Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Brian Evans <grknight@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: dev-db/mysql-connector-c/files/, dev-db/mysql-connector-c/
Date: Wed, 02 May 2018 14:34:56
Message-Id: 1525271668.5d874ef4f478adbf245793017b1e6fc02f1e40a8.grknight@gentoo
1 commit: 5d874ef4f478adbf245793017b1e6fc02f1e40a8
2 Author: Brian Evans <grknight <AT> gentoo <DOT> org>
3 AuthorDate: Wed May 2 14:34:28 2018 +0000
4 Commit: Brian Evans <grknight <AT> gentoo <DOT> org>
5 CommitDate: Wed May 2 14:34:28 2018 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5d874ef4
7
8 dev-db/mysql-connector-c: Add openssl-1.1 compatibility patch
9
10 Closes: https://bugs.gentoo.org/606600
11 Package-Manager: Portage-2.3.31, Repoman-2.3.9
12
13 .../files/6.1.11-openssl-1.1.patch | 287 +++++++++++++++++++++
14 .../mysql-connector-c-6.1.11-r1.ebuild | 3 +-
15 2 files changed, 289 insertions(+), 1 deletion(-)
16
17 diff --git a/dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch b/dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch
18 new file mode 100644
19 index 00000000000..cbca14de60b
20 --- /dev/null
21 +++ b/dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch
22 @@ -0,0 +1,287 @@
23 +From 7961393dd45e4ad1cdc7544b4bba2e98a5d2760c Mon Sep 17 00:00:00 2001
24 +From: eroen <eroen@×××××××××××.eu>
25 +Date: Fri, 20 Jan 2017 14:43:53 +0100
26 +Subject: [PATCH] Don't use deprecated API with openssl 1.1
27 +
28 +If openssl 1.1.0 is built with `--api=1.1 disable-deprecated`, using
29 +deprecated APIs causes build errors.
30 +
31 +X-Gentoo-Bug: 606600
32 +X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=606600
33 +---
34 + mysys_ssl/my_aes_openssl.cc | 54 ++++++++++++++++++++++++++++++++-------------
35 + sql-common/client.c | 16 ++++++++++++--
36 + vio/viossl.c | 8 +++++++
37 + vio/viosslfactories.c | 23 +++++++++++++++++++
38 + 4 files changed, 84 insertions(+), 17 deletions(-)
39 +
40 +diff --git a/mysys_ssl/my_aes_openssl.cc b/mysys_ssl/my_aes_openssl.cc
41 +index 261ba8a..59a95e3 100644
42 +--- a/mysys_ssl/my_aes_openssl.cc
43 ++++ b/mysys_ssl/my_aes_openssl.cc
44 +@@ -22,6 +22,12 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
45 + #include <openssl/evp.h>
46 + #include <openssl/err.h>
47 + #include <openssl/bio.h>
48 ++#include <openssl/opensslv.h>
49 ++
50 ++#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
51 ++#undef OPENSSL_VERSION_NUMBER
52 ++#define OPENSSL_VERSION_NUMBER 0x1000107fL
53 ++#endif
54 +
55 + /*
56 + xplugin needs BIO_new_bio_pair, but the server does not.
57 +@@ -122,7 +128,7 @@ int my_aes_encrypt(const unsigned char *source, uint32 source_length,
58 + enum my_aes_opmode mode, const unsigned char *iv,
59 + bool padding)
60 + {
61 +- EVP_CIPHER_CTX ctx;
62 ++ EVP_CIPHER_CTX *ctx;
63 + const EVP_CIPHER *cipher= aes_evp_type(mode);
64 + int u_len, f_len;
65 + /* The real key to be used for encryption */
66 +@@ -132,23 +138,31 @@ int my_aes_encrypt(const unsigned char *source, uint32 source_length,
67 + if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv))
68 + return MY_AES_BAD_DATA;
69 +
70 +- if (!EVP_EncryptInit(&ctx, cipher, rkey, iv))
71 ++ if (!EVP_EncryptInit(ctx, cipher, rkey, iv))
72 + goto aes_error; /* Error */
73 +- if (!EVP_CIPHER_CTX_set_padding(&ctx, padding))
74 ++ if (!EVP_CIPHER_CTX_set_padding(ctx, padding))
75 + goto aes_error; /* Error */
76 +- if (!EVP_EncryptUpdate(&ctx, dest, &u_len, source, source_length))
77 ++ if (!EVP_EncryptUpdate(ctx, dest, &u_len, source, source_length))
78 + goto aes_error; /* Error */
79 +
80 +- if (!EVP_EncryptFinal(&ctx, dest + u_len, &f_len))
81 ++ if (!EVP_EncryptFinal(ctx, dest + u_len, &f_len))
82 + goto aes_error; /* Error */
83 +
84 +- EVP_CIPHER_CTX_cleanup(&ctx);
85 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L
86 ++ EVP_CIPHER_CTX_cleanup(ctx);
87 ++#else
88 ++ EVP_CIPHER_CTX_free(ctx);
89 ++#endif
90 + return u_len + f_len;
91 +
92 + aes_error:
93 + /* need to explicitly clean up the error if we want to ignore it */
94 + ERR_clear_error();
95 +- EVP_CIPHER_CTX_cleanup(&ctx);
96 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L
97 ++ EVP_CIPHER_CTX_cleanup(ctx);
98 ++#else
99 ++ EVP_CIPHER_CTX_free(ctx);
100 ++#endif
101 + return MY_AES_BAD_DATA;
102 + }
103 +
104 +@@ -159,7 +173,7 @@ int my_aes_decrypt(const unsigned char *source, uint32 source_length,
105 + bool padding)
106 + {
107 +
108 +- EVP_CIPHER_CTX ctx;
109 ++ EVP_CIPHER_CTX *ctx;
110 + const EVP_CIPHER *cipher= aes_evp_type(mode);
111 + int u_len, f_len;
112 +
113 +@@ -170,24 +184,34 @@ int my_aes_decrypt(const unsigned char *source, uint32 source_length,
114 + if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv))
115 + return MY_AES_BAD_DATA;
116 +
117 +- EVP_CIPHER_CTX_init(&ctx);
118 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L
119 ++ EVP_CIPHER_CTX_init(ctx);
120 ++#endif
121 +
122 +- if (!EVP_DecryptInit(&ctx, aes_evp_type(mode), rkey, iv))
123 ++ if (!EVP_DecryptInit(ctx, aes_evp_type(mode), rkey, iv))
124 + goto aes_error; /* Error */
125 +- if (!EVP_CIPHER_CTX_set_padding(&ctx, padding))
126 ++ if (!EVP_CIPHER_CTX_set_padding(ctx, padding))
127 + goto aes_error; /* Error */
128 +- if (!EVP_DecryptUpdate(&ctx, dest, &u_len, source, source_length))
129 ++ if (!EVP_DecryptUpdate(ctx, dest, &u_len, source, source_length))
130 + goto aes_error; /* Error */
131 +- if (!EVP_DecryptFinal_ex(&ctx, dest + u_len, &f_len))
132 ++ if (!EVP_DecryptFinal_ex(ctx, dest + u_len, &f_len))
133 + goto aes_error; /* Error */
134 +
135 +- EVP_CIPHER_CTX_cleanup(&ctx);
136 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L
137 ++ EVP_CIPHER_CTX_cleanup(ctx);
138 ++#else
139 ++ EVP_CIPHER_CTX_free(ctx);
140 ++#endif
141 + return u_len + f_len;
142 +
143 + aes_error:
144 + /* need to explicitly clean up the error if we want to ignore it */
145 + ERR_clear_error();
146 +- EVP_CIPHER_CTX_cleanup(&ctx);
147 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L
148 ++ EVP_CIPHER_CTX_cleanup(ctx);
149 ++#else
150 ++ EVP_CIPHER_CTX_free(ctx);
151 ++#endif
152 + return MY_AES_BAD_DATA;
153 + }
154 +
155 +diff --git a/sql-common/client.c b/sql-common/client.c
156 +index 9e88e9f..fe7daf7 100644
157 +--- a/sql-common/client.c
158 ++++ b/sql-common/client.c
159 +@@ -86,6 +86,14 @@ my_bool net_flush(NET *net);
160 + # include <sys/un.h>
161 + #endif
162 +
163 ++#ifdef HAVE_OPENSSL
164 ++#include <openssl/opensslv.h>
165 ++#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
166 ++#undef OPENSSL_VERSION_NUMBER
167 ++#define OPENSSL_VERSION_NUMBER 0x1000107fL
168 ++#endif
169 ++#endif
170 ++
171 + #ifndef _WIN32
172 + #include <errno.h>
173 + #define SOCKET_ERROR -1
174 +@@ -2685,7 +2693,7 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c
175 + {
176 + SSL *ssl;
177 + X509 *server_cert= NULL;
178 +- char *cn= NULL;
179 ++ const char *cn= NULL;
180 + int cn_loc= -1;
181 + ASN1_STRING *cn_asn1= NULL;
182 + X509_NAME_ENTRY *cn_entry= NULL;
183 +@@ -2757,7 +2765,11 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c
184 + goto error;
185 + }
186 +
187 +- cn= (char *) ASN1_STRING_data(cn_asn1);
188 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L
189 ++ cn= (const char *) ASN1_STRING_data(cn_asn1);
190 ++#else
191 ++ cn= (const char *) ASN1_STRING_get0_data(cn_asn1);
192 ++#endif
193 +
194 + // There should not be any NULL embedded in the CN
195 + if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn))
196 +diff --git a/vio/viossl.c b/vio/viossl.c
197 +index 5622cb7..94b0f09 100644
198 +--- a/vio/viossl.c
199 ++++ b/vio/viossl.c
200 +@@ -24,6 +24,12 @@
201 +
202 + #ifdef HAVE_OPENSSL
203 +
204 ++#include <openssl/opensslv.h>
205 ++#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
206 ++#undef OPENSSL_VERSION_NUMBER
207 ++#define OPENSSL_VERSION_NUMBER 0x1000107fL
208 ++#endif
209 ++
210 + #ifndef DBUG_OFF
211 +
212 + static void
213 +@@ -310,8 +316,10 @@ void vio_ssl_delete(Vio *vio)
214 + }
215 +
216 + #ifndef HAVE_YASSL
217 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L
218 + ERR_remove_thread_state(0);
219 + #endif
220 ++#endif
221 +
222 + vio_delete(vio);
223 + }
224 +diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
225 +index da5449a..87b30c3 100644
226 +--- a/vio/viosslfactories.c
227 ++++ b/vio/viosslfactories.c
228 +@@ -16,6 +16,14 @@
229 + #include "vio_priv.h"
230 +
231 + #ifdef HAVE_OPENSSL
232 ++#include <openssl/bn.h>
233 ++#include <openssl/dh.h>
234 ++#include <openssl/opensslv.h>
235 ++
236 ++#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
237 ++#undef OPENSSL_VERSION_NUMBER
238 ++#define OPENSSL_VERSION_NUMBER 0x1000107fL
239 ++#endif
240 +
241 + #define TLS_VERSION_OPTION_SIZE 256
242 + #define SSL_CIPHER_LIST_SIZE 4096
243 +@@ -121,10 +129,18 @@ static DH *get_dh2048(void)
244 + DH *dh;
245 + if ((dh=DH_new()))
246 + {
247 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L
248 + dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
249 + dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
250 + if (! dh->p || ! dh->g)
251 + {
252 ++#else
253 ++ if (! DH_set0_pqg(dh,
254 ++ BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL),
255 ++ BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL),
256 ++ NULL))
257 ++ {
258 ++#endif
259 + DH_free(dh);
260 + dh=0;
261 + }
262 +@@ -247,6 +263,8 @@ typedef struct CRYPTO_dynlock_value
263 + } openssl_lock_t;
264 +
265 +
266 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L
267 ++
268 + /* Array of locks used by openssl internally for thread synchronization.
269 + The number of locks is equal to CRYPTO_num_locks.
270 + */
271 +@@ -389,9 +407,11 @@ static void deinit_lock_callback_functions()
272 + {
273 + set_lock_callback_functions(FALSE);
274 + }
275 ++#endif
276 +
277 + void vio_ssl_end()
278 + {
279 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L
280 + int i= 0;
281 +
282 + if (ssl_initialized) {
283 +@@ -409,6 +429,7 @@ void vio_ssl_end()
284 +
285 + ssl_initialized= FALSE;
286 + }
287 ++#endif
288 + }
289 +
290 + #endif //OpenSSL specific
291 +@@ -419,6 +440,7 @@ void ssl_start()
292 + {
293 + ssl_initialized= TRUE;
294 +
295 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L
296 + SSL_library_init();
297 + OpenSSL_add_all_algorithms();
298 + SSL_load_error_strings();
299 +@@ -427,6 +449,7 @@ void ssl_start()
300 + init_ssl_locks();
301 + init_lock_callback_functions();
302 + #endif
303 ++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
304 + }
305 + }
306 +
307 +--
308 +2.11.0
309 +
310
311 diff --git a/dev-db/mysql-connector-c/mysql-connector-c-6.1.11-r1.ebuild b/dev-db/mysql-connector-c/mysql-connector-c-6.1.11-r1.ebuild
312 index 0895cd112ad..c865a0fc652 100644
313 --- a/dev-db/mysql-connector-c/mysql-connector-c-6.1.11-r1.ebuild
314 +++ b/dev-db/mysql-connector-c/mysql-connector-c-6.1.11-r1.ebuild
315 @@ -45,6 +45,7 @@ DOCS=( README )
316 PATCHES=(
317 "${FILESDIR}/mysql_com.patch"
318 "${FILESDIR}/20028_all_mysql-5.6-gcc7.patch"
319 + "${FILESDIR}/6.1.11-openssl-1.1.patch"
320 )
321
322 src_prepare() {
323 @@ -57,7 +58,7 @@ src_prepare() {
324 }
325
326 multilib_src_configure() {
327 - mycmakeargs+=(
328 + local mycmakeargs=(
329 -DINSTALL_LAYOUT=RPM
330 -DINSTALL_LIBDIR=$(get_libdir)
331 -DWITH_DEFAULT_COMPILER_OPTIONS=OFF
Report Message
Find on MARC Find on Google Groups