rpms / mariadb

Clone
Source Code
GIT

Files

10.3 10.4 10.5 10.6 10.7 10.8 10.9 columnstore_2 el5 el6 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 main private-10.1-COPR private-10.1.10-master private-10.2-COPR private-10.3-COPR private-f26-modules-mariadb-notests private-ljavorsk-10.3 private-openssl11 private-scl-master rawhide
  1.   f25
  2.   0004-cleanup-check_openssl_compatibility.patch
Blob Blame History Raw 
From f04148786b2fcb769d938a21ee0c17321f16e28c Mon Sep 17 00:00:00 2001
From: Sergei Golubchik <serg@mariadb.org>
Date: Fri, 23 Jun 2017 16:19:40 +0200
Subject: [PATCH 4/5] cleanup: check_openssl_compatibility()

CRYPTO_set_mem_functions() works only until the first allocation is done:
* remove the second CRYPTO_set_mem_functions() call
* check whether the first CRYPTO_set_mem_functions() call worked
* stricter memory checks (==1, not >1, etc)
* as coc_malloc cannot be removed, make the counter a bit cheaper
* only do the check for OpenSSL 1.1 (because of OpenSSL 1.0 bug)
---
 mysys_ssl/openssl.c | 44 ++++++++++++++++++++++----------------------
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/mysys_ssl/openssl.c b/mysys_ssl/openssl.c
index 2587c5ece1d..31d29fb06d9 100644
--- a/mysys_ssl/openssl.c
+++ b/mysys_ssl/openssl.c
@@ -17,8 +17,14 @@
 #include <my_global.h>
 #include <ssl_compat.h>
 
-#ifdef HAVE_YASSL
+/*
+  The check is only done for OpenSSL 1.1.x.
+  It could run for OpenSSL 1.0.x but it doesn't make much sense
+  and it hits this bug:
+  https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1594748
+*/
 
+#ifndef HAVE_OPENSSL11
 int check_openssl_compatibility()
 {
   return 0;
@@ -26,23 +32,15 @@ int check_openssl_compatibility()
 #else
 #include <openssl/evp.h>
 
-#ifdef HAVE_OPENSSL11
-typedef void *(*CRYPTO_malloc_t)(size_t, const char *, int);
-#endif
-
-#ifdef HAVE_OPENSSL10
-typedef void *(*CRYPTO_malloc_t)(size_t);
-#define CRYPTO_malloc   malloc
-#define CRYPTO_realloc  realloc
-#define CRYPTO_free     free
-#endif
-
-static uint allocated_size, allocated_count;
+static uint testing, alloc_size, alloc_count;
 
-static void *coc_malloc(size_t size)
+static void *coc_malloc(size_t size, const char *, int)
 {
-  allocated_size+= size;
-  allocated_count++;
+  if (unlikely(testing))
+  {
+    alloc_size+= size;
+    alloc_count++;
+  }
   return malloc(size);
 }
 
@@ -51,21 +49,23 @@ int check_openssl_compatibility()
   EVP_CIPHER_CTX *evp_ctx;
   EVP_MD_CTX     *md5_ctx;
 
-  CRYPTO_set_mem_functions((CRYPTO_malloc_t)coc_malloc, CRYPTO_realloc, CRYPTO_free);
+  if (!CRYPTO_set_mem_functions(coc_malloc, CRYPTO_realloc, CRYPTO_free))
+    return 1;
 
-  allocated_size= allocated_count= 0;
+  testing= 1;
+  alloc_size= alloc_count= 0;
   evp_ctx= EVP_CIPHER_CTX_new();
   EVP_CIPHER_CTX_free(evp_ctx);
-  if (allocated_count > 1 || allocated_size > EVP_CIPHER_CTX_SIZE)
+  if (alloc_count != 1 || !alloc_size || alloc_size > EVP_CIPHER_CTX_SIZE)
     return 1;
 
-  allocated_size= allocated_count= 0;
+  alloc_size= alloc_count= 0;
   md5_ctx= EVP_MD_CTX_create();
   EVP_MD_CTX_destroy(md5_ctx);
-  if (allocated_count > 1 || allocated_size > EVP_MD_CTX_SIZE)
+  if (alloc_count != 1 || !alloc_size || alloc_size > EVP_MD_CTX_SIZE)
     return 1;
 
-  CRYPTO_set_mem_functions(CRYPTO_malloc, CRYPTO_realloc, CRYPTO_free);
+  testing= 0;
   return 0;
 }
 #endif
-- 
2.13.3
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.