Q4SxfuBtTCrn6t+8XRYcgt0KGPsunvSwkS/6nuh+eiExxWgMACLUDVyPjv0CQQC4
+sJJc7LOv6Oy0bWr2swHRrBEqvQsz63zOszCzHPHWHirNxZV5aiT8XT/2XZRwlvRs
+gsVyGFLk/1fn0vN/g/8vAkEAxUdzUKvC1ZwjzGhgcz2bQU0tEZN4C9jBCiwOI2ud
+BpAsPG0xAGGL2+hz0B0n88XiTHobiTZ1bg4Z41i4pXx2ZA==
 -----END RSA PRIVATE KEY-----

=== modified file 'mysql-test/std_data/server-cert.pem'
--- a/mysql-test/std_data/server-cert.pem	2009-06-11 16:21:32 +0000
+++ b/mysql-test/std_data/server-cert.pem	2010-01-29 10:42:31 +0000
@@ -3,53 +3,59 @@ Certificate:
         Version: 3 (0x2)
         Serial Number: 1 (0x1)
         Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=SE, ST=Uppsala, L=Uppsala, O=MySQL AB
+        Issuer: C=FI, ST=Tuusula, O=Monty Program Ab/emailAddress=abstract.developer@xxxxxxxxxxxx
         Validity
-            Not Before: Jan 28 10:55:13 2009 GMT
-            Not After : Jan 28 10:55:13 2010 GMT
-        Subject: C=SE, ST=Uppsala, O=MySQL AB, CN=localhost/emailAddress=abstract.mysql.developer@xxxxxxxxx
+            Not Before: Jan 28 21:59:14 2010 GMT
+            Not After : Dec  7 21:59:14 2019 GMT
+        Subject: C=FI, ST=Tuusula, O=Monty Program Ab, CN=localhost/emailAddress=abstract.developer@xxxxxxxxxxxx
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-            RSA Public Key: (512 bit)
-                Modulus (512 bit):
-                    00:b6:8f:e5:b7:b4:86:83:13:8a:f9:bf:63:cb:64:
-                    2d:b9:51:d1:de:ab:7b:45:1f:aa:b5:66:73:13:f9:
-                    a6:07:d5:ba:7c:fa:92:bd:37:e2:ad:87:db:3e:b6:
-                    6a:12:64:f8:ee:17:e3:15:06:2f:a8:82:68:bf:57:
-                    8d:c3:04:98:27
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:cc:79:74:2a:14:7e:77:06:b0:ec:1b:b6:da:70:
+                    4c:4f:0e:94:04:8a:e7:69:f4:4c:9c:67:22:41:56:
+                    3a:96:53:9e:95:9d:17:55:80:41:c0:13:d6:94:0f:
+                    cd:2c:51:fe:a4:6e:f2:74:d8:5d:3b:3a:80:e3:85:
+                    5b:a5:bc:7d:5c:25:55:e5:40:77:fe:f3:cb:5b:cd:
+                    da:a5:f4:36:64:30:a2:a0:7f:93:b3:c4:56:75:2a:
+                    c0:f7:65:2a:d7:e6:ff:88:25:03:e0:b4:40:2e:74:
+                    4c:cb:46:95:73:cb:25:5c:87:0e:ec:0f:5a:19:c2:
+                    b6:dc:9e:e8:f0:30:b1:9c:99
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Basic Constraints: 
                 CA:FALSE
+            Netscape Comment: 
+                OpenSSL Generated Certificate
             X509v3 Subject Key Identifier: 
-                D9:9A:B8:5F:22:EA:04:10:C8:25:7D:82:57:E6:2E:FD:19:29:E7:DA
+                6D:13:3B:40:52:3C:AF:18:EA:33:D1:B7:56:21:1B:05:FE:0B:9E:38
             X509v3 Authority Key Identifier: 
-                keyid:F2:E2:EA:55:65:A4:9A:E2:AC:9D:97:F5:45:6C:F6:F7:8C:11:AD:DF
-                DirName:/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB
-                serial:95:E9:78:F5:34:50:E4:D5
+                keyid:E0:8A:68:D1:C5:14:FA:E3:BB:C0:30:CD:6C:52:7F:DE:88:29:F4:70
 
     Signature Algorithm: sha1WithRSAEncryption
-        54:07:2d:21:0b:a5:af:3b:58:23:32:5e:56:7f:ab:58:63:48:
-        91:aa:38:90:89:16:f9:cc:bf:a4:0e:78:2b:9f:c5:1b:58:a6:
-        e6:08:8f:2e:ae:97:03:21:9b:f1:cd:c0:26:8f:1d:d7:28:27:
-        a0:8e:81:09:1b:1c:0f:c9:a5:41:3a:2d:44:3f:9c:fa:87:ff:
-        c8:4c:2b:44:f7:1b:c1:3e:4f:01:7f:e9:26:cc:9f:1c:06:b5:
-        0b:27:d1:10:90:be:93:0c:9c:e7:b0:d1:ea:27:99:4e:06:14:
-        0c:7a:e9:c1:52:c5:33:68:bc:61:0d:db:81:3b:57:48:57:bf:
-        42:9a
+        97:db:65:23:7f:f1:15:3c:1e:83:ac:0e:0a:50:a0:0c:22:b8:
+        45:d4:ca:21:05:47:3b:3d:03:b5:6c:4b:8d:bb:5f:57:c3:c7:
+        4e:71:23:cf:33:a3:7f:a0:3d:bd:58:75:b8:37:22:16:2f:e9:
+        ed:ae:9b:94:29:81:6e:34:79:cf:41:bd:3d:8d:17:d7:22:1c:
+        1b:58:c7:0f:79:13:56:1d:e8:d8:4e:e5:07:3f:79:1b:dd:c4:
+        06:9b:c5:b6:02:34:43:c5:bf:e5:87:ad:f1:c1:8a:f2:be:c2:
+        00:1d:d4:27:1f:87:c8:80:31:ec:6e:97:95:b4:84:40:d1:73:
+        42:71
 -----BEGIN CERTIFICATE-----
-MIICkzCCAfygAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJTRTEQ
-MA4GA1UECBMHVXBwc2FsYTEQMA4GA1UEBxMHVXBwc2FsYTERMA8GA1UEChMITXlT
-UUwgQUIwHhcNMDkwMTI4MTA1NTEzWhcNMTAwMTI4MTA1NTEzWjB5MQswCQYDVQQG
-EwJTRTEQMA4GA1UECBMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwgQUIxEjAQBgNV
-BAMTCWxvY2FsaG9zdDExMC8GCSqGSIb3DQEJARYiYWJzdHJhY3QubXlzcWwuZGV2
-ZWxvcGVyQG15c3FsLmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC2j+W3tIaD
-E4r5v2PLZC25UdHeq3tFH6q1ZnMT+aYH1bp8+pK9N+Kth9s+tmoSZPjuF+MVBi+o
-gmi/V43DBJgnAgMBAAGjgaMwgaAwCQYDVR0TBAIwADAdBgNVHQ4EFgQU2Zq4XyLq
-BBDIJX2CV+Yu/Rkp59owdAYDVR0jBG0wa4AU8uLqVWWkmuKsnZf1RWz294wRrd+h
-SKRGMEQxCzAJBgNVBAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxhMRAwDgYDVQQHEwdV
-cHBzYWxhMREwDwYDVQQKEwhNeVNRTCBBQoIJAJXpePU0UOTVMA0GCSqGSIb3DQEB
-BQUAA4GBAFQHLSELpa87WCMyXlZ/q1hjSJGqOJCJFvnMv6QOeCufxRtYpuYIjy6u
-lwMhm/HNwCaPHdcoJ6COgQkbHA/JpUE6LUQ/nPqH/8hMK0T3G8E+TwF/6SbMnxwG
-tQsn0RCQvpMMnOew0eonmU4GFAx66cFSxTNovGEN24E7V0hXv0Ka
+MIIC2TCCAkKgAwIBAgIBATANBgkqhkiG9w0BAQUFADBqMQswCQYDVQQGEwJGSTEQ
+MA4GA1UECBMHVHV1c3VsYTEZMBcGA1UEChMQTW9udHkgUHJvZ3JhbSBBYjEuMCwG
+CSqGSIb3DQEJARYfYWJzdHJhY3QuZGV2ZWxvcGVyQGFza21vbnR5Lm9yZzAeFw0x
+MDAxMjgyMTU5MTRaFw0xOTEyMDcyMTU5MTRaMH4xCzAJBgNVBAYTAkZJMRAwDgYD
+VQQIEwdUdXVzdWxhMRkwFwYDVQQKExBNb250eSBQcm9ncmFtIEFiMRIwEAYDVQQD
+Ewlsb2NhbGhvc3QxLjAsBgkqhkiG9w0BCQEWH2Fic3RyYWN0LmRldmVsb3BlckBh
+c2ttb250eS5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMx5dCoUfncG
+sOwbttpwTE8OlASK52n0TJxnIkFWOpZTnpWdF1WAQcAT1pQPzSxR/qRu8nTYXTs6
+gOOFW6W8fVwlVeVAd/7zy1vN2qX0NmQwoqB/k7PEVnUqwPdlKtfm/4glA+C0QC50
+TMtGlXPLJVyHDuwPWhnCttye6PAwsZyZAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJ
+YIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1Ud
+DgQWBBRtEztAUjyvGOoz0bdWIRsF/gueODAfBgNVHSMEGDAWgBTgimjRxRT647vA
+MM1sUn/eiCn0cDANBgkqhkiG9w0BAQUFAAOBgQCX22Ujf/EVPB6DrA4KUKAMIrhF
+1MohBUc7PQO1bEuNu19Xw8dOcSPPM6N/oD29WHW4NyIWL+ntrpuUKYFuNHnPQb09
+jRfXIhwbWMcPeRNWHejYTuUHP3kb3cQGm8W2AjRDxb/lh63xwYryvsIAHdQnH4fI
+gDHsbpeVtIRA0XNCcQ==
 -----END CERTIFICATE-----

=== modified file 'mysql-test/std_data/server-key.pem'
--- a/mysql-test/std_data/server-key.pem	2009-06-11 16:21:32 +0000
+++ b/mysql-test/std_data/server-key.pem	2010-01-29 10:42:31 +0000
@@ -1,9 +1,15 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIBOQIBAAJBALaP5be0hoMTivm/Y8tkLblR0d6re0UfqrVmcxP5pgfVunz6kr03
-4q2H2z62ahJk+O4X4xUGL6iCaL9XjcMEmCcCAwEAAQJASA5VwgNb0CKHiPm0ntOk
-hG+54SRX3DmafEy6gRjZIl/bZ/asSLhXUZ+CeohyrQh7BZgYWvykd8pRISL9eKsU
-GQIhAOXkUrOtP/EtjyqNluEqZdG+RZi/7p61JS3Ce13Myu+LAiEAy0uMlV34AJpM
-b40FPKqlHxw8DD/Dt1iKhNVAg8+LDVUCIFjv7fbJDbW2VG63/Cj8CAwOukoP5rbL
-iaicVrHBKrllAiB9+MiaXeopZXNrxDS0jQFYr8Q9yt1aJVFgUkxx4Q9HKQIgZPs0
-KlF3NNNWw78INaAEkyf0IEssnLMsuoCWw0DIOak=
+MIICXgIBAAKBgQDMeXQqFH53BrDsG7bacExPDpQEiudp9EycZyJBVjqWU56VnRdV
+gEHAE9aUD80sUf6kbvJ02F07OoDjhVulvH1cJVXlQHf+88tbzdql9DZkMKKgf5Oz
+xFZ1KsD3ZSrX5v+IJQPgtEAudEzLRpVzyyVchw7sD1oZwrbcnujwMLGcmQIDAQAB
+AoGBAMdMYkNZsmJFbVDVOobzCg3Mgc1jrmeBrOKNS8AvUe+QFXRyp3m5B102eOHb
+/PmD+hU/5qao9UZzoYkiRM/oRq45jrqJEYwWrX007bKK0F9hnErtC1ImM1nBFVhx
+6+6cr+ShUkvtj8+wJ2d5bIccUzGCUfFR5tb5BnePTXK8IVoBAkEA7WGNxHAVKgjS
+AzlpHr5fvpivA07hNVJizTwZdWGGYeETilZhkkuMRwREceeohF6ILMf0FTZdFSa/
+8EeLa3icIQJBANyDKFjynKwWy5pyRSz75mVwrEi+4eTQPsCPNWLkbpbEPwqPLYWJ
+2VSFkISXF7b7Od48JkQWgiB8/kXqMDEdsXkCQQCzZvj3ryWvoP7nhOoXXBWMPGR4
+gZLe86bMKVGsTsp7CtnzwRj4sbQQr/7yfvvzHmaYQX4M0gtDQwfolomd7YdBAkEA
+y24ETuqjNu9grf81aiaJipPDnOjcJOcovSRgr/blPxmUvv0Pld5yLNN7W5a4PgrO
+fAMpmi7ZpXcqbP17sBQgoQJAWTDFKAmfHPVdDGZuCw4yceP5d+Tv7ABglZUvpPKx
+kAvGN1WBASUuCQJDOIgzl6gvYX07S5p147i9mv7UBWOpvw==
 -----END RSA PRIVATE KEY-----

=== modified file 'mysql-test/t/grant.test'
--- a/mysql-test/t/grant.test	2009-06-15 15:53:45 +0000
+++ b/mysql-test/t/grant.test	2010-01-29 10:42:31 +0000
@@ -35,7 +35,7 @@ revoke delete on mysqltest.* from mysqlt
 show grants for mysqltest_1@localhost;
 grant select on mysqltest.* to mysqltest_1@localhost require NONE;
 show grants for mysqltest_1@localhost;
-grant USAGE on mysqltest.* to mysqltest_1@localhost require cipher "EDH-RSA-DES-CBC3-SHA" AND SUBJECT "testsubject" ISSUER "MySQL AB";
+grant USAGE on mysqltest.* to mysqltest_1@localhost require cipher "EDH-RSA-DES-CBC3-SHA" AND SUBJECT "testsubject" ISSUER "Monty Program Ab";
 show grants for mysqltest_1@localhost;
 revoke all privileges on mysqltest.* from mysqltest_1@localhost;
 show grants for mysqltest_1@localhost;

=== modified file 'mysql-test/t/openssl_1.test'
--- a/mysql-test/t/openssl_1.test	2009-05-25 13:00:18 +0000
+++ b/mysql-test/t/openssl_1.test	2010-01-29 10:42:31 +0000
@@ -15,8 +15,10 @@ insert into t1 values (5);
 
 grant select on test.* to ssl_user1@localhost require SSL;
 grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";
-grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@xxxxxxxxx";
-grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@xxxxxxxxx" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
+grant select on test.* to ssl_user3@localhost require cipher
+"DHE-RSA-AES256-SHA" AND SUBJECT "/C=FI/ST=Tuusula/O=Monty Program Ab/emailAddress=abstract.developer@xxxxxxxxxxxx";
+grant select on test.* to ssl_user4@localhost require cipher
+"DHE-RSA-AES256-SHA" AND SUBJECT "/C=FI/ST=Tuusula/O=Monty Program Ab/emailAddress=abstract.developer@xxxxxxxxxxxx" ISSUER "/C=FI/ST=Tuusula/O=Monty Program Ab/emailAddress=abstract.developer@xxxxxxxxxxxx";
 grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
 flush privileges;
 

=== modified file 'mysql-test/t/query_cache_debug.test'
--- a/mysql-test/t/query_cache_debug.test	2009-09-07 20:50:10 +0000
+++ b/mysql-test/t/query_cache_debug.test	2010-01-29 10:42:31 +0000
@@ -1,5 +1,4 @@
 --source include/not_embedded.inc
---source include/big_test.inc
 --source include/have_query_cache.inc
 --source include/have_debug.inc
 

=== modified file 'sql-common/client.c'
--- a/sql-common/client.c	2009-12-03 15:26:54 +0000
+++ b/sql-common/client.c	2010-01-29 10:42:31 +0000
@@ -1863,6 +1863,7 @@ CLI_MYSQL_REAL_CONNECT(MYSQL *mysql,cons
 		       uint port, const char *unix_socket,ulong client_flag)
 {
   char		buff[NAME_LEN+USERNAME_LENGTH+100];
+  char		error_string[1024];
   char		*end,*host_info= NULL;
   my_socket	sock;
   in_addr_t	ip_addr;
@@ -2331,9 +2332,14 @@ CLI_MYSQL_REAL_CONNECT(MYSQL *mysql,cons
     /* Connect to the server */
     DBUG_PRINT("info", ("IO layer change in progress..."));
     if (sslconnect(ssl_fd, mysql->net.vio,
-                   (long) (mysql->options.connect_timeout)))
+                   (long) (mysql->options.connect_timeout),
+                   error_string))
     {
-      set_mysql_error(mysql, CR_SSL_CONNECTION_ERROR, unknown_sqlstate);
+      set_mysql_extended_error(mysql, CR_SSL_CONNECTION_ERROR,
+                               unknown_sqlstate,
+                               "SSL error: %s",
+                               error_string[0] ? error_string :
+                               ER(CR_SSL_CONNECTION_ERROR));
       goto error;
     }
     DBUG_PRINT("info", ("IO layer change done!"));

=== modified file 'sql/net_serv.cc'
--- a/sql/net_serv.cc	2010-01-28 14:49:14 +0000
+++ b/sql/net_serv.cc	2010-01-29 10:42:31 +0000
@@ -219,7 +219,7 @@ my_bool net_realloc(NET *net, size_t len
     -1   Don't know if data is ready or not
 */
 
-#if !defined(EMBEDDED_LIBRARY)
+#if !defined(EMBEDDED_LIBRARY) && defined(DBUG_OFF)
 
 static int net_data_is_ready(my_socket sd)
 {
@@ -280,7 +280,7 @@ static int net_data_is_ready(my_socket s
 
 void net_clear(NET *net, my_bool clear_buffer)
 {
-#if !defined(EMBEDDED_LIBRARY)
+#if !defined(EMBEDDED_LIBRARY) && defined(DBUG_OFF)
   size_t count;
   int ready;
 #endif

=== modified file 'sql/slave.cc'
--- a/sql/slave.cc	2009-12-06 17:51:48 +0000
+++ b/sql/slave.cc	2010-01-29 10:42:31 +0000
@@ -3803,10 +3803,11 @@ static int connect_to_master(THD* thd, M
       suppress_warnings= 0;
       mi->report(ERROR_LEVEL, last_errno,
                  "error %s to master '%s@%s:%d'"
-                 " - retry-time: %d  retries: %lu",
+                 " - retry-time: %d  retries: %lu  message: %s",
                  (reconnect ? "reconnecting" : "connecting"),
                  mi->user, mi->host, mi->port,
-                 mi->connect_retry, master_retry_count);
+                 mi->connect_retry, master_retry_count,
+                 mysql_error(mysql));
     }
     /*
       By default we try forever. The reason is that failure will trigger

=== modified file 'sql/sql_cache.cc'
--- a/sql/sql_cache.cc	2010-01-15 15:27:55 +0000
+++ b/sql/sql_cache.cc	2010-01-29 10:42:31 +0000
@@ -377,9 +377,11 @@ TODO list:
 
 static void debug_wait_for_kill(const char *info)
 {
-  DBUG_ENTER("debug_wait_for_kill");
   const char *prev_info;
   THD *thd;
+  char buff[1024];
+  DBUG_ENTER("debug_wait_for_kill");
+
   thd= current_thd;
   prev_info= thd->proc_info;
   thd->proc_info= info;
@@ -387,8 +389,16 @@ static void debug_wait_for_kill(const ch
   while(!thd->killed)
     my_sleep(1000);
   thd->killed= THD::NOT_KILLED;
+  /*
+    Remove the set debug variable, to ensure we don't get stuck on it again
+    This is needed as for MyISAM, invalidate_table() may be called twice
+    (Once from mysql_delete() and once from mi_update_status())
+  */
+  sprintf(buff, "-d,%s", info);
+  DBUG_SET(buff);
   sql_print_information("Exit debug_wait_for_kill");
   thd->proc_info= prev_info;
+
   DBUG_VOID_RETURN;
 }
 
@@ -914,15 +924,18 @@ void query_cache_insert(NET *net, const
 
 void query_cache_abort(NET *net)
 {
+  THD *thd;
   DBUG_ENTER("query_cache_abort");
-  THD *thd= current_thd;
 
   /* See the comment on double-check locking usage above. */
   if (net->query_cache_query == 0)
     DBUG_VOID_RETURN;
 
   if (query_cache.try_lock())
+  {
+    net->query_cache_query = 0;
     DBUG_VOID_RETURN;
+  }
 
   /*
     While we were waiting another thread might have changed the status
@@ -932,6 +945,7 @@ void query_cache_abort(NET *net)
                                    net->query_cache_query);
   if (query_block)
   {
+    thd= current_thd;
     thd_proc_info(thd, "storing result in query cache");
     DUMP(&query_cache);
     BLOCK_LOCK_WR(query_block);
@@ -941,6 +955,7 @@ void query_cache_abort(NET *net)
     DBUG_EXECUTE("check_querycache",query_cache.check_integrity(1););
   }
 
+  DBUG_ASSERT(!net->query_cache_query);
   query_cache.unlock();
   DBUG_VOID_RETURN;
 }
@@ -970,8 +985,12 @@ void query_cache_end_of_result(THD *thd)
 #endif
 
   if (query_cache.try_lock())
+  {
+    thd->net.query_cache_query= 0;
     DBUG_VOID_RETURN;
+  }
 
+  /* thd->net.query_cache_query may have changed during resize */
   query_block= ((Query_cache_block*) thd->net.query_cache_query);
   if (query_block)
   {
@@ -997,8 +1016,8 @@ void query_cache_end_of_result(THD *thd)
         to this function. In the release version that query should be ignored
         and removed from QC.
       */
-      DBUG_ASSERT(0);
       query_cache.free_query(query_block);
+      thd->net.query_cache_query= 0;
       query_cache.unlock();
       DBUG_VOID_RETURN;
     }

=== modified file 'sql/sql_connect.cc'
--- a/sql/sql_connect.cc	2009-12-03 11:19:05 +0000
+++ b/sql/sql_connect.cc	2010-01-29 10:42:31 +0000
@@ -798,6 +798,7 @@ static int check_connection(THD *thd)
   DBUG_PRINT("info", ("client capabilities: %lu", thd->client_capabilities));
   if (thd->client_capabilities & CLIENT_SSL)
   {
+    char error_string[1024];
     /* Do the SSL layering. */
     if (!ssl_acceptor_fd)
     {
@@ -806,7 +807,7 @@ static int check_connection(THD *thd)
       return 1;
     }
     DBUG_PRINT("info", ("IO layer change in progress..."));
-    if (sslaccept(ssl_acceptor_fd, net->vio, net->read_timeout))
+    if (sslaccept(ssl_acceptor_fd, net->vio, net->read_timeout, error_string))
     {
       DBUG_PRINT("error", ("Failed to accept new SSL connection"));
       inc_host_errors(&thd->remote.sin_addr);

=== modified file 'sql/sql_parse.cc'
--- a/sql/sql_parse.cc	2010-01-15 15:27:55 +0000
+++ b/sql/sql_parse.cc	2010-01-29 10:42:31 +0000
@@ -1252,12 +1252,14 @@ bool dispatch_command(enum enum_server_c
       ha_maria::implicit_commit(thd, FALSE);
 #endif
 
-      net_end_statement(thd);
-      query_cache_end_of_result(thd);
       /*
         Multiple queries exits, execute them individually
       */
       close_thread_tables(thd);
+
+      net_end_statement(thd);
+      query_cache_end_of_result(thd);
+
       ulong length= (ulong)(packet_end - beginning_of_next_stmt);
 
       log_slow_statement(thd);
@@ -1645,13 +1647,22 @@ bool dispatch_command(enum enum_server_c
   ha_maria::implicit_commit(thd, FALSE);
 #endif
 
-  net_end_statement(thd);
-  query_cache_end_of_result(thd);
-
+  if (!(sql_command_flags[thd->lex->sql_command] & CF_CHANGES_DATA))
+  {
+    /* No changes in data;  We can send ok at once to the client */
+    net_end_statement(thd);
+    query_cache_end_of_result(thd);
+  }
   thd->proc_info= "closing tables";
   /* Free tables */
   close_thread_tables(thd);
 
+  if (sql_command_flags[thd->lex->sql_command] & CF_CHANGES_DATA)
+  {
+    net_end_statement(thd);
+    query_cache_end_of_result(thd);
+  }
+
   log_slow_statement(thd);
 
   thd_proc_info(thd, "cleaning up");

=== modified file 'vio/viossl.c'
--- a/vio/viossl.c	2008-02-07 08:55:49 +0000
+++ b/vio/viossl.c	2010-01-29 10:42:31 +0000
@@ -74,8 +74,11 @@ report_errors(SSL* ssl)
   }
 
   if (ssl)
-    DBUG_PRINT("error", ("error: %s",
-                         ERR_error_string(SSL_get_error(ssl, l), buf)));
+  {
+    int error= SSL_get_error(ssl, l);
+    DBUG_PRINT("error", ("error: %s (%d)",
+                         ERR_error_string(error, buf), error));
+  }
 
   DBUG_PRINT("info", ("socket_errno: %d", socket_errno));
   DBUG_VOID_RETURN;
@@ -174,16 +177,17 @@ void vio_ssl_delete(Vio *vio)
 
 
 static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
-                  int (*connect_accept_func)(SSL*))
+                  int (*connect_accept_func)(SSL*), char *error_string)
 {
   SSL *ssl;
   my_bool unused;
   my_bool was_blocking;
-
   DBUG_ENTER("ssl_do");
   DBUG_PRINT("enter", ("ptr: 0x%lx, sd: %d  ctx: 0x%lx",
                        (long) ptr, vio->sd, (long) ptr->ssl_context));
 
+  error_string[0]= 0;
+
   /* Set socket to blocking if not already set */
   vio_blocking(vio, 1, &was_blocking);
 
@@ -191,6 +195,7 @@ static int ssl_do(struct st_VioSSLFd *pt
   {
     DBUG_PRINT("error", ("SSL_new failure"));
     report_errors(ssl);
+    strmov(error_string, "SSL_new failed");
     vio_blocking(vio, was_blocking, &unused);
     DBUG_RETURN(1);
   }
@@ -203,6 +208,7 @@ static int ssl_do(struct st_VioSSLFd *pt
   {
     DBUG_PRINT("error", ("SSL_connect/accept failure"));
     report_errors(ssl);
+    ERR_error_string(SSL_get_error(ssl, 0), error_string);
     SSL_free(ssl);
     vio_blocking(vio, was_blocking, &unused);
     DBUG_RETURN(1);
@@ -250,17 +256,19 @@ static int ssl_do(struct st_VioSSLFd *pt
 }
 
 
-int sslaccept(struct st_VioSSLFd *ptr, Vio *vio, long timeout)
+int sslaccept(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
+              char *error_string)
 {
   DBUG_ENTER("sslaccept");
-  DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_accept));
+  DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_accept, error_string));
 }
 
 
-int sslconnect(struct st_VioSSLFd *ptr, Vio *vio, long timeout)
+int sslconnect(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
+               char *error_string)
 {
   DBUG_ENTER("sslconnect");
-  DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_connect));
+  DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_connect, error_string));
 }