FreeBSD Bugzilla – Attachment 197915 Details for
Bug 225888
databases/mysql56-client: Fails to build with OpenSSL 1.1
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
proposed patch for mysql56-client and mysql56-server
my.diff (text/plain), 28.58 KB, created by
Antoine Brodin
on 2018-10-08 14:54:41 UTC
(
hide
)
Description:
proposed patch for mysql56-client and mysql56-server
Filename:
MIME Type:
Creator:
Antoine Brodin
Created:
2018-10-08 14:54:41 UTC
Size:
28.58 KB
patch
obsolete
>Index: databases/mysql56-client/Makefile >=================================================================== >--- databases/mysql56-client/Makefile (revision 481541) >+++ databases/mysql56-client/Makefile (working copy) >@@ -2,7 +2,7 @@ > # $FreeBSD$ > > PORTNAME= mysql >-PORTREVISION= 0 >+PORTREVISION= 1 > PKGNAMESUFFIX= 56-client > > COMMENT= Multithreaded SQL database (client) >Index: databases/mysql56-client/files/patch-openssl111 >=================================================================== >--- databases/mysql56-client/files/patch-openssl111 (nonexistent) >+++ databases/mysql56-client/files/patch-openssl111 (working copy) >@@ -0,0 +1,280 @@ >+# Backport of https://github.com/mysql/mysql-server/commit/8d81f3b9f1449a7de19aa0b1e1cd7f0b85f56fc6 >+ >+--- extra/yassl/include/openssl/ssl.h.orig 2018-06-15 13:03:29 UTC >++++ extra/yassl/include/openssl/ssl.h >+@@ -179,7 +179,7 @@ enum { /* X509 Constants */ >+ unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *); >+ void ERR_print_errors_fp(FILE*); >+ char* ERR_error_string(unsigned long,char*); >+-void ERR_remove_state(unsigned long); >++void ERR_remove_thread_state(const void *); >+ unsigned long ERR_get_error(void); >+ unsigned long ERR_peek_error(void); >+ int ERR_GET_REASON(int); >+--- extra/yassl/src/ssl.cpp.orig 2018-06-15 13:03:29 UTC >++++ extra/yassl/src/ssl.cpp >+@@ -1516,7 +1516,7 @@ int SSLeay_add_ssl_algorithms() // comp >+ } >+ >+ >+-void ERR_remove_state(unsigned long) >++void ERR_remove_thread_state(const void *) >+ { >+ GetErrors().Remove(); >+ } >+--- mysys_ssl/my_aes_openssl.cc.orig 2018-06-15 13:03:29 UTC >++++ mysys_ssl/my_aes_openssl.cc >+@@ -108,33 +108,46 @@ int my_aes_encrypt(const unsigned char * >+ const unsigned char *key, uint32 key_length, >+ enum my_aes_opmode mode, const unsigned char *iv) >+ { >+- EVP_CIPHER_CTX ctx; >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ EVP_CIPHER_CTX stack_ctx; >++ EVP_CIPHER_CTX *ctx= &stack_ctx; >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ EVP_CIPHER_CTX *ctx= EVP_CIPHER_CTX_new(); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ const EVP_CIPHER *cipher= aes_evp_type(mode); >+ int u_len, f_len; >+ /* The real key to be used for encryption */ >+ unsigned char rkey[MAX_AES_KEY_LENGTH / 8]; >+ my_aes_create_key(key, key_length, rkey, mode); >+ >+- if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) >++ if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) >+ return MY_AES_BAD_DATA; >+ >+- if (!EVP_EncryptInit(&ctx, cipher, rkey, iv)) >++ if (!EVP_EncryptInit(ctx, cipher, rkey, iv)) >+ goto aes_error; /* Error */ >+- if (!EVP_CIPHER_CTX_set_padding(&ctx, 1)) >++ if (!EVP_CIPHER_CTX_set_padding(ctx, 1)) >+ goto aes_error; /* Error */ >+- if (!EVP_EncryptUpdate(&ctx, dest, &u_len, source, source_length)) >++ if (!EVP_EncryptUpdate(ctx, dest, &u_len, source, source_length)) >+ goto aes_error; /* Error */ >+ >+- if (!EVP_EncryptFinal(&ctx, dest + u_len, &f_len)) >++ if (!EVP_EncryptFinal(ctx, dest + u_len, &f_len)) >+ goto aes_error; /* Error */ >+ >+- EVP_CIPHER_CTX_cleanup(&ctx); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ EVP_CIPHER_CTX_cleanup(ctx); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ EVP_CIPHER_CTX_free(ctx); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ return u_len + f_len; >+ >+ aes_error: >+ /* need to explicitly clean up the error if we want to ignore it */ >+ ERR_clear_error(); >+- EVP_CIPHER_CTX_cleanup(&ctx); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ EVP_CIPHER_CTX_cleanup(ctx); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ EVP_CIPHER_CTX_free(ctx); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ return MY_AES_BAD_DATA; >+ } >+ >+@@ -145,7 +158,12 @@ int my_aes_decrypt(const unsigned char * >+ enum my_aes_opmode mode, const unsigned char *iv) >+ { >+ >+- EVP_CIPHER_CTX ctx; >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ EVP_CIPHER_CTX stack_ctx; >++ EVP_CIPHER_CTX *ctx= &stack_ctx; >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ EVP_CIPHER_CTX *ctx= EVP_CIPHER_CTX_new(); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ const EVP_CIPHER *cipher= aes_evp_type(mode); >+ int u_len, f_len; >+ >+@@ -153,27 +171,34 @@ int my_aes_decrypt(const unsigned char * >+ unsigned char rkey[MAX_AES_KEY_LENGTH / 8]; >+ >+ my_aes_create_key(key, key_length, rkey, mode); >+- if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) >++ if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) >+ return MY_AES_BAD_DATA; >+ >+- EVP_CIPHER_CTX_init(&ctx); >+- >+- if (!EVP_DecryptInit(&ctx, aes_evp_type(mode), rkey, iv)) >++ if (!EVP_DecryptInit(ctx, aes_evp_type(mode), rkey, iv)) >+ goto aes_error; /* Error */ >+- if (!EVP_CIPHER_CTX_set_padding(&ctx, 1)) >++ if (!EVP_CIPHER_CTX_set_padding(ctx, 1)) >+ goto aes_error; /* Error */ >+- if (!EVP_DecryptUpdate(&ctx, dest, &u_len, source, source_length)) >++ if (!EVP_DecryptUpdate(ctx, dest, &u_len, source, source_length)) >+ goto aes_error; /* Error */ >+- if (!EVP_DecryptFinal_ex(&ctx, dest + u_len, &f_len)) >++ if (!EVP_DecryptFinal_ex(ctx, dest + u_len, &f_len)) >+ goto aes_error; /* Error */ >+ >+- EVP_CIPHER_CTX_cleanup(&ctx); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ EVP_CIPHER_CTX_cleanup(ctx); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ EVP_CIPHER_CTX_free(ctx); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ >+ return u_len + f_len; >+ >+ aes_error: >+ /* need to explicitly clean up the error if we want to ignore it */ >+ ERR_clear_error(); >+- EVP_CIPHER_CTX_cleanup(&ctx); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ EVP_CIPHER_CTX_cleanup(ctx); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ EVP_CIPHER_CTX_free(ctx); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ return MY_AES_BAD_DATA; >+ } >+ >+--- sql-common/client.c.orig 2018-06-15 13:03:29 UTC >++++ sql-common/client.c >+@@ -1967,7 +1967,11 @@ static int ssl_verify_server_cert(Vio *v >+ goto error; >+ } >+ >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >+ cn= (char *) ASN1_STRING_data(cn_asn1); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ cn= (char *) ASN1_STRING_get0_data(cn_asn1); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ >+ // There should not be any NULL embedded in the CN >+ if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn)) >+--- sql/mysqld.cc.orig 2018-06-15 13:03:29 UTC >++++ sql/mysqld.cc >+@@ -2779,7 +2779,9 @@ bool one_thread_per_connection_end(THD * >+ >+ // Clean up errors now, before possibly waiting for a new connection. >+ #ifndef EMBEDDED_LIBRARY >+- ERR_remove_state(0); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ ERR_remove_thread_state(0); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ #endif >+ >+ delete thd; >+@@ -4377,7 +4379,11 @@ static int init_ssl() >+ { >+ #ifdef HAVE_OPENSSL >+ #ifndef HAVE_YASSL >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >+ CRYPTO_malloc_init(); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ OPENSSL_malloc_init(); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ #endif >+ ssl_start(); >+ #ifndef EMBEDDED_LIBRARY >+@@ -4391,7 +4397,9 @@ static int init_ssl() >+ opt_ssl_cipher, &error, >+ opt_ssl_crl, opt_ssl_crlpath); >+ DBUG_PRINT("info",("ssl_acceptor_fd: 0x%lx", (long) ssl_acceptor_fd)); >+- ERR_remove_state(0); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ ERR_remove_thread_state(0); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ if (!ssl_acceptor_fd) >+ { >+ sql_print_warning("Failed to setup SSL"); >+--- sql/rpl_slave.cc.orig 2018-06-15 13:03:29 UTC >++++ sql/rpl_slave.cc >+@@ -5143,7 +5143,9 @@ err: >+ mysql_mutex_unlock(&mi->run_lock); >+ DBUG_LEAVE; // Must match DBUG_ENTER() >+ my_thread_end(); >+- ERR_remove_state(0); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ ERR_remove_thread_state(0); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ pthread_exit(0); >+ return(0); // Avoid compiler warnings >+ } >+@@ -5334,7 +5336,9 @@ err: >+ } >+ >+ my_thread_end(); >+- ERR_remove_state(0); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ ERR_remove_thread_state(0); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ pthread_exit(0); >+ DBUG_RETURN(0); >+ } >+@@ -6482,7 +6486,9 @@ log '%s' at position %s, relay log '%s' >+ >+ DBUG_LEAVE; // Must match DBUG_ENTER() >+ my_thread_end(); >+- ERR_remove_state(0); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ ERR_remove_thread_state(0); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ pthread_exit(0); >+ return 0; // Avoid compiler warnings >+ } >+--- vio/vio.c.orig 2018-06-15 13:03:29 UTC >++++ vio/vio.c >+@@ -384,7 +384,9 @@ void vio_end(void) >+ yaSSL_CleanUp(); >+ #elif defined(HAVE_OPENSSL) >+ // This one is needed on the client side >+- ERR_remove_state(0); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ ERR_remove_thread_state(0); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ ERR_free_strings(); >+ EVP_cleanup(); >+ CRYPTO_cleanup_all_ex_data(); >+--- vio/viossl.c.orig 2018-06-15 13:03:29 UTC >++++ vio/viossl.c >+@@ -415,7 +415,11 @@ static int ssl_do(struct st_VioSSLFd *pt >+ for (j = 0; j < n; j++) >+ { >+ SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >+ DBUG_PRINT("info", (" %d: %s\n", c->id, c->name)); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ DBUG_PRINT("info", (" %d: %s\n", SSL_COMP_get_id(c), SSL_COMP_get0_name(c))); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ } >+ } >+ #endif >+--- vio/viosslfactories.c.orig 2018-06-15 13:03:29 UTC >++++ vio/viosslfactories.c >+@@ -68,13 +68,21 @@ static DH *get_dh2048(void) >+ DH *dh; >+ if ((dh=DH_new())) >+ { >+- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); >+- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); >+- if (! dh->p || ! dh->g) >+- { >++ BIGNUM *p= BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL); >++ BIGNUM *g= BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL); >++ if (!p || !g >++#if OPENSSL_VERSION_NUMBER >= 0x10100000L >++ || !DH_set0_pqg(dh, p, NULL, g) >++#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ >++ ) { >++ /* DH_free() will free 'p' and 'g' at once. */ >+ DH_free(dh); >+- dh=0; >++ return NULL; >+ } >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ dh->p= p; >++ dh->g= g; >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ } >+ return(dh); >+ } > >Property changes on: databases/mysql56-client/files/patch-openssl111 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: databases/mysql56-server/Makefile >=================================================================== >--- databases/mysql56-server/Makefile (revision 481513) >+++ databases/mysql56-server/Makefile (working copy) >@@ -3,7 +3,7 @@ > > PORTNAME?= mysql > PORTVERSION= 5.6.41 >-PORTREVISION?= 0 >+PORTREVISION?= 1 > CATEGORIES= databases ipv6 > MASTER_SITES= MYSQL/MySQL-5.6 > PKGNAMESUFFIX?= 56-server >Index: databases/mysql56-server/files/patch-mysys__ssl_my__aes__openssl.cc >=================================================================== >--- databases/mysql56-server/files/patch-mysys__ssl_my__aes__openssl.cc (revision 481513) >+++ databases/mysql56-server/files/patch-mysys__ssl_my__aes__openssl.cc (nonexistent) >@@ -1,111 +0,0 @@ >---- mysys_ssl/my_aes_openssl.cc.orig 2017-12-09 07:33:37 UTC >-+++ mysys_ssl/my_aes_openssl.cc >-@@ -108,33 +108,47 @@ int my_aes_encrypt(const unsigned char * >- const unsigned char *key, uint32 key_length, >- enum my_aes_opmode mode, const unsigned char *iv) >- { >-- EVP_CIPHER_CTX ctx; >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+ EVP_CIPHER_CTX stack_ctx; >-+ EVP_CIPHER_CTX *ctx= &stack_ctx; >-+#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >-+ EVP_CIPHER_CTX *ctx= EVP_CIPHER_CTX_new(); >-+#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >- const EVP_CIPHER *cipher= aes_evp_type(mode); >- int u_len, f_len; >- /* The real key to be used for encryption */ >- unsigned char rkey[MAX_AES_KEY_LENGTH / 8]; >- my_aes_create_key(key, key_length, rkey, mode); >- >-- if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) >-+ if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) >- return MY_AES_BAD_DATA; >- >-- if (!EVP_EncryptInit(&ctx, cipher, rkey, iv)) >-+ if (!EVP_EncryptInit(ctx, cipher, rkey, iv)) >- goto aes_error; /* Error */ >-- if (!EVP_CIPHER_CTX_set_padding(&ctx, 1)) >-+ if (!EVP_CIPHER_CTX_set_padding(ctx, 1)) >- goto aes_error; /* Error */ >-- if (!EVP_EncryptUpdate(&ctx, dest, &u_len, source, source_length)) >-+ if (!EVP_EncryptUpdate(ctx, dest, &u_len, source, source_length)) >- goto aes_error; /* Error */ >- >-- if (!EVP_EncryptFinal(&ctx, dest + u_len, &f_len)) >-+ if (!EVP_EncryptFinal(ctx, dest + u_len, &f_len)) >- goto aes_error; /* Error */ >- >-- EVP_CIPHER_CTX_cleanup(&ctx); >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+ EVP_CIPHER_CTX_cleanup(ctx); >-+#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >-+ EVP_CIPHER_CTX_free(ctx); >-+#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >- return u_len + f_len; >- >- aes_error: >- /* need to explicitly clean up the error if we want to ignore it */ >- ERR_clear_error(); >-- EVP_CIPHER_CTX_cleanup(&ctx); >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+ EVP_CIPHER_CTX_cleanup(ctx); >-+#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >-+ EVP_CIPHER_CTX_free(ctx); >-+#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >-+ >- return MY_AES_BAD_DATA; >- } >- >-@@ -145,7 +159,12 @@ int my_aes_decrypt(const unsigned char * >- enum my_aes_opmode mode, const unsigned char *iv) >- { >- >-- EVP_CIPHER_CTX ctx; >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+ EVP_CIPHER_CTX stack_ctx; >-+ EVP_CIPHER_CTX *ctx= &stack_ctx; >-+#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >-+ EVP_CIPHER_CTX *ctx= EVP_CIPHER_CTX_new(); >-+#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >- const EVP_CIPHER *cipher= aes_evp_type(mode); >- int u_len, f_len; >- >-@@ -156,24 +175,30 @@ int my_aes_decrypt(const unsigned char * >- if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) >- return MY_AES_BAD_DATA; >- >-- EVP_CIPHER_CTX_init(&ctx); >-- >-- if (!EVP_DecryptInit(&ctx, aes_evp_type(mode), rkey, iv)) >-+ if (!EVP_DecryptInit(ctx, aes_evp_type(mode), rkey, iv)) >- goto aes_error; /* Error */ >-- if (!EVP_CIPHER_CTX_set_padding(&ctx, 1)) >-+ if (!EVP_CIPHER_CTX_set_padding(ctx, 1)) >- goto aes_error; /* Error */ >-- if (!EVP_DecryptUpdate(&ctx, dest, &u_len, source, source_length)) >-+ if (!EVP_DecryptUpdate(ctx, dest, &u_len, source, source_length)) >- goto aes_error; /* Error */ >-- if (!EVP_DecryptFinal_ex(&ctx, dest + u_len, &f_len)) >-+ if (!EVP_DecryptFinal_ex(ctx, dest + u_len, &f_len)) >- goto aes_error; /* Error */ >- >-- EVP_CIPHER_CTX_cleanup(&ctx); >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+ EVP_CIPHER_CTX_cleanup(ctx); >-+#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >-+ EVP_CIPHER_CTX_free(ctx); >-+#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >- return u_len + f_len; >- >- aes_error: >- /* need to explicitly clean up the error if we want to ignore it */ >- ERR_clear_error(); >-- EVP_CIPHER_CTX_cleanup(&ctx); >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+ EVP_CIPHER_CTX_cleanup(ctx); >-+#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >-+ EVP_CIPHER_CTX_free(ctx); >-+#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >- return MY_AES_BAD_DATA; >- } >- > >Property changes on: databases/mysql56-server/files/patch-mysys__ssl_my__aes__openssl.cc >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: databases/mysql56-server/files/patch-openssl111 >=================================================================== >--- databases/mysql56-server/files/patch-openssl111 (nonexistent) >+++ databases/mysql56-server/files/patch-openssl111 (working copy) >@@ -0,0 +1,280 @@ >+# Backport of https://github.com/mysql/mysql-server/commit/8d81f3b9f1449a7de19aa0b1e1cd7f0b85f56fc6 >+ >+--- extra/yassl/include/openssl/ssl.h.orig 2018-06-15 13:03:29 UTC >++++ extra/yassl/include/openssl/ssl.h >+@@ -179,7 +179,7 @@ enum { /* X509 Constants */ >+ unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *); >+ void ERR_print_errors_fp(FILE*); >+ char* ERR_error_string(unsigned long,char*); >+-void ERR_remove_state(unsigned long); >++void ERR_remove_thread_state(const void *); >+ unsigned long ERR_get_error(void); >+ unsigned long ERR_peek_error(void); >+ int ERR_GET_REASON(int); >+--- extra/yassl/src/ssl.cpp.orig 2018-06-15 13:03:29 UTC >++++ extra/yassl/src/ssl.cpp >+@@ -1516,7 +1516,7 @@ int SSLeay_add_ssl_algorithms() // comp >+ } >+ >+ >+-void ERR_remove_state(unsigned long) >++void ERR_remove_thread_state(const void *) >+ { >+ GetErrors().Remove(); >+ } >+--- mysys_ssl/my_aes_openssl.cc.orig 2018-06-15 13:03:29 UTC >++++ mysys_ssl/my_aes_openssl.cc >+@@ -108,33 +108,46 @@ int my_aes_encrypt(const unsigned char * >+ const unsigned char *key, uint32 key_length, >+ enum my_aes_opmode mode, const unsigned char *iv) >+ { >+- EVP_CIPHER_CTX ctx; >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ EVP_CIPHER_CTX stack_ctx; >++ EVP_CIPHER_CTX *ctx= &stack_ctx; >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ EVP_CIPHER_CTX *ctx= EVP_CIPHER_CTX_new(); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ const EVP_CIPHER *cipher= aes_evp_type(mode); >+ int u_len, f_len; >+ /* The real key to be used for encryption */ >+ unsigned char rkey[MAX_AES_KEY_LENGTH / 8]; >+ my_aes_create_key(key, key_length, rkey, mode); >+ >+- if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) >++ if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) >+ return MY_AES_BAD_DATA; >+ >+- if (!EVP_EncryptInit(&ctx, cipher, rkey, iv)) >++ if (!EVP_EncryptInit(ctx, cipher, rkey, iv)) >+ goto aes_error; /* Error */ >+- if (!EVP_CIPHER_CTX_set_padding(&ctx, 1)) >++ if (!EVP_CIPHER_CTX_set_padding(ctx, 1)) >+ goto aes_error; /* Error */ >+- if (!EVP_EncryptUpdate(&ctx, dest, &u_len, source, source_length)) >++ if (!EVP_EncryptUpdate(ctx, dest, &u_len, source, source_length)) >+ goto aes_error; /* Error */ >+ >+- if (!EVP_EncryptFinal(&ctx, dest + u_len, &f_len)) >++ if (!EVP_EncryptFinal(ctx, dest + u_len, &f_len)) >+ goto aes_error; /* Error */ >+ >+- EVP_CIPHER_CTX_cleanup(&ctx); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ EVP_CIPHER_CTX_cleanup(ctx); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ EVP_CIPHER_CTX_free(ctx); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ return u_len + f_len; >+ >+ aes_error: >+ /* need to explicitly clean up the error if we want to ignore it */ >+ ERR_clear_error(); >+- EVP_CIPHER_CTX_cleanup(&ctx); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ EVP_CIPHER_CTX_cleanup(ctx); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ EVP_CIPHER_CTX_free(ctx); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ return MY_AES_BAD_DATA; >+ } >+ >+@@ -145,7 +158,12 @@ int my_aes_decrypt(const unsigned char * >+ enum my_aes_opmode mode, const unsigned char *iv) >+ { >+ >+- EVP_CIPHER_CTX ctx; >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ EVP_CIPHER_CTX stack_ctx; >++ EVP_CIPHER_CTX *ctx= &stack_ctx; >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ EVP_CIPHER_CTX *ctx= EVP_CIPHER_CTX_new(); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ const EVP_CIPHER *cipher= aes_evp_type(mode); >+ int u_len, f_len; >+ >+@@ -153,27 +171,34 @@ int my_aes_decrypt(const unsigned char * >+ unsigned char rkey[MAX_AES_KEY_LENGTH / 8]; >+ >+ my_aes_create_key(key, key_length, rkey, mode); >+- if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) >++ if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) >+ return MY_AES_BAD_DATA; >+ >+- EVP_CIPHER_CTX_init(&ctx); >+- >+- if (!EVP_DecryptInit(&ctx, aes_evp_type(mode), rkey, iv)) >++ if (!EVP_DecryptInit(ctx, aes_evp_type(mode), rkey, iv)) >+ goto aes_error; /* Error */ >+- if (!EVP_CIPHER_CTX_set_padding(&ctx, 1)) >++ if (!EVP_CIPHER_CTX_set_padding(ctx, 1)) >+ goto aes_error; /* Error */ >+- if (!EVP_DecryptUpdate(&ctx, dest, &u_len, source, source_length)) >++ if (!EVP_DecryptUpdate(ctx, dest, &u_len, source, source_length)) >+ goto aes_error; /* Error */ >+- if (!EVP_DecryptFinal_ex(&ctx, dest + u_len, &f_len)) >++ if (!EVP_DecryptFinal_ex(ctx, dest + u_len, &f_len)) >+ goto aes_error; /* Error */ >+ >+- EVP_CIPHER_CTX_cleanup(&ctx); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ EVP_CIPHER_CTX_cleanup(ctx); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ EVP_CIPHER_CTX_free(ctx); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ >+ return u_len + f_len; >+ >+ aes_error: >+ /* need to explicitly clean up the error if we want to ignore it */ >+ ERR_clear_error(); >+- EVP_CIPHER_CTX_cleanup(&ctx); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ EVP_CIPHER_CTX_cleanup(ctx); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ EVP_CIPHER_CTX_free(ctx); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ return MY_AES_BAD_DATA; >+ } >+ >+--- sql-common/client.c.orig 2018-06-15 13:03:29 UTC >++++ sql-common/client.c >+@@ -1967,7 +1967,11 @@ static int ssl_verify_server_cert(Vio *v >+ goto error; >+ } >+ >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >+ cn= (char *) ASN1_STRING_data(cn_asn1); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ cn= (char *) ASN1_STRING_get0_data(cn_asn1); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ >+ // There should not be any NULL embedded in the CN >+ if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn)) >+--- sql/mysqld.cc.orig 2018-06-15 13:03:29 UTC >++++ sql/mysqld.cc >+@@ -2779,7 +2779,9 @@ bool one_thread_per_connection_end(THD * >+ >+ // Clean up errors now, before possibly waiting for a new connection. >+ #ifndef EMBEDDED_LIBRARY >+- ERR_remove_state(0); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ ERR_remove_thread_state(0); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ #endif >+ >+ delete thd; >+@@ -4377,7 +4379,11 @@ static int init_ssl() >+ { >+ #ifdef HAVE_OPENSSL >+ #ifndef HAVE_YASSL >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >+ CRYPTO_malloc_init(); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ OPENSSL_malloc_init(); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ #endif >+ ssl_start(); >+ #ifndef EMBEDDED_LIBRARY >+@@ -4391,7 +4397,9 @@ static int init_ssl() >+ opt_ssl_cipher, &error, >+ opt_ssl_crl, opt_ssl_crlpath); >+ DBUG_PRINT("info",("ssl_acceptor_fd: 0x%lx", (long) ssl_acceptor_fd)); >+- ERR_remove_state(0); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ ERR_remove_thread_state(0); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ if (!ssl_acceptor_fd) >+ { >+ sql_print_warning("Failed to setup SSL"); >+--- sql/rpl_slave.cc.orig 2018-06-15 13:03:29 UTC >++++ sql/rpl_slave.cc >+@@ -5143,7 +5143,9 @@ err: >+ mysql_mutex_unlock(&mi->run_lock); >+ DBUG_LEAVE; // Must match DBUG_ENTER() >+ my_thread_end(); >+- ERR_remove_state(0); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ ERR_remove_thread_state(0); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ pthread_exit(0); >+ return(0); // Avoid compiler warnings >+ } >+@@ -5334,7 +5336,9 @@ err: >+ } >+ >+ my_thread_end(); >+- ERR_remove_state(0); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ ERR_remove_thread_state(0); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ pthread_exit(0); >+ DBUG_RETURN(0); >+ } >+@@ -6482,7 +6486,9 @@ log '%s' at position %s, relay log '%s' >+ >+ DBUG_LEAVE; // Must match DBUG_ENTER() >+ my_thread_end(); >+- ERR_remove_state(0); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ ERR_remove_thread_state(0); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ pthread_exit(0); >+ return 0; // Avoid compiler warnings >+ } >+--- vio/vio.c.orig 2018-06-15 13:03:29 UTC >++++ vio/vio.c >+@@ -384,7 +384,9 @@ void vio_end(void) >+ yaSSL_CleanUp(); >+ #elif defined(HAVE_OPENSSL) >+ // This one is needed on the client side >+- ERR_remove_state(0); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ ERR_remove_thread_state(0); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ ERR_free_strings(); >+ EVP_cleanup(); >+ CRYPTO_cleanup_all_ex_data(); >+--- vio/viossl.c.orig 2018-06-15 13:03:29 UTC >++++ vio/viossl.c >+@@ -415,7 +415,11 @@ static int ssl_do(struct st_VioSSLFd *pt >+ for (j = 0; j < n; j++) >+ { >+ SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >+ DBUG_PRINT("info", (" %d: %s\n", c->id, c->name)); >++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >++ DBUG_PRINT("info", (" %d: %s\n", SSL_COMP_get_id(c), SSL_COMP_get0_name(c))); >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ } >+ } >+ #endif >+--- vio/viosslfactories.c.orig 2018-06-15 13:03:29 UTC >++++ vio/viosslfactories.c >+@@ -68,13 +68,21 @@ static DH *get_dh2048(void) >+ DH *dh; >+ if ((dh=DH_new())) >+ { >+- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); >+- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); >+- if (! dh->p || ! dh->g) >+- { >++ BIGNUM *p= BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL); >++ BIGNUM *g= BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL); >++ if (!p || !g >++#if OPENSSL_VERSION_NUMBER >= 0x10100000L >++ || !DH_set0_pqg(dh, p, NULL, g) >++#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ >++ ) { >++ /* DH_free() will free 'p' and 'g' at once. */ >+ DH_free(dh); >+- dh=0; >++ return NULL; >+ } >++#if OPENSSL_VERSION_NUMBER < 0x10100000L >++ dh->p= p; >++ dh->g= g; >++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >+ } >+ return(dh); >+ } > >Property changes on: databases/mysql56-server/files/patch-openssl111 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: databases/mysql56-server/files/patch-vio_viosslfactories.c >=================================================================== >--- databases/mysql56-server/files/patch-vio_viosslfactories.c (revision 481513) >+++ databases/mysql56-server/files/patch-vio_viosslfactories.c (nonexistent) >@@ -1,27 +0,0 @@ >---- vio/viosslfactories.c.orig 2017-12-09 07:33:37 UTC >-+++ vio/viosslfactories.c >-@@ -68,13 +68,20 @@ static DH *get_dh2048(void) >- DH *dh; >- if ((dh=DH_new())) >- { >-- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); >-- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); >-- if (! dh->p || ! dh->g) >-- { >-+ BIGNUM *p= BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); >-+ BIGNUM *g= BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); >-+ if (!p || !g >-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L >-+ || !DH_set0_pqg(dh, p, NULL, g) >-+#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ >-+ ) { >- DH_free(dh); >- dh=0; >- } >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+ dh->p= p; >-+ dh->g= g; >-+#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ >- } >- return(dh); >- } > >Property changes on: databases/mysql56-server/files/patch-vio_viosslfactories.c >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=197915">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 225888
: 197915