MFH: r528272

This fix a Problem, when MySQL build with libressl

/var/ports/usr/ports/databases/mysql56-client/work/mysql-5.6.47/vio/viosslfactories.c:230:25: error: use of undeclared identifier 'SSL_OP_NO_TLSv1_3'
                        SSL_OP_NO_TLSv1_3 |
                        ^
/var/ports/usr/ports/databases/mysql56-client/work/mysql-5.6.47/vio/viosslfactories.c:275:12: warning: implicit declaration of function 'SSL_CTX_set_ciphersuites' is invalid in C99 [-Wimplicit-function-declaration]
  if (0 == SSL_CTX_set_ciphersuites(ssl_fd->ssl_context, ""))

Special thanks for his help to: fluffy

PR:		244320
Sponsored by:	Netzkommune GmbH

Approved by:	ports-secteam (joneum)
This commit is contained in:
Jochen Neumeister 2020-03-12 07:47:46 +00:00
parent 5cfd4e8b48
commit 25f1ebfadd
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/branches/2020Q1/; revision=528273
16 changed files with 426 additions and 6 deletions

View File

@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= mysql
PORTREVISION= 0
PORTREVISION= 1
PKGNAMESUFFIX= 56-client
COMMENT= Multithreaded SQL database (client)

View File

@ -1,11 +1,25 @@
--- cmake/ssl.cmake.orig 2016-11-28 13:36:22 UTC
--- cmake/ssl.cmake.orig 2019-11-26 16:53:45 UTC
+++ cmake/ssl.cmake
@@ -176,7 +176,7 @@ MACRO (MYSQL_CHECK_SSL)
@@ -189,13 +189,20 @@ MACRO (MYSQL_CHECK_SSL)
OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
)
ENDIF()
- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+ IF(HAVE_TLS1_3_VERSION)
ADD_DEFINITIONS(-DHAVE_TLSv13)
ENDIF()
IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND
CRYPTO_LIBRARY AND
- OPENSSL_MAJOR_VERSION STREQUAL "1"
+ OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1"
+ )
+ SET(OPENSSL_FOUND TRUE)
+ ELSEIF(OPENSSL_INCLUDE_DIR AND
+ OPENSSL_LIBRARY AND
+ CRYPTO_LIBRARY AND
+ OPENSSL_MAJOR_VERSION STREQUAL "2"
)
SET(OPENSSL_FOUND TRUE)
ELSE()

View File

@ -0,0 +1,74 @@
--- mysys_ssl/my_aes_openssl.cc.orig 2019-11-26 16:53:45 UTC
+++ mysys_ssl/my_aes_openssl.cc
@@ -120,7 +120,7 @@ int my_aes_encrypt(const unsigned char *source, uint32
const unsigned char *key, uint32 key_length,
enum my_aes_opmode mode, const unsigned char *iv)
{
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX stack_ctx;
EVP_CIPHER_CTX *ctx= &stack_ctx;
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -135,7 +135,7 @@ int my_aes_encrypt(const unsigned char *source, uint32
if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv))
return MY_AES_BAD_DATA;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_init(ctx);
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -148,7 +148,7 @@ int my_aes_encrypt(const unsigned char *source, uint32
if (!EVP_EncryptFinal(ctx, dest + u_len, &f_len))
goto aes_error; /* Error */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_cleanup(ctx);
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
EVP_CIPHER_CTX_free(ctx);
@@ -158,7 +158,7 @@ int my_aes_encrypt(const unsigned char *source, uint32
aes_error:
/* need to explicitly clean up the error if we want to ignore it */
ERR_clear_error();
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_cleanup(ctx);
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
EVP_CIPHER_CTX_free(ctx);
@@ -172,7 +172,7 @@ int my_aes_decrypt(const unsigned char *source, uint32
const unsigned char *key, uint32 key_length,
enum my_aes_opmode mode, const unsigned char *iv)
{
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX stack_ctx;
EVP_CIPHER_CTX *ctx= &stack_ctx;
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -188,7 +188,7 @@ int my_aes_decrypt(const unsigned char *source, uint32
if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv))
return MY_AES_BAD_DATA;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_init(ctx);
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -201,7 +201,7 @@ int my_aes_decrypt(const unsigned char *source, uint32
if (!EVP_DecryptFinal_ex(ctx, dest + u_len, &f_len))
goto aes_error; /* Error */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_cleanup(ctx);
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
EVP_CIPHER_CTX_free(ctx);
@@ -211,7 +211,7 @@ int my_aes_decrypt(const unsigned char *source, uint32
aes_error:
/* need to explicitly clean up the error if we want to ignore it */
ERR_clear_error();
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_cleanup(ctx);
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
EVP_CIPHER_CTX_free(ctx);

View File

@ -0,0 +1,15 @@
--- sql-common/client.c.orig 2019-11-26 16:53:45 UTC
+++ sql-common/client.c
@@ -1980,7 +1980,11 @@ static int ssl_verify_server_cert(Vio *vio, const char
goto error;
}
- cn= (char *) ASN1_STRING_data(cn_asn1);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ cn= (const char *) ASN1_STRING_data(cn_asn1);
+#else
+ cn= (const char *) ASN1_STRING_get0_data(cn_asn1);
+#endif
// There should not be any NULL embedded in the CN
if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn))

View File

@ -0,0 +1,65 @@
--- sql/mysqld.cc.orig 2019-11-26 16:53:45 UTC
+++ sql/mysqld.cc
@@ -1258,7 +1258,7 @@ char *opt_ssl_ca= NULL, *opt_ssl_capath= NULL, *opt_ss
*opt_ssl_crlpath= NULL;
#ifdef HAVE_OPENSSL
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#include <openssl/crypto.h>
typedef struct CRYPTO_dynlock_value
{
@@ -2029,7 +2029,7 @@ static void clean_up_mutexes()
mysql_mutex_destroy(&LOCK_connection_count);
#ifdef HAVE_OPENSSL
mysql_mutex_destroy(&LOCK_des_key_file);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
for (int i= 0; i < CRYPTO_num_locks(); ++i)
mysql_rwlock_destroy(&openssl_stdlocks[i].lock);
OPENSSL_free(openssl_stdlocks);
@@ -2768,7 +2768,7 @@ bool one_thread_per_connection_end(THD *thd, bool bloc
// Clean up errors now, before possibly waiting for a new connection.
#ifndef EMBEDDED_LIBRARY
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
ERR_remove_thread_state(0);
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
#endif
@@ -4252,7 +4252,7 @@ static int init_thread_environment()
#ifdef HAVE_OPENSSL
mysql_mutex_init(key_LOCK_des_key_file,
&LOCK_des_key_file, MY_MUTEX_INIT_FAST);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
openssl_stdlocks= (openssl_lock_t*) OPENSSL_malloc(CRYPTO_num_locks() *
sizeof(openssl_lock_t));
for (int i= 0; i < CRYPTO_num_locks(); ++i)
@@ -4301,7 +4301,7 @@ static int init_thread_environment()
OpenSSL 1.1 supports native platform threads,
so we don't need the following callback functions.
*/
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
static unsigned long openssl_id_function()
{
@@ -4375,7 +4375,7 @@ static void openssl_lock(int mode, openssl_lock_t *loc
static int init_ssl()
{
#ifdef HAVE_OPENSSL
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
CRYPTO_malloc_init();
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
OPENSSL_malloc_init();
@@ -4392,7 +4392,7 @@ static int init_ssl()
opt_ssl_cipher, &error,
opt_ssl_crl, opt_ssl_crlpath);
DBUG_PRINT("info",("ssl_acceptor_fd: 0x%lx", (long) ssl_acceptor_fd));
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
ERR_remove_thread_state(0);
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
if (!ssl_acceptor_fd)

View File

@ -0,0 +1,11 @@
--- vio/vio.c.orig 2019-11-26 16:53:45 UTC
+++ vio/vio.c
@@ -394,7 +394,7 @@ void vio_end(void)
{
#if defined(HAVE_OPENSSL)
// This one is needed on the client side
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
ERR_remove_thread_state(0);
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
ERR_free_strings();

View File

@ -0,0 +1,11 @@
--- vio/viossl.c.orig 2019-11-26 16:53:45 UTC
+++ vio/viossl.c
@@ -403,7 +403,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
for (j = 0; j < n; j++)
{
SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
DBUG_PRINT("info", (" %d: %s\n", c->id, c->name));
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
DBUG_PRINT("info", (" %d: %s\n", SSL_COMP_get_id(c), SSL_COMP_get0_name(c)));

View File

@ -0,0 +1,20 @@
--- vio/viosslfactories.c.orig 2019-11-26 16:53:45 UTC
+++ vio/viosslfactories.c
@@ -91,7 +91,7 @@ static DH *get_dh2048(void)
DH_free(dh);
return NULL;
}
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
dh->p= p;
dh->g= g;
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -250,7 +250,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
DBUG_RETURN(0);
if (!(ssl_fd->ssl_context= SSL_CTX_new(is_client ?
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
SSLv23_client_method() :
SSLv23_server_method()
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */

View File

@ -3,7 +3,7 @@
PORTNAME?= mysql
PORTVERSION= 5.6.47
PORTREVISION?= 0
PORTREVISION?= 1
CATEGORIES= databases
MASTER_SITES= MYSQL/MySQL-5.6
PKGNAMESUFFIX?= 56-server

View File

@ -1,11 +1,25 @@
--- cmake/ssl.cmake.orig 2016-11-28 13:36:22 UTC
--- cmake/ssl.cmake.orig 2019-11-26 16:53:45 UTC
+++ cmake/ssl.cmake
@@ -176,7 +176,7 @@ MACRO (MYSQL_CHECK_SSL)
@@ -189,13 +189,20 @@ MACRO (MYSQL_CHECK_SSL)
OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
)
ENDIF()
- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+ IF(HAVE_TLS1_3_VERSION)
ADD_DEFINITIONS(-DHAVE_TLSv13)
ENDIF()
IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND
CRYPTO_LIBRARY AND
- OPENSSL_MAJOR_VERSION STREQUAL "1"
+ OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1"
+ )
+ SET(OPENSSL_FOUND TRUE)
+ ELSEIF(OPENSSL_INCLUDE_DIR AND
+ OPENSSL_LIBRARY AND
+ CRYPTO_LIBRARY AND
+ OPENSSL_MAJOR_VERSION STREQUAL "2"
)
SET(OPENSSL_FOUND TRUE)
ELSE()

View File

@ -0,0 +1,74 @@
--- mysys_ssl/my_aes_openssl.cc.orig 2019-11-26 16:53:45 UTC
+++ mysys_ssl/my_aes_openssl.cc
@@ -120,7 +120,7 @@ int my_aes_encrypt(const unsigned char *source, uint32
const unsigned char *key, uint32 key_length,
enum my_aes_opmode mode, const unsigned char *iv)
{
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX stack_ctx;
EVP_CIPHER_CTX *ctx= &stack_ctx;
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -135,7 +135,7 @@ int my_aes_encrypt(const unsigned char *source, uint32
if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv))
return MY_AES_BAD_DATA;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_init(ctx);
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -148,7 +148,7 @@ int my_aes_encrypt(const unsigned char *source, uint32
if (!EVP_EncryptFinal(ctx, dest + u_len, &f_len))
goto aes_error; /* Error */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_cleanup(ctx);
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
EVP_CIPHER_CTX_free(ctx);
@@ -158,7 +158,7 @@ int my_aes_encrypt(const unsigned char *source, uint32
aes_error:
/* need to explicitly clean up the error if we want to ignore it */
ERR_clear_error();
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_cleanup(ctx);
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
EVP_CIPHER_CTX_free(ctx);
@@ -172,7 +172,7 @@ int my_aes_decrypt(const unsigned char *source, uint32
const unsigned char *key, uint32 key_length,
enum my_aes_opmode mode, const unsigned char *iv)
{
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX stack_ctx;
EVP_CIPHER_CTX *ctx= &stack_ctx;
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -188,7 +188,7 @@ int my_aes_decrypt(const unsigned char *source, uint32
if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv))
return MY_AES_BAD_DATA;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_init(ctx);
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -201,7 +201,7 @@ int my_aes_decrypt(const unsigned char *source, uint32
if (!EVP_DecryptFinal_ex(ctx, dest + u_len, &f_len))
goto aes_error; /* Error */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_cleanup(ctx);
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
EVP_CIPHER_CTX_free(ctx);
@@ -211,7 +211,7 @@ int my_aes_decrypt(const unsigned char *source, uint32
aes_error:
/* need to explicitly clean up the error if we want to ignore it */
ERR_clear_error();
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_cleanup(ctx);
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
EVP_CIPHER_CTX_free(ctx);

View File

@ -0,0 +1,15 @@
--- sql-common/client.c.orig 2019-11-26 16:53:45 UTC
+++ sql-common/client.c
@@ -1980,7 +1980,11 @@ static int ssl_verify_server_cert(Vio *vio, const char
goto error;
}
- cn= (char *) ASN1_STRING_data(cn_asn1);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ cn= (const char *) ASN1_STRING_data(cn_asn1);
+#else
+ cn= (const char *) ASN1_STRING_get0_data(cn_asn1);
+#endif
// There should not be any NULL embedded in the CN
if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn))

View File

@ -0,0 +1,65 @@
--- sql/mysqld.cc.orig 2019-11-26 16:53:45 UTC
+++ sql/mysqld.cc
@@ -1258,7 +1258,7 @@ char *opt_ssl_ca= NULL, *opt_ssl_capath= NULL, *opt_ss
*opt_ssl_crlpath= NULL;
#ifdef HAVE_OPENSSL
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#include <openssl/crypto.h>
typedef struct CRYPTO_dynlock_value
{
@@ -2029,7 +2029,7 @@ static void clean_up_mutexes()
mysql_mutex_destroy(&LOCK_connection_count);
#ifdef HAVE_OPENSSL
mysql_mutex_destroy(&LOCK_des_key_file);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
for (int i= 0; i < CRYPTO_num_locks(); ++i)
mysql_rwlock_destroy(&openssl_stdlocks[i].lock);
OPENSSL_free(openssl_stdlocks);
@@ -2768,7 +2768,7 @@ bool one_thread_per_connection_end(THD *thd, bool bloc
// Clean up errors now, before possibly waiting for a new connection.
#ifndef EMBEDDED_LIBRARY
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
ERR_remove_thread_state(0);
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
#endif
@@ -4252,7 +4252,7 @@ static int init_thread_environment()
#ifdef HAVE_OPENSSL
mysql_mutex_init(key_LOCK_des_key_file,
&LOCK_des_key_file, MY_MUTEX_INIT_FAST);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
openssl_stdlocks= (openssl_lock_t*) OPENSSL_malloc(CRYPTO_num_locks() *
sizeof(openssl_lock_t));
for (int i= 0; i < CRYPTO_num_locks(); ++i)
@@ -4301,7 +4301,7 @@ static int init_thread_environment()
OpenSSL 1.1 supports native platform threads,
so we don't need the following callback functions.
*/
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
static unsigned long openssl_id_function()
{
@@ -4375,7 +4375,7 @@ static void openssl_lock(int mode, openssl_lock_t *loc
static int init_ssl()
{
#ifdef HAVE_OPENSSL
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
CRYPTO_malloc_init();
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
OPENSSL_malloc_init();
@@ -4392,7 +4392,7 @@ static int init_ssl()
opt_ssl_cipher, &error,
opt_ssl_crl, opt_ssl_crlpath);
DBUG_PRINT("info",("ssl_acceptor_fd: 0x%lx", (long) ssl_acceptor_fd));
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
ERR_remove_thread_state(0);
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
if (!ssl_acceptor_fd)

View File

@ -0,0 +1,11 @@
--- vio/vio.c.orig 2019-11-26 16:53:45 UTC
+++ vio/vio.c
@@ -394,7 +394,7 @@ void vio_end(void)
{
#if defined(HAVE_OPENSSL)
// This one is needed on the client side
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
ERR_remove_thread_state(0);
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
ERR_free_strings();

View File

@ -0,0 +1,11 @@
--- vio/viossl.c.orig 2019-11-26 16:53:45 UTC
+++ vio/viossl.c
@@ -403,7 +403,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
for (j = 0; j < n; j++)
{
SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
DBUG_PRINT("info", (" %d: %s\n", c->id, c->name));
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
DBUG_PRINT("info", (" %d: %s\n", SSL_COMP_get_id(c), SSL_COMP_get0_name(c)));

View File

@ -0,0 +1,20 @@
--- vio/viosslfactories.c.orig 2019-11-26 16:53:45 UTC
+++ vio/viosslfactories.c
@@ -91,7 +91,7 @@ static DH *get_dh2048(void)
DH_free(dh);
return NULL;
}
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
dh->p= p;
dh->g= g;
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -250,7 +250,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
DBUG_RETURN(0);
if (!(ssl_fd->ssl_context= SSL_CTX_new(is_client ?
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
SSLv23_client_method() :
SSLv23_server_method()
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */