diff --git a/databases/mysql57-server/files/patch-mysys__ssl_my__kdf.h b/databases/mysql57-server/files/patch-mysys__ssl_my__kdf.h new file mode 100644 --- /dev/null +++ b/databases/mysql57-server/files/patch-mysys__ssl_my__kdf.h @@ -0,0 +1,11 @@ +--- mysys_ssl/my_kdf.h.orig 2022-11-04 07:47:17 UTC ++++ mysys_ssl/my_kdf.h +@@ -61,7 +61,7 @@ class Key_derivation_function { + bool options_valid_; + }; + +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + + /** Class to implement KDF method hkdf. */ + class Key_hkdf_function : public Key_derivation_function { diff --git a/databases/mysql57-server/files/patch-mysys__ssl_my__kdf.cc b/databases/mysql57-server/files/patch-mysys__ssl_my__kdf.cc new file mode 100644 --- /dev/null +++ b/databases/mysql57-server/files/patch-mysys__ssl_my__kdf.cc @@ -0,0 +1,20 @@ +--- mysys_ssl/my_kdf.cc.orig 2022-11-04 07:47:44 UTC ++++ mysys_ssl/my_kdf.cc +@@ -59,7 +59,7 @@ int create_kdf_key(const unsigned char *key, const uns + Key_derivation_function *kdf_function = NULL; + + if (kdf_name == "hkdf") { +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + kdf_function = new Key_hkdf_function(kdf_options); + #else + return 1; +@@ -87,7 +87,7 @@ Key_derivation_function::Key_derivation_function() { + options_valid_ = false; + } + +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + Key_hkdf_function::Key_hkdf_function(vector *kdf_options) { + kdf_options_ = kdf_options; + } diff --git a/databases/mysql57-server/files/patch-vio_viosslfactories.c b/databases/mysql57-server/files/patch-vio_viosslfactories.c deleted file mode 100644 --- a/databases/mysql57-server/files/patch-vio_viosslfactories.c +++ /dev/null @@ -1,62 +0,0 @@ ---- vio/viosslfactories.c -+++ vio/viosslfactories.c -@@ -123,21 +123,19 @@ static DH *get_dh2048(void) - DH *dh; - if ((dh=DH_new())) - { -- BIGNUM *p= BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL); -- BIGNUM *g= BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL); -- if (!p || !g --#if OPENSSL_VERSION_NUMBER >= 0x10100000L -- || !DH_set0_pqg(dh, p, NULL, g) --#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ -- ) { -- /* DH_free() will free 'p' and 'g' at once. */ -+ BIGNUM *p = BN_bin2bn(dh2048_p,sizeof(dh2048_p), NULL); -+ BIGNUM *g = BN_bin2bn(dh2048_g,sizeof(dh2048_g), NULL); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) -+ dh->p=p; -+ dh->g=g; -+ if (! dh->p || ! dh->g) -+#else -+ if (!DH_set0_pqg(dh, p, NULL, g)) -+#endif -+ { - DH_free(dh); -- return NULL; -+ dh = NULL; - } --#if OPENSSL_VERSION_NUMBER < 0x10100000L -- dh->p= p; -- dh->g= g; --#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ - } - return(dh); - } -@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi - struct st_VioSSLFd *ssl_fd; - /* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */ - long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 --#ifdef HAVE_TLSv13 -+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER) - | SSL_OP_NO_TLSv1_3 - #endif /* HAVE_TLSv13 */ - ; -@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi - SSL_OP_NO_TLSv1 | - SSL_OP_NO_TLSv1_1 - | SSL_OP_NO_TLSv1_2 --#ifdef HAVE_TLSv13 -+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER) - | SSL_OP_NO_TLSv1_3 - #endif /* HAVE_TLSv13 */ - | SSL_OP_NO_TICKET -@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi - - SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options); - --#ifdef HAVE_TLSv13 -+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER) - /* - MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites. - */