diff options
Diffstat (limited to 'databases/mysql80-server/files/patch-vio_viosslfactories.cc')
| -rw-r--r-- | databases/mysql80-server/files/patch-vio_viosslfactories.cc | 45 |
1 files changed, 6 insertions, 39 deletions
diff --git a/databases/mysql80-server/files/patch-vio_viosslfactories.cc b/databases/mysql80-server/files/patch-vio_viosslfactories.cc index 2e0fb5d55fe6..2882353d79f0 100644 --- a/databases/mysql80-server/files/patch-vio_viosslfactories.cc +++ b/databases/mysql80-server/files/patch-vio_viosslfactories.cc @@ -1,5 +1,5 @@ ---- vio/viosslfactories.cc.orig 2021-12-17 08:07:27.000000000 -0800 -+++ vio/viosslfactories.cc 2022-02-20 11:48:11.223957000 -0800 +--- vio/viosslfactories.cc.orig 2022-07-06 21:36:34 UTC ++++ vio/viosslfactories.cc @@ -40,6 +40,7 @@ #include "vio/vio_priv.h" @@ -8,40 +8,7 @@ #if OPENSSL_VERSION_NUMBER < 0x10002000L #include <openssl/ec.h> -@@ -472,6 +473,7 @@ - } - } - -+#ifndef LIBRESSL_VERSION_NUMBER - /** - Set fips mode in openssl library, - When we set fips mode ON/STRICT, it will perform following operations: -@@ -525,6 +527,7 @@ - @returns openssl current fips mode - */ - uint get_fips_mode() { return FIPS_mode(); } -+#endif - - /** - Toggle FIPS mode, to see whether it is available with the current SSL library. -@@ -532,6 +535,7 @@ - @retval non-zero: FIPS is supported. - */ - int test_ssl_fips_mode(char *err_string) { -+#ifndef LIBRESSL_VERSION_NUMBER - int ret = FIPS_mode_set(FIPS_mode() == 0 ? 1 : 0); - unsigned long err = (ret == 0) ? ERR_get_error() : 0; - -@@ -539,13 +543,16 @@ - ERR_error_string_n(err, err_string, OPENSSL_ERROR_LENGTH - 1); - } - return ret; -+#else -+ return 0; -+#endif - } - - long process_tls_version(const char *tls_version) { +@@ -484,7 +485,7 @@ long process_tls_version(const char *tls_version) { const char *separator = ","; char *token, *lasts = nullptr; @@ -50,7 +17,7 @@ const char *tls_version_name_list[] = {"TLSv1.2", "TLSv1.3"}; const char ctx_flag_default[] = "TLSv1.2,TLSv1.3"; const long tls_ctx_list[] = {SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3}; -@@ -623,7 +630,7 @@ +@@ -559,7 +560,7 @@ static struct st_VioSSLFd *new_VioSSLFd( ssl_ctx_options = (ssl_ctx_options | ssl_ctx_flags) & (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 @@ -59,7 +26,7 @@ | SSL_OP_NO_TLSv1_3 #endif /* HAVE_TLSv13 */ | SSL_OP_NO_TICKET); -@@ -632,7 +639,7 @@ +@@ -568,7 +569,7 @@ static struct st_VioSSLFd *new_VioSSLFd( return nullptr; if (!(ssl_fd->ssl_context = SSL_CTX_new(is_client ? @@ -68,7 +35,7 @@ TLS_client_method() : TLS_server_method() #else /* HAVE_TLSv13 */ -@@ -647,7 +654,7 @@ +@@ -583,7 +584,7 @@ static struct st_VioSSLFd *new_VioSSLFd( return nullptr; } |