extra/mariadb: fix

2025-03-19 00:21:40 +00:00 · 2018-02-12 14:09:02 +00:00 · 2018-02-12 14:09:02 +00:00 · 07669cf7d6
commit 07669cf7d6
parent 1b9dc2da56
1 changed files with 28 additions and 49 deletions
--- a/extra/mariadb/0001-openssl-1-1-0.patch
+++ b/extra/mariadb/0001-openssl-1-1-0.patch
@ -147,10 +147,10 @@ index 0000000..9b19960
 +  }
 +}
 diff --git a/mysql-test/mysql-test-run.pl b/mysql-test/mysql-test-run.pl
-index 2cd5d2a..22bcaba 100755
+index eaec51b..1b28469 100755
 --- a/mysql-test/mysql-test-run.pl
 +++ b/mysql-test/mysql-test-run.pl
-@@ -2300,6 +2300,11 @@ sub environment_setup {
+@@ -2301,6 +2301,11 @@ sub environment_setup {
   $ENV{'MYSQL_PLUGIN'}=             $exe_mysql_plugin;
   $ENV{'MYSQL_EMBEDDED'}=           $exe_mysql_embedded;
 
@ -231,7 +231,7 @@ index 4f6f745..f8a767e 100644
 
 SET(MYSYS_SSL_SOURCES
 diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc
-index a0937a8..ed1c82d 100644
+index 4393394..da60a10 100644
 --- a/mysys_ssl/my_crypt.cc
 +++ b/mysys_ssl/my_crypt.cc
@@ -1,6 +1,6 @@
@ -242,7 +242,7 @@ index a0937a8..ed1c82d 100644
 
  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
-@@ -17,52 +17,60 @@
+@@ -17,7 +17,6 @@
 
 #include <my_global.h>
 #include <string.h>
@ -250,12 +250,10 @@ index a0937a8..ed1c82d 100644
 
 #ifdef HAVE_YASSL
 #include "yassl.cc"
- #else
-
- #include <openssl/evp.h>
- #include <openssl/aes.h>
+@@ -28,42 +27,53 @@
 #include <openssl/err.h>
-
+ #include <openssl/rand.h>
+ 
 -#ifdef HAVE_ERR_remove_thread_state
 -#define ERR_remove_state(X) ERR_remove_thread_state(NULL)
 +#include <openssl/rand.h>
@ -317,7 +315,7 @@ index a0937a8..ed1c82d 100644
       return MY_AES_BAD_DATA;
     return MY_AES_OK;
   }
-@@ -72,7 +80,8 @@ class MyCTX_nopad : public MyCTX
+@@ -73,7 +83,8 @@ class MyCTX_nopad : public MyCTX
 {
 public:
   const uchar *key;
@ -327,7 +325,7 @@ index a0937a8..ed1c82d 100644
 
   MyCTX_nopad() : MyCTX() { }
   ~MyCTX_nopad() { }
-@@ -83,32 +92,48 @@ class MyCTX_nopad : public MyCTX
+@@ -84,32 +95,48 @@ class MyCTX_nopad : public MyCTX
     compile_time_assert(MY_AES_CTX_SIZE >= sizeof(MyCTX_nopad));
     this->key= key;
     this->klen= klen;
@ -383,7 +381,7 @@ index a0937a8..ed1c82d 100644
     return MY_AES_OK;
   }
 };
-@@ -152,7 +177,7 @@ class MyCTX_gcm : public MyCTX
+@@ -153,7 +180,7 @@ class MyCTX_gcm : public MyCTX
   {
     compile_time_assert(MY_AES_CTX_SIZE >= sizeof(MyCTX_gcm));
     int res= MyCTX::init(cipher, encrypt, key, klen, iv, ivlen);
@ -392,7 +390,7 @@ index a0937a8..ed1c82d 100644
     aad= iv + real_ivlen;
     aadlen= ivlen - real_ivlen;
     return res;
-@@ -166,15 +191,15 @@ class MyCTX_gcm : public MyCTX
+@@ -167,15 +194,15 @@ class MyCTX_gcm : public MyCTX
       before decrypting the data. it can encrypt data piecewise, like, first
       half, then the second half, but it must decrypt all at once
     */
@ -411,7 +409,7 @@ index a0937a8..ed1c82d 100644
       return MY_AES_OPENSSL_ERROR;
     aadlen= 0;
     return MyCTX::update(src, slen, dst, dlen);
-@@ -183,13 +208,13 @@ class MyCTX_gcm : public MyCTX
+@@ -184,13 +211,13 @@ class MyCTX_gcm : public MyCTX
   int finish(uchar *dst, uint *dlen)
   {
     int fin;
@ -428,7 +426,7 @@ index a0937a8..ed1c82d 100644
         return MY_AES_OPENSSL_ERROR;
       *dlen= MY_AES_BLOCK_SIZE;
     }
-@@ -257,12 +282,15 @@ int my_aes_crypt(enum my_aes_mode mode, int flags,
+@@ -258,12 +285,15 @@ int my_aes_crypt(enum my_aes_mode mode, int flags,
 {
   void *ctx= alloca(MY_AES_CTX_SIZE);
   int res1, res2;
@ -446,25 +444,6 @@ index a0937a8..ed1c82d 100644
   return res1 ? res1 : res2;
 }
 
-@@ -301,17 +329,10 @@ int my_random_bytes(uchar* buf, int num)
-   return MY_AES_OK;
- }
- #else
-#include <openssl/rand.h>
- 
- int my_random_bytes(uchar *buf, int num)
- {
-  /*
-    Unfortunately RAND_bytes manual page does not provide any guarantees
-    in relation to blocking behavior. Here we explicitly use SSLeay random
-    instead of whatever random engine is currently set in OpenSSL. That way
-    we are guaranteed to have a non-blocking random.
-  */
-  RAND_METHOD *rand = RAND_SSLeay();
-+  RAND_METHOD *rand = RAND_OpenSSL();
-   if (rand == NULL || rand->bytes(buf, num) != 1)
-     return MY_AES_OPENSSL_ERROR;
-   return MY_AES_OK;
 diff --git a/mysys_ssl/my_md5.cc b/mysys_ssl/my_md5.cc
 index 7139ea9..0105082 100644
 --- a/mysys_ssl/my_md5.cc
@ -698,10 +677,10 @@ index 0000000..a3f1ca2
 +}
 +#endif
 diff --git a/mysys_ssl/yassl.cc b/mysys_ssl/yassl.cc
-index 9717870..aa5631f 100644
+index e9f8e65..268589d 100644
 --- a/mysys_ssl/yassl.cc
 +++ b/mysys_ssl/yassl.cc
-@@ -44,7 +44,6 @@ typedef struct
+@@ -45,7 +45,6 @@ typedef struct
   int buf_len;
   int final_used;
   uchar tao_buf[sizeof(TaoCrypt::AES)];   // TaoCrypt::AES object
@ -709,7 +688,7 @@ index 9717870..aa5631f 100644
   uchar buf[TaoCrypt::AES::BLOCK_SIZE];   // last partial input block
   uchar final[TaoCrypt::AES::BLOCK_SIZE]; // last decrypted (output) block
 } EVP_CIPHER_CTX;
-@@ -97,10 +96,7 @@ static int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+@@ -98,10 +97,7 @@ static int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
                                        : TaoCrypt::DECRYPTION, cipher->mode);
   TAO(ctx)->SetKey(key, cipher->key_len);
   if (iv)
@ -721,7 +700,7 @@ index 9717870..aa5631f 100644
   ctx->key_len= cipher->key_len;
   ctx->flags|= cipher->mode == TaoCrypt::CBC ? EVP_CIPH_CBC_MODE : EVP_CIPH_ECB_MODE;
 diff --git a/sql-common/client.c b/sql-common/client.c
-index b7796ce..2518f66 100644
+index da18a0f..e3280a1 100644
 --- a/sql-common/client.c
 +++ b/sql-common/client.c
@@ -105,6 +105,7 @@ my_bool	net_flush(NET *net);
@ -732,7 +711,7 @@ index b7796ce..2518f66 100644
 #include <sql_common.h>
 #include <mysql/client_plugin.h>
 #include <my_context.h>
-@@ -1769,9 +1770,8 @@ mysql_get_ssl_cipher(MYSQL *mysql __attribute__((unused)))
+@@ -1770,9 +1771,8 @@ mysql_get_ssl_cipher(MYSQL *mysql __attribute__((unused)))
 
 #if defined(HAVE_OPENSSL)
 
@ -743,7 +722,7 @@ index b7796ce..2518f66 100644
 #endif
 
 static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const char **errptr)
-@@ -1843,7 +1843,7 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c
+@@ -1844,7 +1844,7 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c
     goto error;
   }
 
@ -753,7 +732,7 @@ index b7796ce..2518f66 100644
   if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn))
   {
 diff --git a/sql/mysqld.cc b/sql/mysqld.cc
-index 3af8750..cc64205 100644
+index 0de9d7a..3a92192 100644
 --- a/sql/mysqld.cc
 +++ b/sql/mysqld.cc
@@ -338,9 +338,13 @@ static PSI_thread_key key_thread_handle_con_sockets;
@ -812,7 +791,7 @@ index 3af8750..cc64205 100644
 #endif /* HAVE_OPENSSL */
 #ifdef HAVE_REPLICATION
   mysql_mutex_destroy(&LOCK_rpl_status);
-@@ -4057,6 +4061,14 @@ static int init_common_variables()
+@@ -4038,6 +4042,14 @@ static int init_common_variables()
     return 1;
   }
 
@ -827,7 +806,7 @@ index 3af8750..cc64205 100644
   if (init_thread_environment() ||
       mysql_init_variables())
     return 1;
-@@ -4603,7 +4615,7 @@ static int init_thread_environment()
+@@ -4584,7 +4596,7 @@ static int init_thread_environment()
 #ifdef HAVE_OPENSSL
   mysql_mutex_init(key_LOCK_des_key_file,
                    &LOCK_des_key_file, MY_MUTEX_INIT_FAST);
@ -836,7 +815,7 @@ index 3af8750..cc64205 100644
   openssl_stdlocks= (openssl_lock_t*) OPENSSL_malloc(CRYPTO_num_locks() *
                                                      sizeof(openssl_lock_t));
   for (int i= 0; i < CRYPTO_num_locks(); ++i)
-@@ -4612,8 +4624,8 @@ static int init_thread_environment()
+@@ -4593,8 +4605,8 @@ static int init_thread_environment()
   CRYPTO_set_dynlock_destroy_callback(openssl_dynlock_destroy);
   CRYPTO_set_dynlock_lock_callback(openssl_lock);
   CRYPTO_set_locking_callback(openssl_lock_function);
@ -847,7 +826,7 @@ index 3af8750..cc64205 100644
   mysql_rwlock_init(key_rwlock_LOCK_sys_init_connect, &LOCK_sys_init_connect);
   mysql_rwlock_init(key_rwlock_LOCK_sys_init_slave, &LOCK_sys_init_slave);
   mysql_rwlock_init(key_rwlock_LOCK_grant, &LOCK_grant);
-@@ -4646,7 +4658,7 @@ static int init_thread_environment()
+@@ -4627,7 +4639,7 @@ static int init_thread_environment()
 }
 
 
@ -856,7 +835,7 @@ index 3af8750..cc64205 100644
 static openssl_lock_t *openssl_dynlock_create(const char *file, int line)
 {
   openssl_lock_t *lock= new openssl_lock_t;
-@@ -4706,8 +4718,7 @@ static void openssl_lock(int mode, openssl_lock_t *lock, const char *file,
+@@ -4687,8 +4699,7 @@ static void openssl_lock(int mode, openssl_lock_t *lock, const char *file,
     abort();
   }
 }
@ -867,7 +846,7 @@ index 3af8750..cc64205 100644
 static void init_ssl()
 {
 diff --git a/sql/slave.cc b/sql/slave.cc
-index db1c330..aec5143 100644
+index da394ff..2096ed1 100644
 --- a/sql/slave.cc
 +++ b/sql/slave.cc
@@ -40,6 +40,7 @@
@ -886,7 +865,7 @@ index db1c330..aec5143 100644
 #define FLAGSTR(V,F) ((V)&(F)?#F" ":"")
 
 #define MAX_SLAVE_RETRY_PAUSE 5
-@@ -4507,9 +4507,7 @@ log space");
+@@ -4506,9 +4506,7 @@ log space");
 
   DBUG_LEAVE;                                   // Must match DBUG_ENTER()
   my_thread_end();
@ -896,7 +875,7 @@ index db1c330..aec5143 100644
   pthread_exit(0);
   return 0;                                     // Avoid compiler warnings
 }
-@@ -5168,9 +5166,7 @@ pthread_handler_t handle_slave_sql(void *arg)
+@@ -5167,9 +5165,7 @@ pthread_handler_t handle_slave_sql(void *arg)
 
   DBUG_LEAVE;                                   // Must match DBUG_ENTER()
   my_thread_end();