diff options
| author | Vladislav Vaintroub <wlad@mariadb.com> | 2020-05-05 18:10:53 +0200 |
|---|---|---|
| committer | Sergei Golubchik <serg@mariadb.org> | 2020-05-08 11:51:03 +0200 |
| commit | 403dc759d0bc5d045da06fb326cdf59b23084953 (patch) | |
| tree | 159f9cada54d23a231c81f98fad2f8ef5a912d6e | |
| parent | 8d85715d507de8937a181e999501e205ff3dca34 (diff) | |
| download | mariadb-git-403dc759d0bc5d045da06fb326cdf59b23084953.tar.gz | |
Update WolfSSL
Fix WolfSSL build:
- Do not build with TLSv1.0,it stopped working,at least with SChannel client
- Disable a test that depends on TLSv1.0
- define FP_MAX_BITS always, to fix 32bit builds.
- Increase MAX_AES_CTX_SIZE, to fix build on Linux
| -rw-r--r-- | extra/wolfssl/user_settings.h.in | 8 | ||||
| m--------- | extra/wolfssl/wolfssl | 0 | ||||
| -rw-r--r-- | include/mysql/service_my_crypt.h | 2 | ||||
| -rw-r--r-- | include/ssl_compat.h | 2 | ||||
| -rw-r--r-- | mysql-test/suite.pm | 3 |
5 files changed, 11 insertions, 4 deletions
diff --git a/extra/wolfssl/user_settings.h.in b/extra/wolfssl/user_settings.h.in index 65be4542b08..de9d9b5a8d9 100644 --- a/extra/wolfssl/user_settings.h.in +++ b/extra/wolfssl/user_settings.h.in @@ -20,14 +20,18 @@ #define WOLFSSL_AES_COUNTER #define NO_WOLFSSL_STUB #define OPENSSL_ALL -#define WOLFSSL_ALLOW_TLSV10 +#define NO_OLD_TIMEVAL_NAME +/* + FP_MAX_BITS is set high solely to satisfy ssl_8k_key.test + WolfSSL will use more stack space with it, with fastmath +*/ +#define FP_MAX_BITS 16384 #cmakedefine WOLFSSL_AESNI #cmakedefine USE_FAST_MATH #cmakedefine TFM_TIMING_RESISTANT #cmakedefine HAVE_INTEL_RDSEED #cmakedefine USE_INTEL_SPEEDUP -#cmakedefine FP_MAX_BITS @FP_MAX_BITS@ #cmakedefine USE_FAST_MATH #cmakedefine WOLFSSL_X86_64_BUILD diff --git a/extra/wolfssl/wolfssl b/extra/wolfssl/wolfssl -Subproject 3f13b49fa318fbd3216d7da36d942e7c276d341 +Subproject e116c89a58af750421d82ece13f80516d2bde02 diff --git a/include/mysql/service_my_crypt.h b/include/mysql/service_my_crypt.h index 039125066ca..930d12a7dd1 100644 --- a/include/mysql/service_my_crypt.h +++ b/include/mysql/service_my_crypt.h @@ -45,7 +45,7 @@ extern "C" { /* The max key length of all supported algorithms */ #define MY_AES_MAX_KEY_LENGTH 32 -#define MY_AES_CTX_SIZE 600 +#define MY_AES_CTX_SIZE 640 enum my_aes_mode { MY_AES_ECB, MY_AES_CBC diff --git a/include/ssl_compat.h b/include/ssl_compat.h index cff5f7ef3de..8cc0e6a9a2b 100644 --- a/include/ssl_compat.h +++ b/include/ssl_compat.h @@ -81,8 +81,8 @@ #ifndef HAVE_WOLFSSL #define EVP_MD_CTX_reset(X) EVP_MD_CTX_cleanup(X) -#endif #define EVP_CIPHER_CTX_reset(X) EVP_CIPHER_CTX_cleanup(X) +#endif #define X509_get0_notBefore(X) X509_get_notBefore(X) #define X509_get0_notAfter(X) X509_get_notAfter(X) #endif diff --git a/mysql-test/suite.pm b/mysql-test/suite.pm index cb30a3186e5..4cf55e3eac8 100644 --- a/mysql-test/suite.pm +++ b/mysql-test/suite.pm @@ -74,6 +74,9 @@ sub skip_combinations { $skip{'main/ssl_verify_ip.test'} = 'x509v3 support required' unless $openssl_ver ge "1.0.2"; + $skip{'main/tls_version1.test'} = 'No TLSv1.0 support' + if $ssl_lib =~ /WolfSSL/; + %skip; } |