diff options
| author | Vladislav Vaintroub <wlad@mariadb.com> | 2019-02-13 09:08:06 +0100 |
|---|---|---|
| committer | Vladislav Vaintroub <wlad@mariadb.com> | 2019-05-22 13:48:25 +0200 |
| commit | 5e4b657dd44dce601c91bc77a41f6e382bc32000 (patch) | |
| tree | e0c7442136ceb243768ed108db56051fd37a5762 /include/ssl_compat.h | |
| parent | 31fe70290c54c44231aed881f5138924f32e47c5 (diff) | |
| download | mariadb-git-5e4b657dd44dce601c91bc77a41f6e382bc32000.tar.gz | |
MDEV-18531 : Use WolfSSL instead of YaSSL as "bundled" SSL/encryption library
- Add new submodule for WolfSSL
- Build and use wolfssl and wolfcrypt instead of yassl/taocrypt
- Use HAVE_WOLFSSL instead of HAVE_YASSL
- Increase MY_AES_CTX_SIZE, to avoid compile time asserts in my_crypt.cc
(sizeof(EVP_CIPHER_CTX) is larger on WolfSSL)
Diffstat (limited to 'include/ssl_compat.h')
| -rw-r--r-- | include/ssl_compat.h | 30 |
1 files changed, 19 insertions, 11 deletions
diff --git a/include/ssl_compat.h b/include/ssl_compat.h index c94b9671d5f..9b63c24399a 100644 --- a/include/ssl_compat.h +++ b/include/ssl_compat.h @@ -17,11 +17,7 @@ #include <openssl/opensslv.h> /* OpenSSL version specific definitions */ -#if !defined(HAVE_YASSL) && defined(OPENSSL_VERSION_NUMBER) - -#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) -#define HAVE_X509_check_host 1 -#endif +#if defined(OPENSSL_VERSION_NUMBER) #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) #define HAVE_OPENSSL11 1 @@ -49,27 +45,39 @@ #else #define HAVE_OPENSSL10 1 +#ifdef HAVE_WOLFSSL +#define SSL_LIBRARY "WolfSSL " WOLFSSL_VERSION +#else #define SSL_LIBRARY SSLeay_version(SSLEAY_VERSION) +#endif -#ifdef HAVE_ERR_remove_thread_state +#ifdef HAVE_WOLFSSL +#undef ERR_remove_state +#define ERR_remove_state(x) do {} while(0) +#elif defined (HAVE_ERR_remove_thread_state) #define ERR_remove_state(X) ERR_remove_thread_state(NULL) #endif /* HAVE_ERR_remove_thread_state */ #endif /* HAVE_OPENSSL11 */ +#endif -#elif defined(HAVE_YASSL) -#define SSL_LIBRARY "YaSSL " YASSL_VERSION -#define BN_free(X) do { } while(0) -#endif /* !defined(HAVE_YASSL) */ +#ifdef HAVE_WOLFSSL +#define EVP_MD_CTX_SIZE sizeof(wc_Md5) +#endif #ifndef HAVE_OPENSSL11 +#ifndef ASN1_STRING_get0_data #define ASN1_STRING_get0_data(X) ASN1_STRING_data(X) +#endif +#ifndef EVP_MD_CTX_SIZE +#define EVP_MD_CTX_SIZE sizeof(EVP_MD_CTX) +#endif + #define OPENSSL_init_ssl(X,Y) SSL_library_init() #define DH_set0_pqg(D,P,Q,G) ((D)->p= (P), (D)->g= (G)) #define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf) #define EVP_CIPHER_CTX_encrypting(ctx) ((ctx)->encrypt) #define EVP_CIPHER_CTX_SIZE sizeof(EVP_CIPHER_CTX) -#define EVP_MD_CTX_SIZE sizeof(EVP_MD_CTX) #define EVP_MD_CTX_reset(X) EVP_MD_CTX_cleanup(X) #define EVP_CIPHER_CTX_reset(X) EVP_CIPHER_CTX_cleanup(X) |