summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--20018_all_percona-server-8.0.16-fix-libressl-support.patch (renamed from 20018_percona-server-8.0.16-fix-libressl-support.patch)58
1 files changed, 1 insertions, 57 deletions
diff --git a/20018_percona-server-8.0.16-fix-libressl-support.patch b/20018_all_percona-server-8.0.16-fix-libressl-support.patch
index 5e7b24e..c54d7ae 100644
--- a/20018_percona-server-8.0.16-fix-libressl-support.patch
+++ b/20018_all_percona-server-8.0.16-fix-libressl-support.patch
@@ -1,29 +1,6 @@
-From da955a3a74c57688d33d845d5cb12cccf8004ff2 Mon Sep 17 00:00:00 2001
-From: root <root@dev1.fritz.box>
-Date: Sat, 17 Aug 2019 00:15:49 +0200
-Subject: [PATCH 5/5] percona-server-8.0.16-fix-libressl-support
-
----
- cmake/ssl.cmake | 6 ++++--
- extra/libevent/openssl-compat.h | 5 ++++-
- mysys_ssl/my_md5.cc | 2 +-
- .../src/bindings/xcom/xcom/xcom_ssl_transport.c | 4 ++--
- plugin/x/client/xconnection_impl.cc | 4 ++--
- router/src/http/src/tls_client_context.cc | 2 +-
- router/src/http/src/tls_context.cc | 6 +++++-
- router/src/http/src/tls_server_context.cc | 3 ++-
- sql-common/client.cc | 3 ++-
- sql/mysqld.cc | 4 ++--
- sql/sys_vars.cc | 8 ++++----
- vio/viossl.cc | 4 ++--
- vio/viosslfactories.cc | 2 +-
- 13 files changed, 32 insertions(+), 21 deletions(-)
-
-diff --git a/cmake/ssl.cmake b/cmake/ssl.cmake
-index e93a12e0..06cd36ec 100644
--- a/cmake/ssl.cmake
+++ b/cmake/ssl.cmake
-@@ -313,12 +313,14 @@ MACRO (MYSQL_CHECK_SSL)
+@@ -313,7 +313,8 @@ MACRO (MYSQL_CHECK_SSL)
OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
)
ENDIF()
@@ -33,15 +10,6 @@ index e93a12e0..06cd36ec 100644
ADD_DEFINITIONS(-DHAVE_TLSv13)
ENDIF()
IF(OPENSSL_INCLUDE_DIR AND
- OPENSSL_LIBRARY AND
-- CRYPTO_LIBRARY
-+ CRYPTO_LIBRARY AND
-+ OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1"
- )
- SET(OPENSSL_FOUND TRUE)
- FIND_PROGRAM(OPENSSL_EXECUTABLE openssl
-diff --git a/extra/libevent/openssl-compat.h b/extra/libevent/openssl-compat.h
-index 69afc716..deb21d6a 100644
--- a/extra/libevent/openssl-compat.h
+++ b/extra/libevent/openssl-compat.h
@@ -24,7 +24,6 @@ static inline BIO_METHOD *BIO_meth_new(int type, const char *name)
@@ -61,8 +29,6 @@ index 69afc716..deb21d6a 100644
+#endif
+
#endif /* OPENSSL_COMPAT_H */
-diff --git a/mysys_ssl/my_md5.cc b/mysys_ssl/my_md5.cc
-index 095fcb4e..0bdc885a 100644
--- a/mysys_ssl/my_md5.cc
+++ b/mysys_ssl/my_md5.cc
@@ -56,7 +56,7 @@ static void my_md5_hash(unsigned char *digest, unsigned const char *buf,
@@ -74,8 +40,6 @@ index 095fcb4e..0bdc885a 100644
fips_mode = FIPS_mode();
#endif /* HAVE_WOLFSSL */
/* If fips mode is ON/STRICT restricted method calls will result into abort,
-diff --git a/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c b/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
-index 67c151b2..6a18a717 100644
--- a/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
+++ b/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
@@ -297,7 +297,7 @@ error:
@@ -96,8 +60,6 @@ index 67c151b2..6a18a717 100644
if (configure_ssl_fips_mode(ssl_fips_mode) != 1) {
G_ERROR("Error setting the ssl fips mode");
goto error;
-diff --git a/plugin/x/client/xconnection_impl.cc b/plugin/x/client/xconnection_impl.cc
-index cab1836c..4ba28d8f 100644
--- a/plugin/x/client/xconnection_impl.cc
+++ b/plugin/x/client/xconnection_impl.cc
@@ -489,7 +489,7 @@ XError Connection_impl::get_ssl_error(const int error_id) {
@@ -118,8 +80,6 @@ index cab1836c..4ba28d8f 100644
char err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
if (set_fips_mode((int)m_context->m_ssl_config.m_ssl_fips_mode, err_string) !=
1) {
-diff --git a/router/src/http/src/tls_client_context.cc b/router/src/http/src/tls_client_context.cc
-index f9dff94d..ae7413b4 100644
--- a/router/src/http/src/tls_client_context.cc
+++ b/router/src/http/src/tls_client_context.cc
@@ -54,7 +54,7 @@ void TlsClientContext::verify(TlsVerify verify) {
@@ -131,8 +91,6 @@ index f9dff94d..ae7413b4 100644
if (1 != SSL_CTX_set_ciphersuites(ssl_ctx_.get(), ciphers.c_str())) {
throw TlsError("set-cipher-suites");
}
-diff --git a/router/src/http/src/tls_context.cc b/router/src/http/src/tls_context.cc
-index bae36860..2cdc3127 100644
--- a/router/src/http/src/tls_context.cc
+++ b/router/src/http/src/tls_context.cc
@@ -92,7 +92,7 @@ static constexpr int o11x_version(TlsVersion version) {
@@ -167,8 +125,6 @@ index bae36860..2cdc3127 100644
case 0:
return TlsVersion::AUTO;
default:
-diff --git a/router/src/http/src/tls_server_context.cc b/router/src/http/src/tls_server_context.cc
-index 4f3fa39c..ecc97559 100644
--- a/router/src/http/src/tls_server_context.cc
+++ b/router/src/http/src/tls_server_context.cc
@@ -162,7 +162,8 @@ void TlsServerContext::init_tmp_dh(const std::string &dh_params) {
@@ -181,8 +137,6 @@ index 4f3fa39c..ecc97559 100644
dh2048.reset(DH_get_2048_256());
#else
/*
-diff --git a/sql-common/client.cc b/sql-common/client.cc
-index b6a253cc..2375bd19 100644
--- a/sql-common/client.cc
+++ b/sql-common/client.cc
@@ -7681,7 +7681,8 @@ int STDCALL mysql_options(MYSQL *mysql, enum mysql_option option,
@@ -195,8 +149,6 @@ index b6a253cc..2375bd19 100644
char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
ENSURE_EXTENSIONS_PRESENT(&mysql->options);
mysql->options.extension->ssl_fips_mode = *(uint *)arg;
-diff --git a/sql/mysqld.cc b/sql/mysqld.cc
-index 22364edc..7b066343 100644
--- a/sql/mysqld.cc
+++ b/sql/mysqld.cc
@@ -4881,7 +4881,7 @@ static int init_thread_environment() {
@@ -217,8 +169,6 @@ index 22364edc..7b066343 100644
char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
int ret_fips_mode = set_fips_mode(opt_ssl_fips_mode, ssl_err_string);
if (ret_fips_mode != 1) {
-diff --git a/sql/sys_vars.cc b/sql/sys_vars.cc
-index 5d7f3555..334684d2 100644
--- a/sql/sys_vars.cc
+++ b/sql/sys_vars.cc
@@ -4405,7 +4405,7 @@ static Sys_var_ulong Sys_max_execution_time(
@@ -257,8 +207,6 @@ index 5d7f3555..334684d2 100644
ON_UPDATE(update_fips_mode),
#else
ON_UPDATE(NULL),
-diff --git a/vio/viossl.cc b/vio/viossl.cc
-index d69119b3..5fb7c883 100644
--- a/vio/viossl.cc
+++ b/vio/viossl.cc
@@ -507,7 +507,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
@@ -279,8 +227,6 @@ index d69119b3..5fb7c883 100644
DBUG_PRINT("info", (" %d: %s\n", c->id, c->name));
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
DBUG_PRINT("info",
-diff --git a/vio/viosslfactories.cc b/vio/viosslfactories.cc
-index ea79ad1b..8ed961d1 100644
--- a/vio/viosslfactories.cc
+++ b/vio/viosslfactories.cc
@@ -429,7 +429,7 @@ void ssl_start() {
@@ -292,6 +238,4 @@ index ea79ad1b..8ed961d1 100644
/**
Set fips mode in openssl library,
When we set fips mode ON/STRICT, it will perform following operations:
---
-2.22.1