Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 7 Nov 2022 08:00:14 GMT
From:      Felix Palmen <zirias@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: 5bdf39df0e56 - main - databases/mysql57-server: Fix build w/ libressl3.5
Message-ID:  <202211070800.2A780EIV002655@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch main has been updated by zirias:

URL: https://cgit.FreeBSD.org/ports/commit/?id=5bdf39df0e56f804860af475db15291b04bb25d9

commit 5bdf39df0e56f804860af475db15291b04bb25d9
Author:     Felix Palmen <zirias@FreeBSD.org>
AuthorDate: 2022-10-18 10:54:28 +0000
Commit:     Felix Palmen <zirias@FreeBSD.org>
CommitDate: 2022-11-07 07:56:58 +0000

    databases/mysql57-server: Fix build w/ libressl3.5
    
    Approved by:            joneum (maintainer), tcberner (mentor)
    Differential Revision:  https://reviews.freebsd.org/D37056
---
 .../files/patch-mysys__ssl_my__kdf.cc              | 20 +++++++
 .../files/patch-mysys__ssl_my__kdf.h               | 11 ++++
 .../files/patch-vio_viosslfactories.c              | 62 ----------------------
 3 files changed, 31 insertions(+), 62 deletions(-)

diff --git a/databases/mysql57-server/files/patch-mysys__ssl_my__kdf.cc b/databases/mysql57-server/files/patch-mysys__ssl_my__kdf.cc
new file mode 100644
index 000000000000..1c8527d5c9cc
--- /dev/null
+++ b/databases/mysql57-server/files/patch-mysys__ssl_my__kdf.cc
@@ -0,0 +1,20 @@
+--- mysys_ssl/my_kdf.cc.orig	2022-11-04 07:47:44 UTC
++++ mysys_ssl/my_kdf.cc
+@@ -59,7 +59,7 @@ int create_kdf_key(const unsigned char *key, const uns
+   Key_derivation_function *kdf_function = NULL;
+ 
+   if (kdf_name == "hkdf") {
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+     kdf_function = new Key_hkdf_function(kdf_options);
+ #else
+     return 1;
+@@ -87,7 +87,7 @@ Key_derivation_function::Key_derivation_function() {
+   options_valid_ = false;
+ }
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ Key_hkdf_function::Key_hkdf_function(vector<string> *kdf_options) {
+   kdf_options_ = kdf_options;
+ }
diff --git a/databases/mysql57-server/files/patch-mysys__ssl_my__kdf.h b/databases/mysql57-server/files/patch-mysys__ssl_my__kdf.h
new file mode 100644
index 000000000000..deb0d98baa4c
--- /dev/null
+++ b/databases/mysql57-server/files/patch-mysys__ssl_my__kdf.h
@@ -0,0 +1,11 @@
+--- mysys_ssl/my_kdf.h.orig	2022-11-04 07:47:17 UTC
++++ mysys_ssl/my_kdf.h
+@@ -61,7 +61,7 @@ class Key_derivation_function {
+   bool options_valid_;
+ };
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 
+ /** Class to implement KDF method hkdf. */
+ class Key_hkdf_function : public Key_derivation_function {
diff --git a/databases/mysql57-server/files/patch-vio_viosslfactories.c b/databases/mysql57-server/files/patch-vio_viosslfactories.c
deleted file mode 100644
index 00c32ea9dca3..000000000000
--- a/databases/mysql57-server/files/patch-vio_viosslfactories.c
+++ /dev/null
@@ -1,62 +0,0 @@
---- vio/viosslfactories.c
-+++ vio/viosslfactories.c
-@@ -123,21 +123,19 @@ static DH *get_dh2048(void)
-   DH *dh;
-   if ((dh=DH_new()))
-   {
--    BIGNUM *p= BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
--    BIGNUM *g= BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
--    if (!p || !g
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
--        || !DH_set0_pqg(dh, p, NULL, g)
--#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
--    ) {
--      /* DH_free() will free 'p' and 'g' at once. */
-+    BIGNUM *p = BN_bin2bn(dh2048_p,sizeof(dh2048_p), NULL);
-+    BIGNUM *g = BN_bin2bn(dh2048_g,sizeof(dh2048_g), NULL);
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-+    dh->p=p;
-+    dh->g=g;
-+    if (! dh->p || ! dh->g)
-+#else
-+    if (!DH_set0_pqg(dh, p, NULL, g))
-+#endif
-+    {
-       DH_free(dh);
--      return NULL;
-+      dh = NULL;
-     }
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
--    dh->p= p;
--    dh->g= g;
--#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
-   }
-   return(dh);
- }
-@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
-   struct st_VioSSLFd *ssl_fd;
-   /* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */
-   long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3
--#ifdef HAVE_TLSv13
-+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
-                         | SSL_OP_NO_TLSv1_3
- #endif /* HAVE_TLSv13 */
-                         ;
-@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
-                     SSL_OP_NO_TLSv1 |
-                     SSL_OP_NO_TLSv1_1
-                     | SSL_OP_NO_TLSv1_2
--#ifdef HAVE_TLSv13
-+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
-                     | SSL_OP_NO_TLSv1_3
- #endif /* HAVE_TLSv13 */
-                     | SSL_OP_NO_TICKET
-@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
- 
-   SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
- 
--#ifdef HAVE_TLSv13
-+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
-   /*
-     MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
-   */



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202211070800.2A780EIV002655>