sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-06-07 05:40:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
ports/databases/mysql80-client/files/patch-vio_viosslfactories.cc
Mahdi Mokhtari acca27b6ca databases/mysql80-{client,server}: Upgrade the ports to GA version 8.0.11 
Fix build with LibreSSL and OpenSSL-devel ports as well

MySQL 8.0.11 is the General Availability (GA) version of MySQL 8.
MySQL since this version supports FIPS-mode, if compiled using OpenSSL, AND
    an OpenSSL library and FIPS Object Module are available at runtime.
    FIPS mode imposes conditions on cryptographic operations such as
    restrictions on acceptable encryption algorithms or requirements for longer key lengths.
    The --ssl-fips-mode client option enables control of FIPS mode on the client side for:
    mysql, mysqladmin, mysqlbinlog, mysqlcheck, mysqldump, mysqlimport, mysqlpump, ...
This update includes bugfixes including (not limited to):
-InnoDB: The server was stopped before a fatal error message
    was written to the error log.
-InnoDB: An incorrect GROUP BY result was returned when using the
    TempTable storage engine and a NO PAD collation.
-InnoDB: The data retrieved from INFORMATION_SCHEMA.INNODB_COLUMNS was
    incorrect for tables containing a virtual column.

Full Release-Notes are available at:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-11.html
2018-05-12 15:35:25 +00:00

47 lines
1.4 KiB
C++
Raw Blame History

--- vio/viosslfactories.cc.orig 2018-04-08 06:44:49 UTC
+++ vio/viosslfactories.cc
@@ -37,6 +37,7 @@
#ifdef HAVE_OPENSSL
#include <openssl/dh.h>
+#include <openssl/crypto.h>
#define TLS_VERSION_OPTION_SIZE 256
#define SSL_CIPHER_LIST_SIZE 4096
@@ -135,7 +136,7 @@ static DH *get_dh2048(void) {
BIGNUM *p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
BIGNUM *g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
if (!p || !g
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|| !DH_set0_pqg(dh, p, NULL, g)
#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
) {
@@ -426,7 +427,7 @@ void ssl_start() {
}
}
-#ifndef HAVE_WOLFSSL
+#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
/**
Set fips mode in openssl library,
When we set fips mode ON/STRICT, it will perform following operations:
@@ -449,6 +450,10 @@ int set_fips_mode(const uint fips_mode,
int rc = -1;
unsigned int fips_mode_old = -1;
unsigned long err_library = 0;
+#if defined(LIBRESSL_VERSION_NUMBER)
+ err_string="LibreSSL deosn't have FIPS_mode functionas";
+ goto EXIT;
+#else
if (fips_mode > 2) {
goto EXIT;
}
@@ -462,6 +467,7 @@ int set_fips_mode(const uint fips_mode,
ERR_error_string_n(err_library, err_string, OPENSSL_ERROR_LENGTH - 1);
err_string[OPENSSL_ERROR_LENGTH - 1] = '\0';
}
+#endif
EXIT:
return rc;
}
Reference in a new issue View git blame Copy permalink