diff options
-rw-r--r-- | 20018_all_percona-server-8.0.16-fix-libressl-support.patch (renamed from 20018_percona-server-8.0.16-fix-libressl-support.patch) | 58 |
1 files changed, 1 insertions, 57 deletions
diff --git a/20018_percona-server-8.0.16-fix-libressl-support.patch b/20018_all_percona-server-8.0.16-fix-libressl-support.patch index 5e7b24e..c54d7ae 100644 --- a/20018_percona-server-8.0.16-fix-libressl-support.patch +++ b/20018_all_percona-server-8.0.16-fix-libressl-support.patch @@ -1,29 +1,6 @@ -From da955a3a74c57688d33d845d5cb12cccf8004ff2 Mon Sep 17 00:00:00 2001 -From: root <root@dev1.fritz.box> -Date: Sat, 17 Aug 2019 00:15:49 +0200 -Subject: [PATCH 5/5] percona-server-8.0.16-fix-libressl-support - ---- - cmake/ssl.cmake | 6 ++++-- - extra/libevent/openssl-compat.h | 5 ++++- - mysys_ssl/my_md5.cc | 2 +- - .../src/bindings/xcom/xcom/xcom_ssl_transport.c | 4 ++-- - plugin/x/client/xconnection_impl.cc | 4 ++-- - router/src/http/src/tls_client_context.cc | 2 +- - router/src/http/src/tls_context.cc | 6 +++++- - router/src/http/src/tls_server_context.cc | 3 ++- - sql-common/client.cc | 3 ++- - sql/mysqld.cc | 4 ++-- - sql/sys_vars.cc | 8 ++++---- - vio/viossl.cc | 4 ++-- - vio/viosslfactories.cc | 2 +- - 13 files changed, 32 insertions(+), 21 deletions(-) - -diff --git a/cmake/ssl.cmake b/cmake/ssl.cmake -index e93a12e0..06cd36ec 100644 --- a/cmake/ssl.cmake +++ b/cmake/ssl.cmake -@@ -313,12 +313,14 @@ MACRO (MYSQL_CHECK_SSL) +@@ -313,7 +313,8 @@ MACRO (MYSQL_CHECK_SSL) OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}" ) ENDIF() @@ -33,15 +10,6 @@ index e93a12e0..06cd36ec 100644 ADD_DEFINITIONS(-DHAVE_TLSv13) ENDIF() IF(OPENSSL_INCLUDE_DIR AND - OPENSSL_LIBRARY AND -- CRYPTO_LIBRARY -+ CRYPTO_LIBRARY AND -+ OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1" - ) - SET(OPENSSL_FOUND TRUE) - FIND_PROGRAM(OPENSSL_EXECUTABLE openssl -diff --git a/extra/libevent/openssl-compat.h b/extra/libevent/openssl-compat.h -index 69afc716..deb21d6a 100644 --- a/extra/libevent/openssl-compat.h +++ b/extra/libevent/openssl-compat.h @@ -24,7 +24,6 @@ static inline BIO_METHOD *BIO_meth_new(int type, const char *name) @@ -61,8 +29,6 @@ index 69afc716..deb21d6a 100644 +#endif + #endif /* OPENSSL_COMPAT_H */ -diff --git a/mysys_ssl/my_md5.cc b/mysys_ssl/my_md5.cc -index 095fcb4e..0bdc885a 100644 --- a/mysys_ssl/my_md5.cc +++ b/mysys_ssl/my_md5.cc @@ -56,7 +56,7 @@ static void my_md5_hash(unsigned char *digest, unsigned const char *buf, @@ -74,8 +40,6 @@ index 095fcb4e..0bdc885a 100644 fips_mode = FIPS_mode(); #endif /* HAVE_WOLFSSL */ /* If fips mode is ON/STRICT restricted method calls will result into abort, -diff --git a/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c b/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c -index 67c151b2..6a18a717 100644 --- a/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c +++ b/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c @@ -297,7 +297,7 @@ error: @@ -96,8 +60,6 @@ index 67c151b2..6a18a717 100644 if (configure_ssl_fips_mode(ssl_fips_mode) != 1) { G_ERROR("Error setting the ssl fips mode"); goto error; -diff --git a/plugin/x/client/xconnection_impl.cc b/plugin/x/client/xconnection_impl.cc -index cab1836c..4ba28d8f 100644 --- a/plugin/x/client/xconnection_impl.cc +++ b/plugin/x/client/xconnection_impl.cc @@ -489,7 +489,7 @@ XError Connection_impl::get_ssl_error(const int error_id) { @@ -118,8 +80,6 @@ index cab1836c..4ba28d8f 100644 char err_string[OPENSSL_ERROR_LENGTH] = {'\0'}; if (set_fips_mode((int)m_context->m_ssl_config.m_ssl_fips_mode, err_string) != 1) { -diff --git a/router/src/http/src/tls_client_context.cc b/router/src/http/src/tls_client_context.cc -index f9dff94d..ae7413b4 100644 --- a/router/src/http/src/tls_client_context.cc +++ b/router/src/http/src/tls_client_context.cc @@ -54,7 +54,7 @@ void TlsClientContext::verify(TlsVerify verify) { @@ -131,8 +91,6 @@ index f9dff94d..ae7413b4 100644 if (1 != SSL_CTX_set_ciphersuites(ssl_ctx_.get(), ciphers.c_str())) { throw TlsError("set-cipher-suites"); } -diff --git a/router/src/http/src/tls_context.cc b/router/src/http/src/tls_context.cc -index bae36860..2cdc3127 100644 --- a/router/src/http/src/tls_context.cc +++ b/router/src/http/src/tls_context.cc @@ -92,7 +92,7 @@ static constexpr int o11x_version(TlsVersion version) { @@ -167,8 +125,6 @@ index bae36860..2cdc3127 100644 case 0: return TlsVersion::AUTO; default: -diff --git a/router/src/http/src/tls_server_context.cc b/router/src/http/src/tls_server_context.cc -index 4f3fa39c..ecc97559 100644 --- a/router/src/http/src/tls_server_context.cc +++ b/router/src/http/src/tls_server_context.cc @@ -162,7 +162,8 @@ void TlsServerContext::init_tmp_dh(const std::string &dh_params) { @@ -181,8 +137,6 @@ index 4f3fa39c..ecc97559 100644 dh2048.reset(DH_get_2048_256()); #else /* -diff --git a/sql-common/client.cc b/sql-common/client.cc -index b6a253cc..2375bd19 100644 --- a/sql-common/client.cc +++ b/sql-common/client.cc @@ -7681,7 +7681,8 @@ int STDCALL mysql_options(MYSQL *mysql, enum mysql_option option, @@ -195,8 +149,6 @@ index b6a253cc..2375bd19 100644 char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'}; ENSURE_EXTENSIONS_PRESENT(&mysql->options); mysql->options.extension->ssl_fips_mode = *(uint *)arg; -diff --git a/sql/mysqld.cc b/sql/mysqld.cc -index 22364edc..7b066343 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -4881,7 +4881,7 @@ static int init_thread_environment() { @@ -217,8 +169,6 @@ index 22364edc..7b066343 100644 char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'}; int ret_fips_mode = set_fips_mode(opt_ssl_fips_mode, ssl_err_string); if (ret_fips_mode != 1) { -diff --git a/sql/sys_vars.cc b/sql/sys_vars.cc -index 5d7f3555..334684d2 100644 --- a/sql/sys_vars.cc +++ b/sql/sys_vars.cc @@ -4405,7 +4405,7 @@ static Sys_var_ulong Sys_max_execution_time( @@ -257,8 +207,6 @@ index 5d7f3555..334684d2 100644 ON_UPDATE(update_fips_mode), #else ON_UPDATE(NULL), -diff --git a/vio/viossl.cc b/vio/viossl.cc -index d69119b3..5fb7c883 100644 --- a/vio/viossl.cc +++ b/vio/viossl.cc @@ -507,7 +507,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout, @@ -279,8 +227,6 @@ index d69119b3..5fb7c883 100644 DBUG_PRINT("info", (" %d: %s\n", c->id, c->name)); #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ DBUG_PRINT("info", -diff --git a/vio/viosslfactories.cc b/vio/viosslfactories.cc -index ea79ad1b..8ed961d1 100644 --- a/vio/viosslfactories.cc +++ b/vio/viosslfactories.cc @@ -429,7 +429,7 @@ void ssl_start() { @@ -292,6 +238,4 @@ index ea79ad1b..8ed961d1 100644 /** Set fips mode in openssl library, When we set fips mode ON/STRICT, it will perform following operations: --- -2.22.1 |