Commit e03f4785 authored by unknown's avatar unknown

Bug#19575 MySQL-shared-5.0.21-0.glibc23 causes segfault in SSL_library_init

 - Include prefix files that renames all public functions in yaSSLs
   OpenSSL API to ya<function_name>. They will otherwise conflict
   with OpenSSL functions if loaded by an application that uses OpenSSL
   as well as libmysqlclient with yaSSL support.


client/Makefile.am:
  Remove $yassl_includes
  ...and one "suspicious line"
config/ac-macros/yassl.m4:
  Remove yassl_includes as they are the same as "normal" include
extra/yassl/include/openssl/crypto.h:
  Add include file "prefix_crypto.h" to rename SSL_* functions to yaSSL_*
extra/yassl/include/openssl/ssl.h:
  Add include file "prefix_crypto.h" to rename SSL_* functions to yaSSL_*
libmysql/Makefile.am:
  Remove yassl_includes
libmysql_r/Makefile.am:
  Remove yassl_includes
libmysqld/Makefile.am:
  Remove yassl_includes
  And one suspicious line
libmysqld/examples/Makefile.am:
  Remove yassl_includes
server-tools/instance-manager/Makefile.am:
  Remove yassl_includes
sql/Makefile.am:
  Remove yassl_includes
tools/Makefile.am:
  Add link with yaSSL libs
vio/Makefile.am:
  Remove yassl_includes
extra/yassl/include/openssl/generate_prefix_files.pl:
  Add utility script to parse the header files to generate the prefix_* files that renames yaSSL SSL_* functions
extra/yassl/include/openssl/prefix_crypto.h:
  Add prefix file for crypto.h
extra/yassl/include/openssl/prefix_ssl.h:
  Add prefix file for ssl.h
parent f04b9f24
......@@ -25,7 +25,7 @@ endif
INCLUDES = -I$(top_builddir)/include \
-I$(top_srcdir)/include \
-I$(top_srcdir)/regex \
$(openssl_includes) $(yassl_includes)
$(openssl_includes)
LIBS = @CLIENT_LIBS@
LDADD= @CLIENT_EXTRA_LDFLAGS@ \
$(top_builddir)/libmysql/libmysqlclient.la
......@@ -69,7 +69,7 @@ link_sources:
done; \
rm -f $(srcdir)/my_user.c; \
@LN_CP_F@ $(top_srcdir)/sql-common/my_user.c my_user.c;
# Don't update the files from bitkeeper
%::SCCS/s.%
......@@ -19,7 +19,6 @@ AC_DEFUN([MYSQL_CHECK_YASSL], [
AC_MSG_RESULT([using bundled yaSSL])
yassl_dir="extra/yassl"
yassl_libs="-L\$(top_srcdir)/extra/yassl/src -lyassl -L\$(top_srcdir)/extra/yassl/taocrypt/src -ltaocrypt"
yassl_includes="-I\$(top_srcdir)/extra/yassl/include"
AC_DEFINE([HAVE_OPENSSL], [1], [Defined by configure. Using yaSSL for OpenSSL emulation.])
AC_DEFINE([HAVE_YASSL], [1], [Defined by configure. Using yaSSL for OpenSSL emulation.])
# System specific checks
......@@ -40,7 +39,6 @@ AC_DEFUN([MYSQL_CHECK_YASSL], [
AC_MSG_RESULT(no)
fi
AC_SUBST(yassl_libs)
AC_SUBST(yassl_includes)
AC_SUBST(yassl_dir)
AM_CONDITIONAL([HAVE_YASSL], [ test "$with_yassl" = "yes" ])
])
......@@ -3,6 +3,8 @@
#ifndef ysSSL_crypto_h__
#define yaSSL_crypto_h__
#include "prefix_crypto.h"
const char* SSLeay_version(int type);
#define SSLEAY_VERSION 0x0900L
......
#!/usr/bin/perl
#
# This script generates defines for all functions
# in yassl/include/openssl/ so they are renamed to
# ya<old_function_name>. Hopefully that is unique enough.
#
# The script is to be run manually when we import
# a new version of yaSSL
#
# Find all functions in "input" and add macros
# to prefix/rename them into "output
sub generate_prefix($$)
{
my $input= shift;
my $output= shift;
open(IN, $input)
or die("Can't open input file $input: $!");
open(OUT, ">", $output)
or mtr_error("Can't open output file $output: $!");
while (<IN>)
{
chomp;
if ( /typedef/ )
{
next;
}
if ( /^\s*[a-zA-Z0-9*_ ]+\s+([_a-zA-Z0-9]+)\s*\(/ )
{
print OUT "#define $1 ya$1\n";
}
}
close OUT;
close IN;
}
generate_prefix("ssl.h", "prefix_ssl.h");
generate_prefix("crypto.h", "prefix_crypto.h");
#define SSLeay_version yaSSLeay_version
#define Copyright yaCopyright
#define yaSSL_CleanUp yayaSSL_CleanUp
#define DH_new yaDH_new
#define DH_free yaDH_free
#define RSA_free yaRSA_free
#define RSA_generate_key yaRSA_generate_key
#define X509_free yaX509_free
#define X509_STORE_CTX_get_current_cert yaX509_STORE_CTX_get_current_cert
#define X509_STORE_CTX_get_error yaX509_STORE_CTX_get_error
#define X509_STORE_CTX_get_error_depth yaX509_STORE_CTX_get_error_depth
#define X509_NAME_oneline yaX509_NAME_oneline
#define X509_get_issuer_name yaX509_get_issuer_name
#define X509_get_subject_name yaX509_get_subject_name
#define X509_verify_cert_error_string yaX509_verify_cert_error_string
#define X509_LOOKUP_add_dir yaX509_LOOKUP_add_dir
#define X509_LOOKUP_load_file yaX509_LOOKUP_load_file
#define X509_LOOKUP_hash_dir yaX509_LOOKUP_hash_dir
#define X509_LOOKUP_file yaX509_LOOKUP_file
#define X509_STORE_add_lookup yaX509_STORE_add_lookup
#define X509_STORE_new yaX509_STORE_new
#define X509_STORE_get_by_subject yaX509_STORE_get_by_subject
#define ERR_get_error_line_data yaERR_get_error_line_data
#define ERR_print_errors_fp yaERR_print_errors_fp
#define ERR_error_string yaERR_error_string
#define ERR_remove_state yaERR_remove_state
#define ERR_get_error yaERR_get_error
#define ERR_peek_error yaERR_peek_error
#define ERR_GET_REASON yaERR_GET_REASON
#define SSL_CTX_new yaSSL_CTX_new
#define SSL_new yaSSL_new
#define SSL_set_fd yaSSL_set_fd
#define SSL_connect yaSSL_connect
#define SSL_write yaSSL_write
#define SSL_read yaSSL_read
#define SSL_accept yaSSL_accept
#define SSL_CTX_free yaSSL_CTX_free
#define SSL_free yaSSL_free
#define SSL_clear yaSSL_clear
#define SSL_shutdown yaSSL_shutdown
#define SSL_set_connect_state yaSSL_set_connect_state
#define SSL_set_accept_state yaSSL_set_accept_state
#define SSL_do_handshake yaSSL_do_handshake
#define SSL_get_cipher yaSSL_get_cipher
#define SSL_get_cipher_name yaSSL_get_cipher_name
#define SSL_get_shared_ciphers yaSSL_get_shared_ciphers
#define SSL_get_cipher_list yaSSL_get_cipher_list
#define SSL_get_version yaSSL_get_version
#define SSLeay_version yaSSLeay_version
#define SSL_get_error yaSSL_get_error
#define SSL_load_error_strings yaSSL_load_error_strings
#define SSL_set_session yaSSL_set_session
#define SSL_get_session yaSSL_get_session
#define SSL_SESSION_set_timeout yaSSL_SESSION_set_timeout
#define SSL_get_peer_certificate yaSSL_get_peer_certificate
#define SSL_get_verify_result yaSSL_get_verify_result
#define SSL_CTX_set_verify yaSSL_CTX_set_verify
#define SSL_CTX_load_verify_locations yaSSL_CTX_load_verify_locations
#define SSL_CTX_set_default_verify_paths yaSSL_CTX_set_default_verify_paths
#define SSL_CTX_check_private_key yaSSL_CTX_check_private_key
#define SSL_CTX_set_session_id_context yaSSL_CTX_set_session_id_context
#define SSL_CTX_set_tmp_rsa_callback yaSSL_CTX_set_tmp_rsa_callback
#define SSL_CTX_set_options yaSSL_CTX_set_options
#define SSL_CTX_set_session_cache_mode yaSSL_CTX_set_session_cache_mode
#define SSL_CTX_set_timeout yaSSL_CTX_set_timeout
#define SSL_CTX_use_certificate_chain_file yaSSL_CTX_use_certificate_chain_file
#define SSL_CTX_set_default_passwd_cb yaSSL_CTX_set_default_passwd_cb
#define SSL_CTX_use_RSAPrivateKey_file yaSSL_CTX_use_RSAPrivateKey_file
#define SSL_CTX_set_info_callback yaSSL_CTX_set_info_callback
#define SSL_CTX_sess_accept yaSSL_CTX_sess_accept
#define SSL_CTX_sess_connect yaSSL_CTX_sess_connect
#define SSL_CTX_sess_accept_good yaSSL_CTX_sess_accept_good
#define SSL_CTX_sess_connect_good yaSSL_CTX_sess_connect_good
#define SSL_CTX_sess_accept_renegotiate yaSSL_CTX_sess_accept_renegotiate
#define SSL_CTX_sess_connect_renegotiate yaSSL_CTX_sess_connect_renegotiate
#define SSL_CTX_sess_hits yaSSL_CTX_sess_hits
#define SSL_CTX_sess_cb_hits yaSSL_CTX_sess_cb_hits
#define SSL_CTX_sess_cache_full yaSSL_CTX_sess_cache_full
#define SSL_CTX_sess_misses yaSSL_CTX_sess_misses
#define SSL_CTX_sess_timeouts yaSSL_CTX_sess_timeouts
#define SSL_CTX_sess_number yaSSL_CTX_sess_number
#define SSL_CTX_sess_get_cache_size yaSSL_CTX_sess_get_cache_size
#define SSL_CTX_get_verify_mode yaSSL_CTX_get_verify_mode
#define SSL_get_verify_mode yaSSL_get_verify_mode
#define SSL_CTX_get_verify_depth yaSSL_CTX_get_verify_depth
#define SSL_get_verify_depth yaSSL_get_verify_depth
#define SSL_get_default_timeout yaSSL_get_default_timeout
#define SSL_CTX_get_session_cache_mode yaSSL_CTX_get_session_cache_mode
#define SSL_session_reused yaSSL_session_reused
#define SSL_set_rfd yaSSL_set_rfd
#define SSL_set_wfd yaSSL_set_wfd
#define SSL_set_shutdown yaSSL_set_shutdown
#define SSL_want_read yaSSL_want_read
#define SSL_want_write yaSSL_want_write
#define SSL_pending yaSSL_pending
#define SSL_CTX_use_certificate_file yaSSL_CTX_use_certificate_file
#define SSL_CTX_use_PrivateKey_file yaSSL_CTX_use_PrivateKey_file
#define SSL_CTX_set_cipher_list yaSSL_CTX_set_cipher_list
#define SSL_CTX_sess_set_cache_size yaSSL_CTX_sess_set_cache_size
#define SSL_CTX_set_tmp_dh yaSSL_CTX_set_tmp_dh
#define OpenSSL_add_all_algorithms yaOpenSSL_add_all_algorithms
#define SSL_library_init yaSSL_library_init
#define SSLeay_add_ssl_algorithms yaSSLeay_add_ssl_algorithms
#define SSL_get_current_cipher yaSSL_get_current_cipher
#define SSL_CIPHER_description yaSSL_CIPHER_description
#define SSL_alert_type_string_long yaSSL_alert_type_string_long
#define SSL_alert_desc_string_long yaSSL_alert_desc_string_long
#define SSL_state_string_long yaSSL_state_string_long
#define EVP_md5 yaEVP_md5
#define EVP_des_ede3_cbc yaEVP_des_ede3_cbc
#define EVP_BytesToKey yaEVP_BytesToKey
#define DES_set_key_unchecked yaDES_set_key_unchecked
#define DES_ede3_cbc_encrypt yaDES_ede3_cbc_encrypt
#define RAND_screen yaRAND_screen
#define RAND_file_name yaRAND_file_name
#define RAND_write_file yaRAND_write_file
#define RAND_load_file yaRAND_load_file
#define RAND_status yaRAND_status
#define DES_set_key yaDES_set_key
#define DES_set_odd_parity yaDES_set_odd_parity
#define DES_ecb_encrypt yaDES_ecb_encrypt
#define SSL_CTX_set_default_passwd_cb_userdata yaSSL_CTX_set_default_passwd_cb_userdata
#define SSL_SESSION_free yaSSL_SESSION_free
#define SSL_get_certificate yaSSL_get_certificate
#define SSL_get_privatekey yaSSL_get_privatekey
#define X509_get_pubkey yaX509_get_pubkey
#define EVP_PKEY_copy_parameters yaEVP_PKEY_copy_parameters
#define EVP_PKEY_free yaEVP_PKEY_free
#define ERR_error_string_n yaERR_error_string_n
#define ERR_free_strings yaERR_free_strings
#define EVP_cleanup yaEVP_cleanup
#define X509_get_ext_d2i yaX509_get_ext_d2i
#define GENERAL_NAMES_free yaGENERAL_NAMES_free
#define sk_GENERAL_NAME_num yask_GENERAL_NAME_num
#define sk_GENERAL_NAME_value yask_GENERAL_NAME_value
#define ASN1_STRING_data yaASN1_STRING_data
#define ASN1_STRING_length yaASN1_STRING_length
#define ASN1_STRING_type yaASN1_STRING_type
#define X509_NAME_get_index_by_NID yaX509_NAME_get_index_by_NID
#define X509_NAME_ENTRY_get_data yaX509_NAME_ENTRY_get_data
#define X509_NAME_get_entry yaX509_NAME_get_entry
#define ASN1_STRING_to_UTF8 yaASN1_STRING_to_UTF8
#define SSLv23_client_method yaSSLv23_client_method
#define SSLv2_client_method yaSSLv2_client_method
#define SSL_get1_session yaSSL_get1_session
#define X509_get_notBefore yaX509_get_notBefore
#define X509_get_notAfter yaX509_get_notAfter
#define MD4_Init yaMD4_Init
#define MD4_Update yaMD4_Update
#define MD4_Final yaMD4_Final
#define MD5_Init yaMD5_Init
#define MD5_Update yaMD5_Update
#define MD5_Final yaMD5_Final
......@@ -28,6 +28,7 @@
#ifndef yaSSL_openssl_h__
#define yaSSL_openssl_h__
#include "prefix_ssl.h"
#include <stdio.h> /* ERR_print fp */
#include "opensslv.h" /* for version number */
#include "rsa.h"
......
......@@ -24,7 +24,7 @@ target = libmysqlclient.la
target_defs = -DUNDEF_THREADS_HACK -DDONT_USE_RAID @LIB_EXTRA_CCFLAGS@
LIBS = @CLIENT_LIBS@
INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include \
$(openssl_includes) $(yassl_includes) @ZLIB_INCLUDES@
$(openssl_includes) @ZLIB_INCLUDES@
include $(srcdir)/Makefile.shared
......
......@@ -25,7 +25,7 @@ target_defs = -DDONT_USE_RAID -DMYSQL_CLIENT @LIB_EXTRA_CCFLAGS@
LIBS = @LIBS@ @ZLIB_LIBS@ @openssl_libs@
INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include \
$(openssl_includes) $(yassl_includes) @ZLIB_INCLUDES@
$(openssl_includes) @ZLIB_INCLUDES@
## automake barfs if you don't use $(srcdir) or $(top_srcdir) in include
include $(top_srcdir)/libmysql/Makefile.shared
......
......@@ -29,7 +29,7 @@ INCLUDES= @bdb_includes@ \
-I$(top_builddir)/include -I$(top_srcdir)/include \
-I$(top_srcdir)/sql -I$(top_srcdir)/sql/examples \
-I$(top_srcdir)/regex \
$(openssl_includes) $(yassl_includes) @ZLIB_INCLUDES@
$(openssl_includes) @ZLIB_INCLUDES@
noinst_LIBRARIES = libmysqld_int.a
pkglib_LIBRARIES = libmysqld.a
......@@ -81,7 +81,7 @@ INC_LIB= $(top_builddir)/regex/libregex.a \
$(top_builddir)/strings/libmystrings.a \
$(top_builddir)/dbug/libdbug.a \
$(top_builddir)/vio/libvio.a
#
# To make it easy for the end user to use the embedded library we
......
......@@ -34,7 +34,7 @@ link_sources:
DEFS = -DEMBEDDED_LIBRARY
INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include -I$(srcdir) \
-I$(top_srcdir) -I$(top_srcdir)/client -I$(top_srcdir)/regex \
$(openssl_includes) $(yassl_includes)
$(openssl_includes)
LIBS = @LIBS@ @WRAPLIBS@ @CLIENT_LIBS@ $(yassl_libs)
LDADD = @CLIENT_EXTRA_LDFLAGS@ ../libmysqld.a @innodb_system_libs@ @LIBDL@ $(CXXLDFLAGS)
......
......@@ -15,7 +15,7 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
INCLUDES= @ZLIB_INCLUDES@ -I$(top_srcdir)/include \
@openssl_includes@ @yassl_includes@ -I$(top_builddir)/include
@openssl_includes@ -I$(top_builddir)/include
DEFS= -DMYSQL_INSTANCE_MANAGER -DMYSQL_SERVER
......
......@@ -22,7 +22,7 @@ MYSQLBASEdir= $(prefix)
INCLUDES = @ZLIB_INCLUDES@ \
@bdb_includes@ @innodb_includes@ @ndbcluster_includes@ \
-I$(top_builddir)/include -I$(top_srcdir)/include \
-I$(top_srcdir)/regex -I$(srcdir) $(yassl_includes) \
-I$(top_srcdir)/regex -I$(srcdir) \
$(openssl_includes)
WRAPLIBS= @WRAPLIBS@
SUBDIRS = share
......
......@@ -24,7 +24,7 @@ INCLUDES= -I$(top_builddir)/include -I$(top_srcdir)/include \
$(openssl_includes)
LDADD= @CLIENT_EXTRA_LDFLAGS@ \
$(top_builddir)/libmysql_r/libmysqlclient_r.la \
@openssl_libs@ @ZLIB_LIBS@
@openssl_libs@ @yassl_libs@ @ZLIB_LIBS@
bin_PROGRAMS= mysqltestmanager
mysqltestmanager_SOURCES= mysqlmanager.c $(yassl_dummy_link_fix)
mysqltestmanager_DEPENDENCIES= $(LIBRARIES) $(pkglib_LTLIBRARIES)
......
......@@ -20,7 +20,7 @@ else
yassl_dummy_link_fix=
endif
INCLUDES= -I$(top_builddir)/include -I$(top_srcdir)/include \
$(openssl_includes) $(yassl_includes)
$(openssl_includes)
LDADD= @CLIENT_EXTRA_LDFLAGS@ $(openssl_libs) $(yassl_libs)
pkglib_LIBRARIES= libvio.a
noinst_PROGRAMS = test-ssl test-sslserver test-sslclient
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment