Honza Horak
parent
6d39bc1dbb
commit
0a14bc58a2
163
mariadb-openssl3.patch
Normal file
163
mariadb-openssl3.patch
Normal file
@ -0,0 +1,163 @@
|
||||
diff -rup mariadb-10.5.9-orig/mysql-test/main/tls_version1.opt mariadb-10.5.9/mysql-test/main/tls_version1.opt
|
||||
--- mariadb-10.5.9-orig/mysql-test/main/tls_version1.opt 2021-05-19 18:52:49.627469097 +0200
|
||||
+++ mariadb-10.5.9/mysql-test/main/tls_version1.opt 2021-05-21 22:34:44.131913619 +0200
|
||||
@@ -1 +1 @@
|
||||
---tls_version=TLSv1.0
|
||||
+--tls_version=TLSv1.2
|
||||
diff -rup mariadb-10.5.9-orig/mysql-test/main/tls_version1.result mariadb-10.5.9/mysql-test/main/tls_version1.result
|
||||
--- mariadb-10.5.9-orig/mysql-test/main/tls_version1.result 2021-05-19 18:52:49.592468722 +0200
|
||||
+++ mariadb-10.5.9/mysql-test/main/tls_version1.result 2021-05-21 22:34:44.131913619 +0200
|
||||
@@ -1,6 +1,6 @@
|
||||
Variable_name Value
|
||||
-Ssl_version TLSv1
|
||||
+Ssl_version TLSv1.2
|
||||
Variable_name Value
|
||||
-Ssl_version TLSv1
|
||||
+Ssl_version TLSv1.2
|
||||
@@tls_version
|
||||
-TLSv1.0
|
||||
+TLSv1.2
|
||||
diff -rup mariadb-10.5.9-orig/mysql-test/main/tls_version1.test mariadb-10.5.9/mysql-test/main/tls_version1.test
|
||||
--- mariadb-10.5.9-orig/mysql-test/main/tls_version1.test 2021-05-19 18:52:49.577468561 +0200
|
||||
+++ mariadb-10.5.9/mysql-test/main/tls_version1.test 2021-05-21 22:34:44.131913619 +0200
|
||||
@@ -3,10 +3,10 @@
|
||||
|
||||
-- source include/have_ssl_communication.inc
|
||||
--exec $MYSQL --host=localhost --ssl -e "show status like 'ssl_version';"
|
||||
---error 1
|
||||
--exec $MYSQL --host=localhost --ssl --tls_version=TLSv1.2 -e "show status like 'ssl_version';"
|
||||
--error 1
|
||||
--exec $MYSQL --host=localhost --ssl --tls_version=TLSv1.1 -e "show status like 'ssl_version';"
|
||||
+--error 1
|
||||
--exec $MYSQL --host=localhost --ssl --tls_version=TLSv1.0 -e "show status like 'ssl_version';"
|
||||
--exec $MYSQL --host=localhost --ssl -e "select @@tls_version;"
|
||||
|
||||
diff -rup mariadb-10.5.9-orig/mysys_ssl/my_crypt.cc mariadb-10.5.9/mysys_ssl/my_crypt.cc
|
||||
--- mariadb-10.5.9-orig/mysys_ssl/my_crypt.cc 2021-05-19 18:52:49.167464162 +0200
|
||||
+++ mariadb-10.5.9/mysys_ssl/my_crypt.cc 2021-05-21 22:34:44.132913630 +0200
|
||||
@@ -38,22 +38,14 @@
|
||||
class MyCTX
|
||||
{
|
||||
public:
|
||||
- char ctx_buf[EVP_CIPHER_CTX_SIZE + CTX_ALIGN];
|
||||
- EVP_CIPHER_CTX* ctx;
|
||||
+ EVP_CIPHER_CTX* ctx= NULL;
|
||||
MyCTX()
|
||||
{
|
||||
-#if CTX_ALIGN > 0
|
||||
- uintptr_t p= ((uintptr_t)ctx_buf + (CTX_ALIGN - 1)) & ~(CTX_ALIGN - 1);
|
||||
- ctx = reinterpret_cast<EVP_CIPHER_CTX*>(p);
|
||||
-#else
|
||||
- ctx = (EVP_CIPHER_CTX*)ctx_buf;
|
||||
-#endif
|
||||
-
|
||||
- EVP_CIPHER_CTX_init(ctx);
|
||||
+ ctx = EVP_CIPHER_CTX_new();
|
||||
}
|
||||
virtual ~MyCTX()
|
||||
{
|
||||
- EVP_CIPHER_CTX_reset(ctx);
|
||||
+ EVP_CIPHER_CTX_free(ctx);
|
||||
ERR_remove_state(0);
|
||||
}
|
||||
|
||||
diff -rup mariadb-10.5.9-orig/mysys_ssl/my_md5.cc mariadb-10.5.9/mysys_ssl/my_md5.cc
|
||||
--- mariadb-10.5.9-orig/mysys_ssl/my_md5.cc 2021-05-19 18:52:49.167464162 +0200
|
||||
+++ mariadb-10.5.9/mysys_ssl/my_md5.cc 2021-05-24 15:25:11.365769072 +0200
|
||||
@@ -52,12 +52,13 @@ static void md5_result(EVP_MD_CTX *conte
|
||||
|
||||
static void md5_init(EVP_MD_CTX *context)
|
||||
{
|
||||
- EVP_MD_CTX_init(context);
|
||||
+ const EVP_MD *md;
|
||||
#ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW
|
||||
/* Ok to ignore FIPS: MD5 is not used for crypto here */
|
||||
EVP_MD_CTX_set_flags(context, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
|
||||
#endif
|
||||
- EVP_DigestInit_ex(context, EVP_md5(), NULL);
|
||||
+ md = EVP_get_digestbyname("MD5");
|
||||
+ EVP_DigestInit_ex(context, md, NULL);
|
||||
}
|
||||
|
||||
static void md5_input(EVP_MD_CTX *context, const uchar *buf, unsigned len)
|
||||
@@ -68,7 +69,6 @@ static void md5_input(EVP_MD_CTX *contex
|
||||
static void md5_result(EVP_MD_CTX *context, uchar digest[MD5_HASH_SIZE])
|
||||
{
|
||||
EVP_DigestFinal_ex(context, digest, NULL);
|
||||
- EVP_MD_CTX_reset(context);
|
||||
}
|
||||
|
||||
#endif /* HAVE_WOLFSSL */
|
||||
@@ -84,11 +84,13 @@ static void md5_result(EVP_MD_CTX *conte
|
||||
*/
|
||||
void my_md5(uchar *digest, const char *buf, size_t len)
|
||||
{
|
||||
- char ctx_buf[EVP_MD_CTX_SIZE];
|
||||
- EVP_MD_CTX * const ctx= (EVP_MD_CTX*)ctx_buf;
|
||||
+ EVP_MD_CTX * const ctx= EVP_MD_CTX_new();
|
||||
+
|
||||
md5_init(ctx);
|
||||
md5_input(ctx, (const uchar *)buf, (uint) len);
|
||||
md5_result(ctx, digest);
|
||||
+
|
||||
+ EVP_MD_CTX_free(ctx);
|
||||
}
|
||||
|
||||
|
||||
@@ -108,8 +110,7 @@ void my_md5_multi(uchar *digest, ...)
|
||||
{
|
||||
va_list args;
|
||||
const uchar *str;
|
||||
- char ctx_buf[EVP_MD_CTX_SIZE];
|
||||
- EVP_MD_CTX * const ctx= (EVP_MD_CTX*)ctx_buf;
|
||||
+ EVP_MD_CTX * const ctx= EVP_MD_CTX_new();
|
||||
va_start(args, digest);
|
||||
|
||||
md5_init(ctx);
|
||||
@@ -118,6 +119,7 @@ void my_md5_multi(uchar *digest, ...)
|
||||
|
||||
md5_result(ctx, digest);
|
||||
va_end(args);
|
||||
+ EVP_MD_CTX_free(ctx);
|
||||
}
|
||||
|
||||
size_t my_md5_context_size()
|
||||
Only in mariadb-10.5.9-orig/mysys_ssl: my_md5.cc.patchmd5
|
||||
diff -rup mariadb-10.5.9-orig/mysys_ssl/my_sha.ic mariadb-10.5.9/mysys_ssl/my_sha.ic
|
||||
--- mariadb-10.5.9-orig/mysys_ssl/my_sha.ic 2021-05-19 18:52:49.167464162 +0200
|
||||
+++ mariadb-10.5.9/mysys_ssl/my_sha.ic 2021-05-21 22:34:44.132913630 +0200
|
||||
@@ -146,11 +146,11 @@ static void sha_result(CONTEXT *context,
|
||||
*/
|
||||
void my_sha(uchar *digest, const char *buf, size_t len)
|
||||
{
|
||||
- CONTEXT context;
|
||||
+ CONTEXT *context= (CONTEXT *)alloca(sizeof(CONTEXT));
|
||||
|
||||
- sha_init_fast(&context);
|
||||
- sha_input(&context, (const uchar *)buf, (unsigned int)len);
|
||||
- sha_result(&context, digest);
|
||||
+ sha_init_fast(context);
|
||||
+ sha_input(context, (const uchar *)buf, (unsigned int)len);
|
||||
+ sha_result(context, digest);
|
||||
}
|
||||
|
||||
|
||||
@@ -171,14 +171,14 @@ void my_sha_multi(uchar *digest, ...)
|
||||
va_list args;
|
||||
va_start(args, digest);
|
||||
|
||||
- CONTEXT context;
|
||||
+ CONTEXT *context= (CONTEXT *)alloca(sizeof(CONTEXT));
|
||||
const uchar *str;
|
||||
|
||||
- sha_init_fast(&context);
|
||||
+ sha_init_fast(context);
|
||||
for (str= va_arg(args, const uchar*); str; str= va_arg(args, const uchar*))
|
||||
- sha_input(&context, str, (uint) va_arg(args, size_t));
|
||||
+ sha_input(context, str, (uint) va_arg(args, size_t));
|
||||
|
||||
- sha_result(&context, digest);
|
||||
+ sha_result(context, digest);
|
||||
va_end(args);
|
||||
}
|
||||
|
||||
@ -161,7 +161,7 @@
|
||||
|
||||
Name: mariadb
|
||||
Version: 10.5.9
|
||||
Release: 8%{?with_debug:.debug}%{?dist}
|
||||
Release: 9%{?with_debug:.debug}%{?dist}
|
||||
Epoch: 3
|
||||
|
||||
Summary: A very fast and robust SQL database server
|
||||
@ -221,6 +221,8 @@ Patch10: %{pkgnamepatch}-ssl-cipher-tests.patch
|
||||
Patch11: %{pkgnamepatch}-pcdir.patch
|
||||
# Patch15: Add option to edit groonga's and groonga-normalizer-mysql install path
|
||||
Patch15: %{pkgnamepatch}-groonga.patch
|
||||
# Patch16: Fix openssl 3.0 compatibility at least partially (some tests still fail)
|
||||
Patch16: %{pkgnamepatch}-openssl3.patch
|
||||
|
||||
BuildRequires: make
|
||||
BuildRequires: cmake gcc-c++
|
||||
@ -766,6 +768,7 @@ rm -r storage/rocksdb/
|
||||
%patch10 -p1
|
||||
%patch11 -p1
|
||||
%patch15 -p1
|
||||
%patch16 -p1
|
||||
|
||||
# generate a list of tests that fail, but are not disabled by upstream
|
||||
cat %{SOURCE50} | tee -a mysql-test/unstable-tests
|
||||
@ -1680,6 +1683,10 @@ fi
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri May 21 2021 Honza Horak <hhorak@redhat.com> - 3:10.5.9-9
|
||||
- Fix OpenSSL 3.x compatibility
|
||||
Resolves: #1962047
|
||||
|
||||
* Mon May 03 2021 Michal Schorm <mschorm@redhat.com> - 3:10.5.9-8
|
||||
- Fix package Conflicts
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user