Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Thomas Deutschmann <whissi@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/mysql-extras:master commit in: /
Date: Sat, 17 Aug 2019 00:24:32
Message-Id: 1566001130.90814b24c49ca1d46a500200b33b6243835047ab.whissi@gentoo
1 commit: 90814b24c49ca1d46a500200b33b6243835047ab
2 Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3 AuthorDate: Sat Aug 17 00:18:50 2019 +0000
4 Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5 CommitDate: Sat Aug 17 00:18:50 2019 +0000
6 URL: https://gitweb.gentoo.org/proj/mysql-extras.git/commit/?id=90814b24
7
8 Add initial Percona-Server v8.0 patch set
9
10 Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>
11
12 ...na-server-8.0.16-without-clientlibs-tools.patch | 197 ++++++++++++++
13 ...ercona-server-8.0.16-fix-libressl-support.patch | 297 +++++++++++++++++++++
14 2 files changed, 494 insertions(+)
15
16 diff --git a/20018_all_percona-server-8.0.16-without-clientlibs-tools.patch b/20018_all_percona-server-8.0.16-without-clientlibs-tools.patch
17 new file mode 100644
18 index 0000000..dd06976
19 --- /dev/null
20 +++ b/20018_all_percona-server-8.0.16-without-clientlibs-tools.patch
21 @@ -0,0 +1,197 @@
22 +From b38aad3589e5d7138d366bbde6336421f11829e9 Mon Sep 17 00:00:00 2001
23 +From: root <root@××××××××××.box>
24 +Date: Sat, 17 Aug 2019 00:08:53 +0200
25 +Subject: [PATCH 4/5] 20018_all_percona-server-8.0.18-without-clientlibs-tools
26 +
27 +---
28 + CMakeLists.txt | 13 +++++++++----
29 + libmysql/CMakeLists.txt | 23 +++++++++++++++++------
30 + scripts/CMakeLists.txt | 11 ++++++++---
31 + support-files/CMakeLists.txt | 4 +++-
32 + utilities/CMakeLists.txt | 15 ++++++++++++---
33 + 5 files changed, 49 insertions(+), 17 deletions(-)
34 +
35 +diff --git a/CMakeLists.txt b/CMakeLists.txt
36 +index 586797bf..eac43129 100644
37 +--- a/CMakeLists.txt
38 ++++ b/CMakeLists.txt
39 +@@ -1047,8 +1047,6 @@ ENDIF()
40 + MYSQL_CHECK_SSL()
41 + MYSQL_CHECK_SSL_DLLS()
42 +
43 +-# Add system/bundled editline.
44 +-MYSQL_CHECK_EDITLINE()
45 + # Add libevent
46 + IF(NOT WITHOUT_SERVER)
47 + MYSQL_CHECK_LIBEVENT()
48 +@@ -1140,7 +1138,9 @@ IF(WITH_UNIT_TESTS)
49 + ENABLE_TESTING()
50 + ENDIF()
51 +
52 +-ADD_SUBDIRECTORY(include)
53 ++IF(NOT WITHOUT_CLIENTLIBS)
54 ++ ADD_SUBDIRECTORY(include)
55 ++ENDIF(NOT WITHOUT_CLIENTLIBS)
56 + ADD_SUBDIRECTORY(dbug)
57 + ADD_SUBDIRECTORY(strings)
58 + ADD_SUBDIRECTORY(vio)
59 +@@ -1173,7 +1173,6 @@ IF(WITH_UNIT_TESTS)
60 + ADD_SUBDIRECTORY(unittest/mytap/t)
61 + ENDIF()
62 +
63 +-ADD_SUBDIRECTORY(client)
64 + ADD_SUBDIRECTORY(utilities)
65 + ADD_SUBDIRECTORY(share)
66 + ADD_SUBDIRECTORY(libservices)
67 +@@ -1192,6 +1191,12 @@ ENDIF()
68 + ADD_SUBDIRECTORY(scripts)
69 + ADD_SUBDIRECTORY(support-files)
70 +
71 ++IF(NOT WITHOUT_TOOLS)
72 ++ # Add system/bundled editline
73 ++ MYSQL_CHECK_EDITLINE()
74 ++ ADD_SUBDIRECTORY(client)
75 ++ENDIF(NOT WITHOUT_TOOLS)
76 ++
77 + IF(NOT WITHOUT_SERVER)
78 + ADD_SUBDIRECTORY(mysql-test)
79 + ADD_SUBDIRECTORY(mysql-test/lib/My/SafeProcess)
80 +diff --git a/libmysql/CMakeLists.txt b/libmysql/CMakeLists.txt
81 +index 3258ad9b..ca05da85 100644
82 +--- a/libmysql/CMakeLists.txt
83 ++++ b/libmysql/CMakeLists.txt
84 +@@ -240,12 +240,17 @@ IF(WIN32)
85 + LIST(APPEND LIBS_TO_MERGE auth_win_client)
86 + ENDIF()
87 +
88 +-# LDAP authentication SASL client plugin
89 +-MESSAGE(STATUS "Creating LDAP authentication SASL client library.")
90 +-ADD_SUBDIRECTORY(authentication_ldap)
91 +-
92 +-# Merge several convenience libraries into one big perconaserverclient
93 +-MERGE_CONVENIENCE_LIBRARIES(perconaserverclient ${LIBS_TO_MERGE} COMPONENT Development)
94 ++IF(WITHOUT_CLIENTLIBS)
95 ++ # Merge several convenience libraries into one big perconaserverclient
96 ++ MERGE_CONVENIENCE_LIBRARIES(perconaserverclient ${LIBS_TO_MERGE} COMPONENT Development SKIP_INSTALL)
97 ++ELSE(WITHOUT_CLIENTLIBS)
98 ++ # LDAP authentication SASL client plugin
99 ++ MESSAGE(STATUS "Creating LDAP authentication SASL client library.")
100 ++ ADD_SUBDIRECTORY(authentication_ldap)
101 ++
102 ++ # Merge several convenience libraries into one big perconaserverclient
103 ++ MERGE_CONVENIENCE_LIBRARIES(perconaserverclient ${LIBS_TO_MERGE} COMPONENT Development)
104 ++ENDIF(WITHOUT_CLIENTLIBS)
105 + TARGET_LINK_LIBRARIES(perconaserverclient PRIVATE ${LIBS_TO_LINK})
106 +
107 + # Visual Studio users need debug static library for debug projects
108 +@@ -284,9 +289,15 @@ ENDIF()
109 + IF(NOT DISABLE_SHARED)
110 + # Merge several convenience libraries into one big perconaserverclient
111 + # and link them together into shared library.
112 ++IF(WITHOUT_CLIENTLIBS)
113 ++ MERGE_LIBRARIES_SHARED(libmysql ${LIBS_TO_MERGE}
114 ++ EXPORTS ${CLIENT_API_FUNCTIONS} ${CLIENT_API_FUNCTIONS_UNDOCUMENTED}
115 ++ COMPONENT SharedLibraries SKIP_INSTALL)
116 ++ELSE(WITHOUT_CLIENTLIBS)
117 + MERGE_LIBRARIES_SHARED(libmysql ${LIBS_TO_MERGE}
118 + EXPORTS ${CLIENT_API_FUNCTIONS} ${CLIENT_API_FUNCTIONS_UNDOCUMENTED}
119 + COMPONENT SharedLibraries)
120 ++ENDIF(WITHOUT_CLIENTLIBS)
121 + TARGET_LINK_LIBRARIES(libmysql PRIVATE ${LIBS_TO_LINK})
122 +
123 + IF(WIN32)
124 +diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt
125 +index 22683309..541eeefc 100644
126 +--- a/scripts/CMakeLists.txt
127 ++++ b/scripts/CMakeLists.txt
128 +@@ -470,14 +470,12 @@ ELSE()
129 +
130 + IF(WITH_SYSTEMD)
131 + SET(BIN_SCRIPTS
132 +- mysql_config
133 + mysqldumpslow
134 + ps_mysqld_helper
135 + ps-admin
136 + )
137 + ELSE()
138 + SET(BIN_SCRIPTS
139 +- mysql_config
140 + mysqldumpslow
141 + mysqld_multi
142 + mysqld_safe
143 +@@ -486,6 +484,13 @@ ELSE()
144 + )
145 + ENDIF()
146 +
147 ++ IF(NOT WITHOUT_CLIENTLIBS)
148 ++ SET(BIN_SCRIPTS
149 ++ ${BIN_SCRIPTS}
150 ++ mysql_config
151 ++ )
152 ++ ENDIF(NOT WITHOUT_CLIENTLIBS)
153 ++
154 + SET(PKGCONFIG_FILE ${LIBMYSQL_OS_OUTPUT_NAME}.pc)
155 + STRING(REGEX REPLACE "/mysql$" "" PKGCONFIG_DIR "${INSTALL_LIBDIR}")
156 + SET(PKGCONFIG_DIR "${PKGCONFIG_DIR}/pkgconfig")
157 +@@ -500,7 +505,7 @@ ELSE()
158 + ${CMAKE_CURRENT_BINARY_DIR}/${PKGCONFIG_FILE}
159 + ESCAPE_QUOTES @ONLY)
160 +
161 +- IF(INSTALL_PKGCONFIGDIR)
162 ++ IF(INSTALL_PKGCONFIGDIR AND NOT WITHOUT_CLIENTLIBS)
163 + MESSAGE(STATUS "INSTALL ${PKGCONFIG_FILE} ${INSTALL_PKGCONFIGDIR}")
164 + INSTALL(FILES
165 + ${CMAKE_CURRENT_BINARY_DIR}/${PKGCONFIG_FILE}
166 +diff --git a/support-files/CMakeLists.txt b/support-files/CMakeLists.txt
167 +index a5a31590..3b155127 100644
168 +--- a/support-files/CMakeLists.txt
169 ++++ b/support-files/CMakeLists.txt
170 +@@ -64,7 +64,9 @@ IF(UNIX)
171 + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
172 + ENDFOREACH()
173 +
174 +- INSTALL(FILES mysql.m4 DESTINATION ${INSTALL_SHAREDIR}/aclocal COMPONENT Development)
175 ++ IF(NOT WITHOUT_CLIENTLIBS)
176 ++ INSTALL(FILES mysql.m4 DESTINATION ${INSTALL_SHAREDIR}/aclocal COMPONENT Development)
177 ++ ENDIF(NOT WITHOUT_CLIENTLIBS)
178 +
179 + SET(bindir ${prefix}/${INSTALL_BINDIR})
180 + SET(sbindir ${prefix}/${INSTALL_SBINDIR})
181 +diff --git a/utilities/CMakeLists.txt b/utilities/CMakeLists.txt
182 +index 9ffb59e6..d7263a75 100644
183 +--- a/utilities/CMakeLists.txt
184 ++++ b/utilities/CMakeLists.txt
185 +@@ -90,10 +90,15 @@ IF(APPLE AND HAVE_CRYPTO_DYLIB AND HAVE_OPENSSL_DYLIB)
186 + ADD_DEPENDENCIES(comp_err copy_openssl_dlls)
187 + ENDIF()
188 +
189 +-MYSQL_ADD_EXECUTABLE(my_print_defaults my_print_defaults.cc)
190 ++IF(NOT WITHOUT_CLIENTLIBS)
191 ++ MYSQL_ADD_EXECUTABLE(my_print_defaults my_print_defaults.cc)
192 ++ MYSQL_ADD_EXECUTABLE(perror perror.cc)
193 ++ELSE(NOT WITHOUT_CLIENTLIBS)
194 ++ MYSQL_ADD_EXECUTABLE(my_print_defaults my_print_defaults.cc SKIP_INSTALL)
195 ++ MYSQL_ADD_EXECUTABLE(perror perror.cc SKIP_INSTALL)
196 ++ENDIF(NOT WITHOUT_CLIENTLIBS)
197 + TARGET_LINK_LIBRARIES(my_print_defaults mysys mysys_ssl)
198 +
199 +-MYSQL_ADD_EXECUTABLE(perror perror.cc)
200 + ADD_DEPENDENCIES(perror GenError)
201 + TARGET_LINK_LIBRARIES(perror mysys mysys_ssl)
202 +
203 +@@ -103,7 +108,11 @@ IF (BUILD_BUNDLED_LZ4)
204 + ENDIF()
205 +
206 + IF (BUILD_BUNDLED_ZLIB OR NOT OPENSSL_EXECUTABLE_HAS_ZLIB)
207 +- MYSQL_ADD_EXECUTABLE(zlib_decompress zlib_decompress.cc)
208 ++ IF(NOT WITHOUT_CLIENTLIBS)
209 ++ MYSQL_ADD_EXECUTABLE(zlib_decompress zlib_decompress.cc)
210 ++ ELSE(NOT WITHOUT_CLIENTLIBS)
211 ++ MYSQL_ADD_EXECUTABLE(zlib_decompress zlib_decompress.cc SKIP_INSTALL)
212 ++ ENDIF(NOT WITHOUT_CLIENTLIBS)
213 + TARGET_LINK_LIBRARIES(zlib_decompress ${ZLIB_LIBRARY} mysys)
214 + ENDIF()
215 +
216 +--
217 +2.22.1
218 +
219
220 diff --git a/20018_percona-server-8.0.16-fix-libressl-support.patch b/20018_percona-server-8.0.16-fix-libressl-support.patch
221 new file mode 100644
222 index 0000000..5e7b24e
223 --- /dev/null
224 +++ b/20018_percona-server-8.0.16-fix-libressl-support.patch
225 @@ -0,0 +1,297 @@
226 +From da955a3a74c57688d33d845d5cb12cccf8004ff2 Mon Sep 17 00:00:00 2001
227 +From: root <root@××××××××××.box>
228 +Date: Sat, 17 Aug 2019 00:15:49 +0200
229 +Subject: [PATCH 5/5] percona-server-8.0.16-fix-libressl-support
230 +
231 +---
232 + cmake/ssl.cmake | 6 ++++--
233 + extra/libevent/openssl-compat.h | 5 ++++-
234 + mysys_ssl/my_md5.cc | 2 +-
235 + .../src/bindings/xcom/xcom/xcom_ssl_transport.c | 4 ++--
236 + plugin/x/client/xconnection_impl.cc | 4 ++--
237 + router/src/http/src/tls_client_context.cc | 2 +-
238 + router/src/http/src/tls_context.cc | 6 +++++-
239 + router/src/http/src/tls_server_context.cc | 3 ++-
240 + sql-common/client.cc | 3 ++-
241 + sql/mysqld.cc | 4 ++--
242 + sql/sys_vars.cc | 8 ++++----
243 + vio/viossl.cc | 4 ++--
244 + vio/viosslfactories.cc | 2 +-
245 + 13 files changed, 32 insertions(+), 21 deletions(-)
246 +
247 +diff --git a/cmake/ssl.cmake b/cmake/ssl.cmake
248 +index e93a12e0..06cd36ec 100644
249 +--- a/cmake/ssl.cmake
250 ++++ b/cmake/ssl.cmake
251 +@@ -313,12 +313,14 @@ MACRO (MYSQL_CHECK_SSL)
252 + OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
253 + )
254 + ENDIF()
255 +- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
256 ++ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
257 ++ IF(HAVE_TLS1_3_VERSION)
258 + ADD_DEFINITIONS(-DHAVE_TLSv13)
259 + ENDIF()
260 + IF(OPENSSL_INCLUDE_DIR AND
261 + OPENSSL_LIBRARY AND
262 +- CRYPTO_LIBRARY
263 ++ CRYPTO_LIBRARY AND
264 ++ OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1"
265 + )
266 + SET(OPENSSL_FOUND TRUE)
267 + FIND_PROGRAM(OPENSSL_EXECUTABLE openssl
268 +diff --git a/extra/libevent/openssl-compat.h b/extra/libevent/openssl-compat.h
269 +index 69afc716..deb21d6a 100644
270 +--- a/extra/libevent/openssl-compat.h
271 ++++ b/extra/libevent/openssl-compat.h
272 +@@ -24,7 +24,6 @@ static inline BIO_METHOD *BIO_meth_new(int type, const char *name)
273 + #define BIO_set_init(b, val) (b)->init = (val)
274 + #define BIO_set_data(b, val) (b)->ptr = (val)
275 + #define BIO_set_shutdown(b, val) (b)->shutdown = (val)
276 +-#define BIO_get_init(b) (b)->init
277 + #define BIO_get_data(b) (b)->ptr
278 + #define BIO_get_shutdown(b) (b)->shutdown
279 +
280 +@@ -32,4 +31,8 @@ static inline BIO_METHOD *BIO_meth_new(int type, const char *name)
281 +
282 + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
283 +
284 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
285 ++#define BIO_get_init(b) (b)->init
286 ++#endif
287 ++
288 + #endif /* OPENSSL_COMPAT_H */
289 +diff --git a/mysys_ssl/my_md5.cc b/mysys_ssl/my_md5.cc
290 +index 095fcb4e..0bdc885a 100644
291 +--- a/mysys_ssl/my_md5.cc
292 ++++ b/mysys_ssl/my_md5.cc
293 +@@ -56,7 +56,7 @@ static void my_md5_hash(unsigned char *digest, unsigned const char *buf,
294 + int compute_md5_hash(char *digest, const char *buf, int len) {
295 + int retval = 0;
296 + int fips_mode = 0;
297 +-#if !defined(HAVE_WOLFSSL)
298 ++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
299 + fips_mode = FIPS_mode();
300 + #endif /* HAVE_WOLFSSL */
301 + /* If fips mode is ON/STRICT restricted method calls will result into abort,
302 +diff --git a/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c b/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
303 +index 67c151b2..6a18a717 100644
304 +--- a/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
305 ++++ b/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
306 +@@ -297,7 +297,7 @@ error:
307 + return 1;
308 + }
309 +
310 +-#ifndef HAVE_WOLFSSL
311 ++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
312 + #define OPENSSL_ERROR_LENGTH 512
313 + static int configure_ssl_fips_mode(const uint fips_mode) {
314 + int rc = -1;
315 +@@ -521,7 +521,7 @@ int xcom_init_ssl(const char *server_key_file, const char *server_cert_file,
316 + int verify_server = SSL_VERIFY_NONE;
317 + int verify_client = SSL_VERIFY_NONE;
318 +
319 +-#ifndef HAVE_WOLFSSL
320 ++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
321 + if (configure_ssl_fips_mode(ssl_fips_mode) != 1) {
322 + G_ERROR("Error setting the ssl fips mode");
323 + goto error;
324 +diff --git a/plugin/x/client/xconnection_impl.cc b/plugin/x/client/xconnection_impl.cc
325 +index cab1836c..4ba28d8f 100644
326 +--- a/plugin/x/client/xconnection_impl.cc
327 ++++ b/plugin/x/client/xconnection_impl.cc
328 +@@ -489,7 +489,7 @@ XError Connection_impl::get_ssl_error(const int error_id) {
329 + return XError(CR_SSL_CONNECTION_ERROR, buffer);
330 + }
331 +
332 +-#ifndef HAVE_WOLFSSL
333 ++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
334 + /**
335 + Set fips mode in openssl library,
336 + When we set fips mode ON/STRICT, it will perform following operations:
337 +@@ -539,7 +539,7 @@ XError Connection_impl::activate_tls() {
338 + if (!m_context->m_ssl_config.is_configured())
339 + return XError{CR_SSL_CONNECTION_ERROR, ER_TEXT_TLS_NOT_CONFIGURATED};
340 +
341 +-#ifndef HAVE_WOLFSSL
342 ++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
343 + char err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
344 + if (set_fips_mode((int)m_context->m_ssl_config.m_ssl_fips_mode, err_string) !=
345 + 1) {
346 +diff --git a/router/src/http/src/tls_client_context.cc b/router/src/http/src/tls_client_context.cc
347 +index f9dff94d..ae7413b4 100644
348 +--- a/router/src/http/src/tls_client_context.cc
349 ++++ b/router/src/http/src/tls_client_context.cc
350 +@@ -54,7 +54,7 @@ void TlsClientContext::verify(TlsVerify verify) {
351 +
352 + void TlsClientContext::cipher_suites(const std::string &ciphers) {
353 + // TLSv1.3 ciphers are controlled via SSL_CTX_set_ciphersuites()
354 +-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 1)
355 ++#ifdef TLS1_3_VERSION
356 + if (1 != SSL_CTX_set_ciphersuites(ssl_ctx_.get(), ciphers.c_str())) {
357 + throw TlsError("set-cipher-suites");
358 + }
359 +diff --git a/router/src/http/src/tls_context.cc b/router/src/http/src/tls_context.cc
360 +index bae36860..2cdc3127 100644
361 +--- a/router/src/http/src/tls_context.cc
362 ++++ b/router/src/http/src/tls_context.cc
363 +@@ -92,7 +92,7 @@ static constexpr int o11x_version(TlsVersion version) {
364 + return TLS1_1_VERSION;
365 + case TlsVersion::TLS_1_2:
366 + return TLS1_2_VERSION;
367 +-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 1)
368 ++#ifdef TLS1_3_VERSION
369 + case TlsVersion::TLS_1_3:
370 + return TLS1_3_VERSION;
371 + #endif
372 +@@ -122,9 +122,11 @@ void TlsContext::version_range(TlsVersion min_version, TlsVersion max_version) {
373 + default:
374 + // unknown, leave all disabled
375 + // fallthrough
376 ++#ifdef TLS1_3_VERSION
377 + case TlsVersion::TLS_1_3:
378 + opts |= SSL_OP_NO_TLSv1_2;
379 + // fallthrough
380 ++#endif
381 + case TlsVersion::TLS_1_2:
382 + opts |= SSL_OP_NO_TLSv1_1;
383 + // fallthrough
384 +@@ -171,8 +173,10 @@ TlsVersion TlsContext::min_version() const {
385 + return TlsVersion::TLS_1_1;
386 + case TLS1_2_VERSION:
387 + return TlsVersion::TLS_1_2;
388 ++#ifdef TLS1_3_VERSION
389 + case TLS1_3_VERSION:
390 + return TlsVersion::TLS_1_3;
391 ++#endif
392 + case 0:
393 + return TlsVersion::AUTO;
394 + default:
395 +diff --git a/router/src/http/src/tls_server_context.cc b/router/src/http/src/tls_server_context.cc
396 +index 4f3fa39c..ecc97559 100644
397 +--- a/router/src/http/src/tls_server_context.cc
398 ++++ b/router/src/http/src/tls_server_context.cc
399 +@@ -162,7 +162,8 @@ void TlsServerContext::init_tmp_dh(const std::string &dh_params) {
400 + }
401 +
402 + } else {
403 +-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0)
404 ++#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0) && \
405 ++ !defined(LIBRESSL_VERSION_NUMBER)
406 + dh2048.reset(DH_get_2048_256());
407 + #else
408 + /*
409 +diff --git a/sql-common/client.cc b/sql-common/client.cc
410 +index b6a253cc..2375bd19 100644
411 +--- a/sql-common/client.cc
412 ++++ b/sql-common/client.cc
413 +@@ -7681,7 +7681,8 @@ int STDCALL mysql_options(MYSQL *mysql, enum mysql_option option,
414 + #endif
415 + break;
416 + case MYSQL_OPT_SSL_FIPS_MODE: {
417 +-#if defined(HAVE_OPENSSL) && !defined(HAVE_WOLFSSL)
418 ++#if defined(HAVE_OPENSSL) && \
419 ++ !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
420 + char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
421 + ENSURE_EXTENSIONS_PRESENT(&mysql->options);
422 + mysql->options.extension->ssl_fips_mode = *(uint *)arg;
423 +diff --git a/sql/mysqld.cc b/sql/mysqld.cc
424 +index 22364edc..7b066343 100644
425 +--- a/sql/mysqld.cc
426 ++++ b/sql/mysqld.cc
427 +@@ -4881,7 +4881,7 @@ static int init_thread_environment() {
428 +
429 + static PSI_memory_key key_memory_openssl = PSI_NOT_INSTRUMENTED;
430 +
431 +-#if OPENSSL_VERSION_NUMBER < 0x10100000L
432 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
433 + #define FILE_LINE_ARGS
434 + #else
435 + #define FILE_LINE_ARGS , const char *, int
436 +@@ -4917,7 +4917,7 @@ static void init_ssl() {
437 + }
438 +
439 + static int init_ssl_communication() {
440 +-#ifndef HAVE_WOLFSSL
441 ++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
442 + char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
443 + int ret_fips_mode = set_fips_mode(opt_ssl_fips_mode, ssl_err_string);
444 + if (ret_fips_mode != 1) {
445 +diff --git a/sql/sys_vars.cc b/sql/sys_vars.cc
446 +index 5d7f3555..334684d2 100644
447 +--- a/sql/sys_vars.cc
448 ++++ b/sql/sys_vars.cc
449 +@@ -4405,7 +4405,7 @@ static Sys_var_ulong Sys_max_execution_time(
450 + HINT_UPDATEABLE SESSION_VAR(max_execution_time), CMD_LINE(REQUIRED_ARG),
451 + VALID_RANGE(0, ULONG_MAX), DEFAULT(0), BLOCK_SIZE(1));
452 +
453 +-#ifndef HAVE_WOLFSSL
454 ++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
455 + static bool update_fips_mode(sys_var *, THD *, enum_var_type) {
456 + char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
457 + if (set_fips_mode(opt_ssl_fips_mode, ssl_err_string) != 1) {
458 +@@ -4418,7 +4418,7 @@ static bool update_fips_mode(sys_var *, THD *, enum_var_type) {
459 + }
460 + #endif
461 +
462 +-#ifdef HAVE_WOLFSSL
463 ++#if defined(HAVE_WOLFSSL) || defined(LIBRESSL_VERSION_NUMBER)
464 + static const char *ssl_fips_mode_names[] = {"OFF", 0};
465 + #else
466 + static const char *ssl_fips_mode_names[] = {"OFF", "ON", "STRICT", 0};
467 +@@ -4426,7 +4426,7 @@ static const char *ssl_fips_mode_names[] = {"OFF", "ON", "STRICT", 0};
468 + static Sys_var_enum Sys_ssl_fips_mode(
469 + "ssl_fips_mode",
470 + "SSL FIPS mode (applies only for OpenSSL); "
471 +-#ifndef HAVE_WOLFSSL
472 ++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
473 + "permitted values are: OFF, ON, STRICT",
474 + #else
475 + "permitted values are: OFF",
476 +@@ -4434,7 +4434,7 @@ static Sys_var_enum Sys_ssl_fips_mode(
477 + GLOBAL_VAR(opt_ssl_fips_mode), CMD_LINE(REQUIRED_ARG, OPT_SSL_FIPS_MODE),
478 + ssl_fips_mode_names, DEFAULT(0), NO_MUTEX_GUARD, NOT_IN_BINLOG,
479 + ON_CHECK(NULL),
480 +-#ifndef HAVE_WOLFSSL
481 ++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
482 + ON_UPDATE(update_fips_mode),
483 + #else
484 + ON_UPDATE(NULL),
485 +diff --git a/vio/viossl.cc b/vio/viossl.cc
486 +index d69119b3..5fb7c883 100644
487 +--- a/vio/viossl.cc
488 ++++ b/vio/viossl.cc
489 +@@ -507,7 +507,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
490 + #if !defined(HAVE_WOLFSSL) && !defined(DBUG_OFF)
491 + {
492 + STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
493 +- ssl_comp_methods = SSL_COMP_get_compression_methods();
494 ++ ssl_comp_methods = (STACK_OF(SSL_COMP) *)SSL_COMP_get_compression_methods();
495 + n = sk_SSL_COMP_num(ssl_comp_methods);
496 + DBUG_PRINT("info", ("Available compression methods:\n"));
497 + if (n == 0)
498 +@@ -515,7 +515,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
499 + else
500 + for (j = 0; j < n; j++) {
501 + SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
502 +-#if OPENSSL_VERSION_NUMBER < 0x10100000L
503 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
504 + DBUG_PRINT("info", (" %d: %s\n", c->id, c->name));
505 + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
506 + DBUG_PRINT("info",
507 +diff --git a/vio/viosslfactories.cc b/vio/viosslfactories.cc
508 +index ea79ad1b..8ed961d1 100644
509 +--- a/vio/viosslfactories.cc
510 ++++ b/vio/viosslfactories.cc
511 +@@ -429,7 +429,7 @@ void ssl_start() {
512 + }
513 + }
514 +
515 +-#ifndef HAVE_WOLFSSL
516 ++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
517 + /**
518 + Set fips mode in openssl library,
519 + When we set fips mode ON/STRICT, it will perform following operations:
520 +--
521 +2.22.1
522 +
Report Message
Find on MARC Find on Google Groups