From e7ad7f050e2d0887f2587e5801356ac411a67ed3 Mon Sep 17 00:00:00 2001 From: V S Murthy Sidagam Date: Mon, 20 Apr 2015 16:46:36 +0530 Subject: Bug #16861371 SSL_OP_NO_COMPRESSION NOT DEFINED Description: Can't build mysql-5.5 latest source with openssl 0.9.8e. Analysis: Older OpenSSL versions(prior to openssl 1.0) doesn't have 'SSL_OP_NO_COMPRESSION' defined. Hence the build is failing with SSL_OP_NO_COMPRESSION undeclared. Fix: Added a conditonal compilation for 'SSL_OP_NO_COMPRESSION'. i.e if 'SSL_OP_NO_COMPRESSION' is defined then have the SSL_set_options call for OpenSSL 1.0 versions. Have sk_SSL_COMP_zero() call for OpenSSL 0.9.8 version --- vio/viossl.c | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) (limited to 'vio') diff --git a/vio/viossl.c b/vio/viossl.c index a7370d3cc58..5960ab9ad4c 100644 --- a/vio/viossl.c +++ b/vio/viossl.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. +/* Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -171,8 +171,27 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout, SSL_clear(ssl); SSL_SESSION_set_timeout(SSL_get_session(ssl), timeout); SSL_set_fd(ssl, vio->sd); -#ifndef HAVE_YASSL - SSL_set_options(ssl, SSL_OP_NO_COMPRESSION); +#if !defined(HAVE_YASSL) && defined(SSL_OP_NO_COMPRESSION) + SSL_set_options(ssl, SSL_OP_NO_COMPRESSION); /* OpenSSL >= 1.0 only */ +#elif OPENSSL_VERSION_NUMBER >= 0x00908000L /* workaround for OpenSSL 0.9.8 */ + sk_SSL_COMP_zero(SSL_COMP_get_compression_methods()); +#endif + +#if !defined(HAVE_YASSL) && !defined(DBUG_OFF) + { + STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; + ssl_comp_methods = SSL_COMP_get_compression_methods(); + DBUG_PRINT("info", ("Available compression methods:\n")); + int j, n = sk_SSL_COMP_num(ssl_comp_methods); + if (n == 0) + fprintf(stderr, " NONE\n"); + else + for (j = 0; j < n; j++) + { + SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); + DBUG_PRINT("info", (" %d: %s\n", c->id, c->name)); + } + } #endif if ((r= connect_accept_func(ssl)) < 1) -- cgit v1.2.1