aboutsummaryrefslogtreecommitdiff
path: root/databases/mysql80-server/files
diff options
context:
space:
mode:
Diffstat (limited to 'databases/mysql80-server/files')
-rw-r--r--databases/mysql80-server/files/patch-plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_network_xcom__network__provider__ssl_native__lib.cc20
-rw-r--r--databases/mysql80-server/files/patch-vio_viosslfactories.cc33
2 files changed, 45 insertions, 8 deletions
diff --git a/databases/mysql80-server/files/patch-plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_network_xcom__network__provider__ssl_native__lib.cc b/databases/mysql80-server/files/patch-plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_network_xcom__network__provider__ssl_native__lib.cc
new file mode 100644
index 000000000000..bb1eb42d99aa
--- /dev/null
+++ b/databases/mysql80-server/files/patch-plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_network_xcom__network__provider__ssl_native__lib.cc
@@ -0,0 +1,20 @@
+--- plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/network/xcom_network_provider_ssl_native_lib.cc.orig 2022-02-20 15:21:13.279471000 -0800
++++ plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/network/xcom_network_provider_ssl_native_lib.cc 2022-02-20 15:22:02.451078000 -0800
+@@ -318,6 +318,7 @@
+
+ #define OPENSSL_ERROR_LENGTH 512
+ static int configure_ssl_fips_mode(const int fips_mode) {
++#ifndef LIBRESSL_VERSION_NUMBER
+ int rc = -1;
+ int fips_mode_old = -1;
+ char err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
+@@ -338,6 +339,9 @@
+ }
+ EXIT:
+ return rc;
++# else
++ return -1;
++# endif
+ }
+
+ static int configure_ssl_ca(SSL_CTX *ssl_ctx, const char *ca_file,
diff --git a/databases/mysql80-server/files/patch-vio_viosslfactories.cc b/databases/mysql80-server/files/patch-vio_viosslfactories.cc
index 06cc1f909f4f..2e0fb5d55fe6 100644
--- a/databases/mysql80-server/files/patch-vio_viosslfactories.cc
+++ b/databases/mysql80-server/files/patch-vio_viosslfactories.cc
@@ -1,5 +1,5 @@
---- vio/viosslfactories.cc.orig 2021-12-17 16:07:27 UTC
-+++ vio/viosslfactories.cc
+--- vio/viosslfactories.cc.orig 2021-12-17 08:07:27.000000000 -0800
++++ vio/viosslfactories.cc 2022-02-20 11:48:11.223957000 -0800
@@ -40,6 +40,7 @@
#include "vio/vio_priv.h"
@@ -8,7 +8,7 @@
#if OPENSSL_VERSION_NUMBER < 0x10002000L
#include <openssl/ec.h>
-@@ -472,6 +473,7 @@ void ssl_start() {
+@@ -472,6 +473,7 @@
}
}
@@ -16,7 +16,7 @@
/**
Set fips mode in openssl library,
When we set fips mode ON/STRICT, it will perform following operations:
-@@ -525,6 +527,7 @@ EXIT:
+@@ -525,6 +527,7 @@
@returns openssl current fips mode
*/
uint get_fips_mode() { return FIPS_mode(); }
@@ -24,7 +24,24 @@
/**
Toggle FIPS mode, to see whether it is available with the current SSL library.
-@@ -545,7 +548,7 @@ long process_tls_version(const char *tls_version) {
+@@ -532,6 +535,7 @@
+ @retval non-zero: FIPS is supported.
+ */
+ int test_ssl_fips_mode(char *err_string) {
++#ifndef LIBRESSL_VERSION_NUMBER
+ int ret = FIPS_mode_set(FIPS_mode() == 0 ? 1 : 0);
+ unsigned long err = (ret == 0) ? ERR_get_error() : 0;
+
+@@ -539,13 +543,16 @@
+ ERR_error_string_n(err, err_string, OPENSSL_ERROR_LENGTH - 1);
+ }
+ return ret;
++#else
++ return 0;
++#endif
+ }
+
+ long process_tls_version(const char *tls_version) {
const char *separator = ",";
char *token, *lasts = nullptr;
@@ -33,7 +50,7 @@
const char *tls_version_name_list[] = {"TLSv1.2", "TLSv1.3"};
const char ctx_flag_default[] = "TLSv1.2,TLSv1.3";
const long tls_ctx_list[] = {SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3};
-@@ -623,7 +626,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
+@@ -623,7 +630,7 @@
ssl_ctx_options = (ssl_ctx_options | ssl_ctx_flags) &
(SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2
@@ -42,7 +59,7 @@
| SSL_OP_NO_TLSv1_3
#endif /* HAVE_TLSv13 */
| SSL_OP_NO_TICKET);
-@@ -632,7 +635,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
+@@ -632,7 +639,7 @@
return nullptr;
if (!(ssl_fd->ssl_context = SSL_CTX_new(is_client ?
@@ -51,7 +68,7 @@
TLS_client_method()
: TLS_server_method()
#else /* HAVE_TLSv13 */
-@@ -647,7 +650,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
+@@ -647,7 +654,7 @@
return nullptr;
}