diff options
| author | Sergei Golubchik <serg@mariadb.org> | 2017-05-03 21:22:59 +0200 |
|---|---|---|
| committer | Sergei Golubchik <serg@mariadb.org> | 2017-05-09 18:53:10 +0200 |
| commit | ccca4f43c92916c347210a7f9a8126f2aa3f6c31 (patch) | |
| tree | 28d08c49ae7f27c861cb6f8b8cf770ef0b32ae9c /mysys_ssl/yassl.cc | |
| parent | f8866f8f665ac26beb31842fef48ecee5feb346e (diff) | |
| download | mariadb-git-ccca4f43c92916c347210a7f9a8126f2aa3f6c31.tar.gz | |
MDEV-10332 support for OpenSSL 1.1 and LibreSSL
post-review fixes:
* move all ssl implementation related ifdefs/defines to one file
(ssl_compat.h)
* work around OpenSSL-1.1 desire to malloc every EVP context by
run-time checking that context allocated on the stack is big enough
(openssl.c)
* use newer version of the AWS SDK for OpenSSL 1.1
* use get_dh2048() function as generated by openssl 1.1
(viosslfactories.c)
Diffstat (limited to 'mysys_ssl/yassl.cc')
| -rw-r--r-- | mysys_ssl/yassl.cc | 19 |
1 files changed, 0 insertions, 19 deletions
diff --git a/mysys_ssl/yassl.cc b/mysys_ssl/yassl.cc index 86acd315861..23376c82b4f 100644 --- a/mysys_ssl/yassl.cc +++ b/mysys_ssl/yassl.cc @@ -24,7 +24,6 @@ #include <openssl/ssl.h> #include "aes.hpp" -#include <my_sys.h> using yaSSL::yaERR_remove_state; @@ -45,7 +44,6 @@ typedef struct int buf_len; int final_used; uchar tao_buf[sizeof(TaoCrypt::AES)]; // TaoCrypt::AES object - uchar oiv[TaoCrypt::AES::BLOCK_SIZE]; // original IV uchar buf[TaoCrypt::AES::BLOCK_SIZE]; // last partial input block uchar final[TaoCrypt::AES::BLOCK_SIZE]; // last decrypted (output) block } EVP_CIPHER_CTX; @@ -76,26 +74,12 @@ static void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) ctx->final_used= ctx->buf_len= ctx->flags= 0; } -static EVP_CIPHER_CTX *EVP_CIPHER_CTX_new() -{ - EVP_CIPHER_CTX *ctx= (EVP_CIPHER_CTX *)my_malloc(sizeof(EVP_CIPHER_CTX), MYF(0)); - if (ctx) - EVP_CIPHER_CTX_init(ctx); - return ctx; -} - static int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *ctx) { TAO(ctx)->~AES(); return 1; } -static void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) -{ - EVP_CIPHER_CTX_cleanup(ctx); - my_free(ctx); -} - static int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) { if (pad) @@ -112,10 +96,7 @@ static int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, : TaoCrypt::DECRYPTION, cipher->mode); TAO(ctx)->SetKey(key, cipher->key_len); if (iv) - { TAO(ctx)->SetIV(iv); - memcpy(ctx->oiv, iv, TaoCrypt::AES::BLOCK_SIZE); - } ctx->encrypt= enc; ctx->key_len= cipher->key_len; ctx->flags|= cipher->mode == TaoCrypt::CBC ? EVP_CIPH_CBC_MODE : EVP_CIPH_ECB_MODE; |