mariadb/mariadb-openssl3.patch
2021-05-27 15:19:29 +02:00

164 lines
5.5 KiB
Diff

diff -rup mariadb-10.5.9-orig/mysql-test/main/tls_version1.opt mariadb-10.5.9/mysql-test/main/tls_version1.opt
--- mariadb-10.5.9-orig/mysql-test/main/tls_version1.opt 2021-05-19 18:52:49.627469097 +0200
+++ mariadb-10.5.9/mysql-test/main/tls_version1.opt 2021-05-21 22:34:44.131913619 +0200
@@ -1 +1 @@
---tls_version=TLSv1.0
+--tls_version=TLSv1.2
diff -rup mariadb-10.5.9-orig/mysql-test/main/tls_version1.result mariadb-10.5.9/mysql-test/main/tls_version1.result
--- mariadb-10.5.9-orig/mysql-test/main/tls_version1.result 2021-05-19 18:52:49.592468722 +0200
+++ mariadb-10.5.9/mysql-test/main/tls_version1.result 2021-05-21 22:34:44.131913619 +0200
@@ -1,6 +1,6 @@
Variable_name Value
-Ssl_version TLSv1
+Ssl_version TLSv1.2
Variable_name Value
-Ssl_version TLSv1
+Ssl_version TLSv1.2
@@tls_version
-TLSv1.0
+TLSv1.2
diff -rup mariadb-10.5.9-orig/mysql-test/main/tls_version1.test mariadb-10.5.9/mysql-test/main/tls_version1.test
--- mariadb-10.5.9-orig/mysql-test/main/tls_version1.test 2021-05-19 18:52:49.577468561 +0200
+++ mariadb-10.5.9/mysql-test/main/tls_version1.test 2021-05-21 22:34:44.131913619 +0200
@@ -3,10 +3,10 @@
-- source include/have_ssl_communication.inc
--exec $MYSQL --host=localhost --ssl -e "show status like 'ssl_version';"
---error 1
--exec $MYSQL --host=localhost --ssl --tls_version=TLSv1.2 -e "show status like 'ssl_version';"
--error 1
--exec $MYSQL --host=localhost --ssl --tls_version=TLSv1.1 -e "show status like 'ssl_version';"
+--error 1
--exec $MYSQL --host=localhost --ssl --tls_version=TLSv1.0 -e "show status like 'ssl_version';"
--exec $MYSQL --host=localhost --ssl -e "select @@tls_version;"
diff -rup mariadb-10.5.9-orig/mysys_ssl/my_crypt.cc mariadb-10.5.9/mysys_ssl/my_crypt.cc
--- mariadb-10.5.9-orig/mysys_ssl/my_crypt.cc 2021-05-19 18:52:49.167464162 +0200
+++ mariadb-10.5.9/mysys_ssl/my_crypt.cc 2021-05-21 22:34:44.132913630 +0200
@@ -38,22 +38,14 @@
class MyCTX
{
public:
- char ctx_buf[EVP_CIPHER_CTX_SIZE + CTX_ALIGN];
- EVP_CIPHER_CTX* ctx;
+ EVP_CIPHER_CTX* ctx= NULL;
MyCTX()
{
-#if CTX_ALIGN > 0
- uintptr_t p= ((uintptr_t)ctx_buf + (CTX_ALIGN - 1)) & ~(CTX_ALIGN - 1);
- ctx = reinterpret_cast<EVP_CIPHER_CTX*>(p);
-#else
- ctx = (EVP_CIPHER_CTX*)ctx_buf;
-#endif
-
- EVP_CIPHER_CTX_init(ctx);
+ ctx = EVP_CIPHER_CTX_new();
}
virtual ~MyCTX()
{
- EVP_CIPHER_CTX_reset(ctx);
+ EVP_CIPHER_CTX_free(ctx);
ERR_remove_state(0);
}
diff -rup mariadb-10.5.9-orig/mysys_ssl/my_md5.cc mariadb-10.5.9/mysys_ssl/my_md5.cc
--- mariadb-10.5.9-orig/mysys_ssl/my_md5.cc 2021-05-19 18:52:49.167464162 +0200
+++ mariadb-10.5.9/mysys_ssl/my_md5.cc 2021-05-24 15:25:11.365769072 +0200
@@ -52,12 +52,13 @@ static void md5_result(EVP_MD_CTX *conte
static void md5_init(EVP_MD_CTX *context)
{
- EVP_MD_CTX_init(context);
+ const EVP_MD *md;
#ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW
/* Ok to ignore FIPS: MD5 is not used for crypto here */
EVP_MD_CTX_set_flags(context, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
#endif
- EVP_DigestInit_ex(context, EVP_md5(), NULL);
+ md = EVP_get_digestbyname("MD5");
+ EVP_DigestInit_ex(context, md, NULL);
}
static void md5_input(EVP_MD_CTX *context, const uchar *buf, unsigned len)
@@ -68,7 +69,6 @@ static void md5_input(EVP_MD_CTX *contex
static void md5_result(EVP_MD_CTX *context, uchar digest[MD5_HASH_SIZE])
{
EVP_DigestFinal_ex(context, digest, NULL);
- EVP_MD_CTX_reset(context);
}
#endif /* HAVE_WOLFSSL */
@@ -84,11 +84,13 @@ static void md5_result(EVP_MD_CTX *conte
*/
void my_md5(uchar *digest, const char *buf, size_t len)
{
- char ctx_buf[EVP_MD_CTX_SIZE];
- EVP_MD_CTX * const ctx= (EVP_MD_CTX*)ctx_buf;
+ EVP_MD_CTX * const ctx= EVP_MD_CTX_new();
+
md5_init(ctx);
md5_input(ctx, (const uchar *)buf, (uint) len);
md5_result(ctx, digest);
+
+ EVP_MD_CTX_free(ctx);
}
@@ -108,8 +110,7 @@ void my_md5_multi(uchar *digest, ...)
{
va_list args;
const uchar *str;
- char ctx_buf[EVP_MD_CTX_SIZE];
- EVP_MD_CTX * const ctx= (EVP_MD_CTX*)ctx_buf;
+ EVP_MD_CTX * const ctx= EVP_MD_CTX_new();
va_start(args, digest);
md5_init(ctx);
@@ -118,6 +119,7 @@ void my_md5_multi(uchar *digest, ...)
md5_result(ctx, digest);
va_end(args);
+ EVP_MD_CTX_free(ctx);
}
size_t my_md5_context_size()
Only in mariadb-10.5.9-orig/mysys_ssl: my_md5.cc.patchmd5
diff -rup mariadb-10.5.9-orig/mysys_ssl/my_sha.ic mariadb-10.5.9/mysys_ssl/my_sha.ic
--- mariadb-10.5.9-orig/mysys_ssl/my_sha.ic 2021-05-19 18:52:49.167464162 +0200
+++ mariadb-10.5.9/mysys_ssl/my_sha.ic 2021-05-21 22:34:44.132913630 +0200
@@ -146,11 +146,11 @@ static void sha_result(CONTEXT *context,
*/
void my_sha(uchar *digest, const char *buf, size_t len)
{
- CONTEXT context;
+ CONTEXT *context= (CONTEXT *)alloca(sizeof(CONTEXT));
- sha_init_fast(&context);
- sha_input(&context, (const uchar *)buf, (unsigned int)len);
- sha_result(&context, digest);
+ sha_init_fast(context);
+ sha_input(context, (const uchar *)buf, (unsigned int)len);
+ sha_result(context, digest);
}
@@ -171,14 +171,14 @@ void my_sha_multi(uchar *digest, ...)
va_list args;
va_start(args, digest);
- CONTEXT context;
+ CONTEXT *context= (CONTEXT *)alloca(sizeof(CONTEXT));
const uchar *str;
- sha_init_fast(&context);
+ sha_init_fast(context);
for (str= va_arg(args, const uchar*); str; str= va_arg(args, const uchar*))
- sha_input(&context, str, (uint) va_arg(args, size_t));
+ sha_input(context, str, (uint) va_arg(args, size_t));
- sha_result(&context, digest);
+ sha_result(context, digest);
va_end(args);
}