1 files changed, 25 insertions, 8 deletions

diff --git a/databases/mysql80-server/files/patch-vio_viosslfactories.cc b/databases/mysql80-server/files/patch-vio_viosslfactories.cc
index 06cc1f909f4f..2e0fb5d55fe6 100644
--- a/databases/mysql80-server/files/patch-vio_viosslfactories.cc
+++ b/databases/mysql80-server/files/patch-vio_viosslfactories.cc
@@ -1,5 +1,5 @@
---- vio/viosslfactories.cc.orig	2021-12-17 16:07:27 UTC
-+++ vio/viosslfactories.cc
+--- vio/viosslfactories.cc.orig	2021-12-17 08:07:27.000000000 -0800
++++ vio/viosslfactories.cc	2022-02-20 11:48:11.223957000 -0800
 @@ -40,6 +40,7 @@
  #include "vio/vio_priv.h"
  
@@ -8,7 +8,7 @@
  
  #if OPENSSL_VERSION_NUMBER < 0x10002000L
  #include <openssl/ec.h>
-@@ -472,6 +473,7 @@ void ssl_start() {
+@@ -472,6 +473,7 @@
    }
  }
  
@@ -16,7 +16,7 @@
  /**
    Set fips mode in openssl library,
    When we set fips mode ON/STRICT, it will perform following operations:
-@@ -525,6 +527,7 @@ EXIT:
+@@ -525,6 +527,7 @@
    @returns openssl current fips mode
  */
  uint get_fips_mode() { return FIPS_mode(); }
@@ -24,7 +24,24 @@
  
  /**
    Toggle FIPS mode, to see whether it is available with the current SSL library.
-@@ -545,7 +548,7 @@ long process_tls_version(const char *tls_version) {
+@@ -532,6 +535,7 @@
+   @retval non-zero: FIPS is supported.
+ */
+ int test_ssl_fips_mode(char *err_string) {
++#ifndef LIBRESSL_VERSION_NUMBER
+   int ret = FIPS_mode_set(FIPS_mode() == 0 ? 1 : 0);
+   unsigned long err = (ret == 0) ? ERR_get_error() : 0;
+ 
+@@ -539,13 +543,16 @@
+     ERR_error_string_n(err, err_string, OPENSSL_ERROR_LENGTH - 1);
+   }
+   return ret;
++#else
++  return 0;
++#endif
+ }
+ 
+ long process_tls_version(const char *tls_version) {
    const char *separator = ",";
    char *token, *lasts = nullptr;
  
@@ -33,7 +50,7 @@
    const char *tls_version_name_list[] = {"TLSv1.2", "TLSv1.3"};
    const char ctx_flag_default[] = "TLSv1.2,TLSv1.3";
    const long tls_ctx_list[] = {SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3};
-@@ -623,7 +626,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
+@@ -623,7 +630,7 @@
    ssl_ctx_options = (ssl_ctx_options | ssl_ctx_flags) &
                      (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
                       SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2
@@ -42,7 +59,7 @@
                       | SSL_OP_NO_TLSv1_3
  #endif /* HAVE_TLSv13 */
                       | SSL_OP_NO_TICKET);
-@@ -632,7 +635,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
+@@ -632,7 +639,7 @@
      return nullptr;
  
    if (!(ssl_fd->ssl_context = SSL_CTX_new(is_client ?
@@ -51,7 +68,7 @@
                                                      TLS_client_method()
                                                      : TLS_server_method()
  #else  /* HAVE_TLSv13 */
-@@ -647,7 +650,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
+@@ -647,7 +654,7 @@
      return nullptr;
    }