diff options
Diffstat (limited to 'dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch')
-rw-r--r-- | dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch | 300 |
1 files changed, 0 insertions, 300 deletions
diff --git a/dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch b/dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch deleted file mode 100644 index 3459206e4f76..000000000000 --- a/dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch +++ /dev/null @@ -1,300 +0,0 @@ -From 7961393dd45e4ad1cdc7544b4bba2e98a5d2760c Mon Sep 17 00:00:00 2001 -From: eroen <eroen@occam.eroen.eu> -Date: Fri, 20 Jan 2017 14:43:53 +0100 -Subject: [PATCH] Don't use deprecated API with openssl 1.1 - -If openssl 1.1.0 is built with `--api=1.1 disable-deprecated`, using -deprecated APIs causes build errors. - -X-Gentoo-Bug: 606600 -X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=606600 ---- - mysys_ssl/my_aes_openssl.cc | 54 ++++++++++++++++++++++++++++++++------------- - sql-common/client.c | 16 ++++++++++++-- - vio/viossl.c | 8 +++++++ - vio/viosslfactories.c | 23 +++++++++++++++++++ - 4 files changed, 84 insertions(+), 17 deletions(-) - -diff --git a/mysys_ssl/my_aes_openssl.cc b/mysys_ssl/my_aes_openssl.cc -index 261ba8a..59a95e3 100644 ---- a/mysys_ssl/my_aes_openssl.cc -+++ b/mysys_ssl/my_aes_openssl.cc -@@ -22,6 +22,12 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ - #include <openssl/evp.h> - #include <openssl/err.h> - #include <openssl/bio.h> -+#include <openssl/opensslv.h> -+ -+#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L) -+#undef OPENSSL_VERSION_NUMBER -+#define OPENSSL_VERSION_NUMBER 0x1000107fL -+#endif - - /* - xplugin needs BIO_new_bio_pair, but the server does not. -@@ -122,7 +128,7 @@ int my_aes_encrypt(const unsigned char *source, uint32 source_length, - enum my_aes_opmode mode, const unsigned char *iv, - bool padding) - { -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx; - const EVP_CIPHER *cipher= aes_evp_type(mode); - int u_len, f_len; - /* The real key to be used for encryption */ -@@ -132,23 +138,31 @@ int my_aes_encrypt(const unsigned char *source, uint32 source_length, - if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) - return MY_AES_BAD_DATA; - -- if (!EVP_EncryptInit(&ctx, cipher, rkey, iv)) -+ if (!EVP_EncryptInit(ctx, cipher, rkey, iv)) - goto aes_error; /* Error */ -- if (!EVP_CIPHER_CTX_set_padding(&ctx, padding)) -+ if (!EVP_CIPHER_CTX_set_padding(ctx, padding)) - goto aes_error; /* Error */ -- if (!EVP_EncryptUpdate(&ctx, dest, &u_len, source, source_length)) -+ if (!EVP_EncryptUpdate(ctx, dest, &u_len, source, source_length)) - goto aes_error; /* Error */ - -- if (!EVP_EncryptFinal(&ctx, dest + u_len, &f_len)) -+ if (!EVP_EncryptFinal(ctx, dest + u_len, &f_len)) - goto aes_error; /* Error */ - -- EVP_CIPHER_CTX_cleanup(&ctx); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_cleanup(ctx); -+#else -+ EVP_CIPHER_CTX_free(ctx); -+#endif - return u_len + f_len; - - aes_error: - /* need to explicitly clean up the error if we want to ignore it */ - ERR_clear_error(); -- EVP_CIPHER_CTX_cleanup(&ctx); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_cleanup(ctx); -+#else -+ EVP_CIPHER_CTX_free(ctx); -+#endif - return MY_AES_BAD_DATA; - } - -@@ -159,7 +173,7 @@ int my_aes_decrypt(const unsigned char *source, uint32 source_length, - bool padding) - { - -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx; - const EVP_CIPHER *cipher= aes_evp_type(mode); - int u_len, f_len; - -@@ -170,24 +184,34 @@ int my_aes_decrypt(const unsigned char *source, uint32 source_length, - if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) - return MY_AES_BAD_DATA; - -- EVP_CIPHER_CTX_init(&ctx); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_init(ctx); -+#endif - -- if (!EVP_DecryptInit(&ctx, aes_evp_type(mode), rkey, iv)) -+ if (!EVP_DecryptInit(ctx, aes_evp_type(mode), rkey, iv)) - goto aes_error; /* Error */ -- if (!EVP_CIPHER_CTX_set_padding(&ctx, padding)) -+ if (!EVP_CIPHER_CTX_set_padding(ctx, padding)) - goto aes_error; /* Error */ -- if (!EVP_DecryptUpdate(&ctx, dest, &u_len, source, source_length)) -+ if (!EVP_DecryptUpdate(ctx, dest, &u_len, source, source_length)) - goto aes_error; /* Error */ -- if (!EVP_DecryptFinal_ex(&ctx, dest + u_len, &f_len)) -+ if (!EVP_DecryptFinal_ex(ctx, dest + u_len, &f_len)) - goto aes_error; /* Error */ - -- EVP_CIPHER_CTX_cleanup(&ctx); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_cleanup(ctx); -+#else -+ EVP_CIPHER_CTX_free(ctx); -+#endif - return u_len + f_len; - - aes_error: - /* need to explicitly clean up the error if we want to ignore it */ - ERR_clear_error(); -- EVP_CIPHER_CTX_cleanup(&ctx); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_cleanup(ctx); -+#else -+ EVP_CIPHER_CTX_free(ctx); -+#endif - return MY_AES_BAD_DATA; - } - -diff --git a/sql-common/client.c b/sql-common/client.c -index 9e88e9f..fe7daf7 100644 ---- a/sql-common/client.c -+++ b/sql-common/client.c -@@ -86,6 +86,14 @@ my_bool net_flush(NET *net); - # include <sys/un.h> - #endif - -+#ifdef HAVE_OPENSSL -+#include <openssl/opensslv.h> -+#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L) -+#undef OPENSSL_VERSION_NUMBER -+#define OPENSSL_VERSION_NUMBER 0x1000107fL -+#endif -+#endif -+ - #ifndef _WIN32 - #include <errno.h> - #define SOCKET_ERROR -1 -@@ -2685,7 +2693,7 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c - { - SSL *ssl; - X509 *server_cert= NULL; -- char *cn= NULL; -+ const char *cn= NULL; - int cn_loc= -1; - ASN1_STRING *cn_asn1= NULL; - X509_NAME_ENTRY *cn_entry= NULL; -@@ -2757,7 +2765,11 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c - goto error; - } - -- cn= (char *) ASN1_STRING_data(cn_asn1); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ cn= (const char *) ASN1_STRING_data(cn_asn1); -+#else -+ cn= (const char *) ASN1_STRING_get0_data(cn_asn1); -+#endif - - // There should not be any NULL embedded in the CN - if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn)) -diff --git a/vio/viossl.c b/vio/viossl.c -index 5622cb7..94b0f09 100644 ---- a/vio/viossl.c -+++ b/vio/viossl.c -@@ -24,6 +24,12 @@ - - #ifdef HAVE_OPENSSL - -+#include <openssl/opensslv.h> -+#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L) -+#undef OPENSSL_VERSION_NUMBER -+#define OPENSSL_VERSION_NUMBER 0x1000107fL -+#endif -+ - #ifndef DBUG_OFF - - static void -@@ -310,8 +316,10 @@ void vio_ssl_delete(Vio *vio) - } - - #ifndef HAVE_YASSL -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - ERR_remove_thread_state(0); - #endif -+#endif - - vio_delete(vio); - } -@@ -427,7 +427,12 @@ - for (j = 0; j < n; j++) - { - SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - DBUG_PRINT("info", (" %d: %s\n", c->id, c->name)); -+#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ -+ DBUG_PRINT("info", -+ (" %d: %s\n", SSL_COMP_get_id(c), SSL_COMP_get0_name(c))); -+#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ - } - } - #endif -diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c -index da5449a..87b30c3 100644 ---- a/vio/viosslfactories.c -+++ b/vio/viosslfactories.c -@@ -16,6 +16,14 @@ - #include "vio_priv.h" - - #ifdef HAVE_OPENSSL -+#include <openssl/bn.h> -+#include <openssl/dh.h> -+#include <openssl/opensslv.h> -+ -+#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L) -+#undef OPENSSL_VERSION_NUMBER -+#define OPENSSL_VERSION_NUMBER 0x1000107fL -+#endif - - #define TLS_VERSION_OPTION_SIZE 256 - #define SSL_CIPHER_LIST_SIZE 4096 -@@ -121,10 +129,18 @@ static DH *get_dh2048(void) - DH *dh; - if ((dh=DH_new())) - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); - dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); - if (! dh->p || ! dh->g) - { -+#else -+ if (! DH_set0_pqg(dh, -+ BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL), -+ NULL, -+ BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL))) -+ { -+#endif - DH_free(dh); - dh=0; - } -@@ -247,6 +263,8 @@ typedef struct CRYPTO_dynlock_value - } openssl_lock_t; - - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ - /* Array of locks used by openssl internally for thread synchronization. - The number of locks is equal to CRYPTO_num_locks. - */ -@@ -389,9 +407,11 @@ static void deinit_lock_callback_functions() - { - set_lock_callback_functions(FALSE); - } -+#endif - - void vio_ssl_end() - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - int i= 0; - - if (ssl_initialized) { -@@ -409,6 +429,7 @@ void vio_ssl_end() - - ssl_initialized= FALSE; - } -+#endif - } - - #endif //OpenSSL specific -@@ -419,6 +440,7 @@ void ssl_start() - { - ssl_initialized= TRUE; - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - SSL_library_init(); - OpenSSL_add_all_algorithms(); - SSL_load_error_strings(); -@@ -427,6 +449,7 @@ void ssl_start() - init_ssl_locks(); - init_lock_callback_functions(); - #endif -+#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ - } - } - --- -2.11.0 - |