ac5429b497
Bugs Fixed:
PS-6979: Modify the processing to call clean up functions to remove CREATE USER statement from the processlist after the statement has completed (Upstream #99200)
PS-6860: Merge innodb_buffer_pool_pages_LRU_flushed into buf_get_total_stat()
PS-6811: Correct service failure of asserting ACL_PROXY_USER when skip-name-resolve=1 and there is a Proxy user (Upstream #98908)
PS-6112: Correct Binlog_snapshot_gtid inconsistency when mysqldump was used with –single-transaction.
PS-6945: Correct tokubackup plugin process exported API to allow large file backups.
PS-6856: Correct binlogs corruptions in PS 5.7.28 and 5.7.29 (Upstream #97531)
PS-6946: Correct tokubackup processing to free memory use from the address and thread sanitizers
PS-5893: Add support for running multiple instances with systemD on Debian.
PS-5620: Modify Docker image to support supplying custom TLS certificates
PS-4573: Implement use of a single config file - mysqld.cnf file.
PS-7041: Correct Compilation error when -DWITH_EDITLINE=bundled is used
PS-7020: Modify MTR tests for Ubuntu 20.04 to include python2 (python 2.6 or higher) and python3
PS-6974: Correct instability in the rocksdb.drop_cf_* tests
PS-6969: Correct instability in the rocksdb.index_stats_large_table
PS-6954: Correct tokudb-backup-plugin to avoid collision between -std=c++11 and -std=gnu++03.
PS-6925: Correct mismatched default socket values for mysqld and mysqld_safe
PS-6899: Correct main.events_bugs and main.events_1 to interpret date 01-01-2020 properly (Upstream #98860)
PS-6796: Correct instability in percona_changed_page_bmp_shutdown_thread
PS-6773: Initialize values in sha256_password_authenticate (Upstream #98223)
PS-5844: Fix a memory leak after ‘innodb.alter_crash’ in ‘prepare_inplace_alter_table_dict()’ (Upstream #96472)
PS-5735: Correct 5.7 package to install the charsets on CentOS 7
PS-4757: Remove CHECK_IF_CURL_DEPENDS_ON_RTMP to build keyring_vault for unconditional test
PS-4649: Document PerconaFT in TokuDB which is fractal tree indexing to enhance the B-tree data structure
MFH: 2020Q2
Relnotes: https://www.percona.com/doc/percona-server/5.7/release-notes/Percona-Server-5.7.30-33.html
Security: 21d59ea3-8559-11ea-a5e2-d4c9ef517024 (MySQL - Server)
Security: 622b5c47-855b-11ea-a5e2-d4c9ef517024 (MySQL - Client)
45 lines
1.6 KiB
C
45 lines
1.6 KiB
C
--- vio/viosslfactories.c.orig 2020-05-13 20:59:55 UTC
|
|
+++ vio/viosslfactories.c
|
|
@@ -126,7 +126,7 @@ static DH *get_dh2048(void)
|
|
{
|
|
BIGNUM* p= BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
|
|
BIGNUM* g= BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
|
dh->p= p;
|
|
dh->g= g;
|
|
if (! dh->p || ! dh->g)
|
|
@@ -500,7 +500,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
|
struct st_VioSSLFd *ssl_fd;
|
|
/* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */
|
|
long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3
|
|
-#ifdef HAVE_TLSv13
|
|
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
|
| SSL_OP_NO_TLSv1_3
|
|
#endif /* HAVE_TLSv13 */
|
|
;
|
|
@@ -536,7 +536,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
|
SSL_OP_NO_TLSv1 |
|
|
SSL_OP_NO_TLSv1_1
|
|
| SSL_OP_NO_TLSv1_2
|
|
-#ifdef HAVE_TLSv13
|
|
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
|
| SSL_OP_NO_TLSv1_3
|
|
#endif /* HAVE_TLSv13 */
|
|
| SSL_OP_NO_TICKET
|
|
@@ -557,6 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
|
DBUG_RETURN(0);
|
|
}
|
|
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
|
|
|
|
#ifdef HAVE_TLSv13
|
|
@@ -573,6 +574,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
|
DBUG_RETURN(0);
|
|
}
|
|
#endif /* HAVE_TLSv13 */
|
|
+#endif /* LIBRESSL_VERSION_NUMBER */
|
|
|
|
/*
|
|
We explicitly prohibit weak ciphers.
|