FreeBSD Bugzilla – Attachment 175879 Details for
Bug 213577
databases/mariadb101-server: Use arc4random instead of RAND_SSLeay to unbreak data encryption at rest with LibreSSL
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to replace RAND_SSLeay by arc4random_buf if LibreSSL is detected
databases-mariadb101-server-patch.txt (text/plain), 1.81 KB, created by
Michael Gmelin
on 2016-10-17 20:28:16 UTC
(
hide
)
Description:
Patch to replace RAND_SSLeay by arc4random_buf if LibreSSL is detected
Filename:
MIME Type:
Creator:
Michael Gmelin
Created:
2016-10-17 20:28:16 UTC
Size:
1.81 KB
patch
obsolete
>Index: databases/mariadb101-server/Makefile >=================================================================== >--- databases/mariadb101-server/Makefile (revision 424143) >+++ databases/mariadb101-server/Makefile (working copy) >@@ -2,6 +2,7 @@ > > PORTNAME?= mariadb > PORTVERSION= 10.1.18 >+PORTREVISION= 1 > CATEGORIES= databases ipv6 > MASTER_SITES= http://ftp.osuosl.org/pub/${SITESDIR}/ \ > http://mirrors.supportex.net/${SITESDIR}/ \ >Index: databases/mariadb101-server/files/patch-mysys_ssl-my_crypt.cc >=================================================================== >--- databases/mariadb101-server/files/patch-mysys_ssl-my_crypt.cc (nonexistent) >+++ databases/mariadb101-server/files/patch-mysys_ssl-my_crypt.cc (working copy) >@@ -0,0 +1,25 @@ >+--- mysys_ssl/my_crypt.cc.orig 2016-08-29 16:38:54.000000000 +0200 >++++ mysys_ssl/my_crypt.cc 2016-10-17 19:14:45.146531847 +0200 >+@@ -275,10 +275,14 @@ >+ return MY_AES_OK; >+ } >+ #else >++#include <openssl/opensslv.h> >+ #include <openssl/rand.h> >+ >+ int my_random_bytes(uchar *buf, int num) >+ { >++#if defined(LIBRESSL_VERSION_NUMBER) >++ arc4random_buf(buf, num); >++#else >+ /* >+ Unfortunately RAND_bytes manual page does not provide any guarantees >+ in relation to blocking behavior. Here we explicitly use SSLeay random >+@@ -288,6 +292,7 @@ >+ RAND_METHOD *rand = RAND_SSLeay(); >+ if (rand == NULL || rand->bytes(buf, num) != 1) >+ return MY_AES_OPENSSL_ERROR; >++#endif >+ return MY_AES_OK; >+ } >+ #endif > >Property changes on: databases/mariadb101-server/files/patch-mysys_ssl-my_crypt.cc >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=175879">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 213577
: 175879