Bug #21025377 CAN'T CONNECT TO SSL ENABLED SERVER FIRST 30 SEC AFTER

INITIAL STARTUP

Description: By using mysql_ssl_rsa_setup to get SSL enabled server
(after running mysqld --initialize) server don't answer properly
to "mysqladmin ping" first 30 secs after startup.

Bug-fix: YASSL validated certificate date to the minute but should have
to the second. This is why the ssl on the server side was not up right
away after new certs were created with mysql_ssl_rsa_setup. The fix for
that was submitted by Todd. YASSL was updated to 2.3.7c.

extra/yassl/README

@@ -12,6 +12,11 @@ before calling SSL_new();
 
 *** end Note ***
 
+yaSSL Patch notes, version 2.3.7c (6/12/2015)
+    This release of yaSSL does certificate DATE comparisons to the second
+    instead of to the minute, helpful when using freshly generated certs.
+    Though keep in mind that time sync differences could still show up.
+
 yaSSL Patch notes, version 2.3.7b (3/18/2015)
     This release of yaSSL fixes a potential crash with corrupted private keys.
     Also detects bad keys earlier for user.

extra/yassl/include/openssl/ssl.h

@@ -35,7 +35,7 @@
 #include "rsa.h"
 
 
-#define YASSL_VERSION "2.3.7b"
+#define YASSL_VERSION "2.3.7c"
 
 
 #if defined(__cplusplus)

extra/yassl/taocrypt/src/asn.cpp

@@ -39,7 +39,7 @@ namespace TaoCrypt {
 namespace { // locals
 
 
-// to the minute
+// to the second
 bool operator>(tm& a, tm& b)
 {
     if (a.tm_year > b.tm_year)
@@ -60,6 +60,11 @@ bool operator>(tm& a, tm& b)
         a.tm_min > b.tm_min)
         return true;
 
+    if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon &&
+        a.tm_mday == b.tm_mday && a.tm_hour == b.tm_hour &&
+        a.tm_min  == b.tm_min  && a.tm_sec > b.tm_sec)
+        return true;
+
     return false;
 }