diff options
Diffstat (limited to 'vio')
-rw-r--r-- | vio/vio.c | 9 | ||||
-rw-r--r-- | vio/viopipe.c | 4 | ||||
-rw-r--r-- | vio/viosocket.c | 75 | ||||
-rw-r--r-- | vio/viossl.c | 38 | ||||
-rw-r--r-- | vio/viosslfactories.c | 91 |
5 files changed, 87 insertions, 130 deletions
diff --git a/vio/vio.c b/vio/vio.c index ee84d27a3d8..52a5387a852 100644 --- a/vio/vio.c +++ b/vio/vio.c @@ -22,6 +22,7 @@ */ #include "vio_priv.h" +#include "ssl_compat.h" #ifdef _WIN32 @@ -67,7 +68,7 @@ int vio_shared_memory_shutdown(Vio *vio, int how) int vio_pipe_shutdown(Vio *vio, int how) { - return cancel_io(vio->hPipe, vio->thread_id); + return CancelIoEx(vio->hPipe, NULL); } #endif @@ -79,7 +80,7 @@ static void vio_init(Vio *vio, enum enum_vio_type type, my_socket sd, uint flags) { DBUG_ENTER("vio_init"); - DBUG_PRINT("enter", ("type: %d sd: %d flags: %d", type, sd, flags)); + DBUG_PRINT("enter", ("type: %d sd: %d flags: %d", type, (int)sd, flags)); #ifndef HAVE_VIO_READ_BUFF flags&= ~VIO_BUFFERED_READ; @@ -248,7 +249,7 @@ Vio *mysql_socket_vio_new(MYSQL_SOCKET mysql_socket, enum enum_vio_type type, ui Vio *vio; my_socket sd= mysql_socket_getfd(mysql_socket); DBUG_ENTER("mysql_socket_vio_new"); - DBUG_PRINT("enter", ("sd: %d", sd)); + DBUG_PRINT("enter", ("sd: %d", (int)sd)); if ((vio = (Vio*) my_malloc(sizeof(*vio),MYF(MY_WME)))) { vio_init(vio, type, sd, flags); @@ -265,7 +266,7 @@ Vio *vio_new(my_socket sd, enum enum_vio_type type, uint flags) Vio *vio; MYSQL_SOCKET mysql_socket= MYSQL_INVALID_SOCKET; DBUG_ENTER("vio_new"); - DBUG_PRINT("enter", ("sd: %d", sd)); + DBUG_PRINT("enter", ("sd: %d", (int)sd)); mysql_socket_setfd(&mysql_socket, sd); vio = mysql_socket_vio_new(mysql_socket, type, flags); diff --git a/vio/viopipe.c b/vio/viopipe.c index 2d784ecde61..84643935c13 100644 --- a/vio/viopipe.c +++ b/vio/viopipe.c @@ -78,7 +78,7 @@ size_t vio_read_pipe(Vio *vio, uchar *buf, size_t count) disable_iocp_notification(&vio->overlapped); /* Attempt to read from the pipe (overlapped I/O). */ - if (ReadFile(vio->hPipe, buf, count, &transferred, &vio->overlapped)) + if (ReadFile(vio->hPipe, buf, (DWORD)count, &transferred, &vio->overlapped)) { /* The operation completed immediately. */ ret= transferred; @@ -101,7 +101,7 @@ size_t vio_write_pipe(Vio *vio, const uchar *buf, size_t count) disable_iocp_notification(&vio->overlapped); /* Attempt to write to the pipe (overlapped I/O). */ - if (WriteFile(vio->hPipe, buf, count, &transferred, &vio->overlapped)) + if (WriteFile(vio->hPipe, buf, (DWORD)count, &transferred, &vio->overlapped)) { /* The operation completed immediately. */ ret= transferred; diff --git a/vio/viosocket.c b/vio/viosocket.c index e22e8e85ff6..6c028c48c46 100644 --- a/vio/viosocket.c +++ b/vio/viosocket.c @@ -145,9 +145,9 @@ size_t vio_read(Vio *vio, uchar *buf, size_t size) ssize_t ret; int flags= 0; DBUG_ENTER("vio_read"); - DBUG_PRINT("enter", ("sd: %d buf: %p size: %d", - mysql_socket_getfd(vio->mysql_socket), buf, - (int) size)); + DBUG_PRINT("enter", ("sd: %d buf: %p size: %zu", + (int)mysql_socket_getfd(vio->mysql_socket), buf, + size)); /* Ensure nobody uses vio_read_buff and vio_read simultaneously. */ DBUG_ASSERT(vio->read_end == vio->read_pos); @@ -212,9 +212,9 @@ size_t vio_read_buff(Vio *vio, uchar* buf, size_t size) size_t rc; #define VIO_UNBUFFERED_READ_MIN_SIZE 2048 DBUG_ENTER("vio_read_buff"); - DBUG_PRINT("enter", ("sd: %d buf: %p size: %d", - mysql_socket_getfd(vio->mysql_socket), - buf, (int) size)); + DBUG_PRINT("enter", ("sd: %d buf: %p size:%zu", + (int)mysql_socket_getfd(vio->mysql_socket), + buf, size)); if (vio->read_pos < vio->read_end) { @@ -259,9 +259,9 @@ size_t vio_write(Vio *vio, const uchar* buf, size_t size) ssize_t ret; int flags= 0; DBUG_ENTER("vio_write"); - DBUG_PRINT("enter", ("sd: %d buf: %p size: %d", - mysql_socket_getfd(vio->mysql_socket), buf, - (int) size)); + DBUG_PRINT("enter", ("sd: %d buf: %p size: %zu", + (int)mysql_socket_getfd(vio->mysql_socket), buf, + size)); /* If timeout is enabled, do not block. */ if (vio->write_timeout >= 0) @@ -305,59 +305,12 @@ size_t vio_write(Vio *vio, const uchar* buf, size_t size) DBUG_RETURN(ret); } -#ifdef _WIN32 -static void CALLBACK cancel_io_apc(ULONG_PTR data) -{ - CancelIo((HANDLE)data); -} - -/* - Cancel IO on Windows. - - On XP, issue CancelIo as asynchronous procedure call to the thread - that started IO. On Vista+, simpler cancelation is done with - CancelIoEx. -*/ - -int cancel_io(HANDLE handle, DWORD thread_id) -{ - static BOOL (WINAPI *fp_CancelIoEx) (HANDLE, OVERLAPPED *); - static volatile int first_time= 1; - int rc; - HANDLE thread_handle; - - if (first_time) - { - /* Try to load CancelIoEx using GetProcAddress */ - InterlockedCompareExchangePointer((volatile void *)&fp_CancelIoEx, - GetProcAddress(GetModuleHandle("kernel32"), "CancelIoEx"), NULL); - first_time =0; - } - - if (fp_CancelIoEx) - { - return fp_CancelIoEx(handle, NULL)? 0 :-1; - } - - thread_handle= OpenThread(THREAD_SET_CONTEXT, FALSE, thread_id); - if (thread_handle) - { - rc= QueueUserAPC(cancel_io_apc, thread_handle, (ULONG_PTR)handle); - CloseHandle(thread_handle); - } - return rc; - -} -#endif - - int vio_socket_shutdown(Vio *vio, int how) { int ret= shutdown(mysql_socket_getfd(vio->mysql_socket), how); #ifdef _WIN32 /* Cancel possible IO in progress (shutdown does not do that on Windows). */ - (void) cancel_io((HANDLE) mysql_socket_getfd(vio->mysql_socket), - vio->thread_id); + (void) CancelIoEx((HANDLE)mysql_socket_getfd(vio->mysql_socket), NULL); #endif return ret; } @@ -556,7 +509,7 @@ int vio_keepalive(Vio* vio, my_bool set_keep_alive) uint opt = 0; DBUG_ENTER("vio_keepalive"); DBUG_PRINT("enter", ("sd: %d set_keep_alive: %d", - mysql_socket_getfd(vio->mysql_socket), + (int)mysql_socket_getfd(vio->mysql_socket), (int)set_keep_alive)); if (vio->type != VIO_TYPE_NAMEDPIPE && vio->type != VIO_TYPE_SHARED_MEMORY) @@ -610,7 +563,7 @@ int vio_close(Vio *vio) { int r=0; DBUG_ENTER("vio_close"); - DBUG_PRINT("enter", ("sd: %d", mysql_socket_getfd(vio->mysql_socket))); + DBUG_PRINT("enter", ("sd: %d", (int)mysql_socket_getfd(vio->mysql_socket))); if (vio->type != VIO_CLOSED) { @@ -1343,7 +1296,7 @@ int vio_getnameinfo(const struct sockaddr *sa, } return getnameinfo(sa, sa_length, - hostname, hostname_size, - port, port_size, + hostname, (uint)hostname_size, + port, (uint)port_size, flags); } diff --git a/vio/viossl.c b/vio/viossl.c index 8a81c22c035..02ef41db2de 100644 --- a/vio/viossl.c +++ b/vio/viossl.c @@ -124,6 +124,9 @@ static my_bool ssl_should_retry(Vio *vio, int ret, enum enum_vio_io_event *event default: should_retry= FALSE; ssl_set_sys_error(ssl_error); +#ifndef HAVE_YASSL + ERR_clear_error(); +#endif break; } @@ -136,15 +139,15 @@ size_t vio_ssl_read(Vio *vio, uchar *buf, size_t size) int ret; SSL *ssl= vio->ssl_arg; DBUG_ENTER("vio_ssl_read"); - DBUG_PRINT("enter", ("sd: %d buf: %p size: %d ssl: %p", - mysql_socket_getfd(vio->mysql_socket), buf, (int) size, + DBUG_PRINT("enter", ("sd: %d buf: %p size: %zu ssl: %p", + (int)mysql_socket_getfd(vio->mysql_socket), buf, size, vio->ssl_arg)); if (vio->async_context && vio->async_context->active) - ret= my_ssl_read_async(vio->async_context, (SSL *)vio->ssl_arg, buf, size); + ret= my_ssl_read_async(vio->async_context, (SSL *)vio->ssl_arg, buf, (int)size); else { - while ((ret= SSL_read(ssl, buf, size)) < 0) + while ((ret= SSL_read(ssl, buf, (int)size)) < 0) { enum enum_vio_io_event event; @@ -168,16 +171,16 @@ size_t vio_ssl_write(Vio *vio, const uchar *buf, size_t size) int ret; SSL *ssl= vio->ssl_arg; DBUG_ENTER("vio_ssl_write"); - DBUG_PRINT("enter", ("sd: %d buf: %p size: %d", - mysql_socket_getfd(vio->mysql_socket), - buf, (int) size)); + DBUG_PRINT("enter", ("sd: %d buf: %p size: %zu", + (int)mysql_socket_getfd(vio->mysql_socket), + buf, size)); if (vio->async_context && vio->async_context->active) ret= my_ssl_write_async(vio->async_context, (SSL *)vio->ssl_arg, buf, - size); + (int)size); else { - while ((ret= SSL_write(ssl, buf, size)) < 0) + while ((ret= SSL_write(ssl, buf, (int)size)) < 0) { enum enum_vio_io_event event; @@ -200,7 +203,7 @@ size_t vio_ssl_write(Vio *vio, const uchar *buf, size_t size) static long yassl_recv(void *ptr, void *buf, size_t len, int flag __attribute__((unused))) { - return vio_read(ptr, buf, len); + return (long)vio_read(ptr, buf, len); } @@ -208,7 +211,7 @@ static long yassl_recv(void *ptr, void *buf, size_t len, static long yassl_send(void *ptr, const void *buf, size_t len, int flag __attribute__((unused))) { - return vio_write(ptr, buf, len); + return (long)vio_write(ptr, buf, len); } #endif @@ -315,24 +318,19 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout, { int r; SSL *ssl; - my_bool unused; - my_bool was_blocking; my_socket sd= mysql_socket_getfd(vio->mysql_socket); DBUG_ENTER("ssl_do"); - DBUG_PRINT("enter", ("ptr: 0x%lx, sd: %d ctx: 0x%lx", - (long) ptr, sd, (long) ptr->ssl_context)); + DBUG_PRINT("enter", ("ptr: %p, sd: %d ctx: %p", + ptr, (int)sd, ptr->ssl_context)); - /* Set socket to blocking if not already set */ - vio_blocking(vio, 1, &was_blocking); if (!(ssl= SSL_new(ptr->ssl_context))) { DBUG_PRINT("error", ("SSL_new failure")); *errptr= ERR_get_error(); - vio_blocking(vio, was_blocking, &unused); DBUG_RETURN(1); } - DBUG_PRINT("info", ("ssl: 0x%lx timeout: %ld", (long) ssl, timeout)); + DBUG_PRINT("info", ("ssl: %p timeout: %ld", ssl, timeout)); SSL_clear(ssl); SSL_SESSION_set_timeout(SSL_get_session(ssl), timeout); SSL_set_fd(ssl, sd); @@ -360,7 +358,6 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout, DBUG_PRINT("error", ("SSL_connect/accept failure")); *errptr= SSL_errno(ssl, r); SSL_free(ssl); - vio_blocking(vio, was_blocking, &unused); DBUG_RETURN(1); } @@ -371,7 +368,6 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout, */ if (vio_reset(vio, VIO_TYPE_SSL, SSL_get_fd(ssl), ssl, 0)) { - vio_blocking(vio, was_blocking, &unused); DBUG_RETURN(1); } diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c index 8895cce3d18..8ab7565a666 100644 --- a/vio/viosslfactories.c +++ b/vio/viosslfactories.c @@ -15,6 +15,7 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335 USA */ #include "vio_priv.h" +#include <ssl_compat.h> #ifdef HAVE_OPENSSL #ifndef HAVE_YASSL @@ -26,49 +27,56 @@ static my_bool ssl_algorithms_added = FALSE; static my_bool ssl_error_strings_loaded= FALSE; /* the function below was generated with "openssl dhparam -2 -C 2048" */ + static DH *get_dh2048() { - static unsigned char dh2048_p[]={ - 0xA1,0xBB,0x7C,0x20,0xC5,0x5B,0xC0,0x7B,0x21,0x8B,0xD6,0xA8, - 0x15,0xFC,0x3B,0xBA,0xAB,0x9F,0xDF,0x68,0xC4,0x79,0x78,0x0D, - 0xC1,0x12,0x64,0xE4,0x15,0xC9,0x66,0xDB,0xF6,0xCB,0xB3,0x39, - 0x02,0x5B,0x78,0x62,0xFB,0x09,0xAE,0x09,0x6B,0xDD,0xD4,0x5D, - 0x97,0xBC,0xDC,0x7F,0xE6,0xD6,0xF1,0xCB,0xF5,0xEB,0xDA,0xA7, - 0x2E,0x5A,0x43,0x2B,0xE9,0x40,0xE2,0x85,0x00,0x1C,0xC0,0x0A, - 0x98,0x77,0xA9,0x31,0xDE,0x0B,0x75,0x4D,0x1E,0x1F,0x16,0x83, - 0xCA,0xDE,0xBD,0x21,0xFC,0xC1,0x82,0x37,0x36,0x33,0x0B,0x66, - 0x06,0x3C,0xF3,0xAF,0x21,0x57,0x57,0x80,0xF6,0x94,0x1B,0xA9, - 0xD4,0xF6,0x8F,0x18,0x62,0x0E,0xC4,0x22,0xF9,0x5B,0x62,0xCC, - 0x3F,0x19,0x95,0xCF,0x4B,0x00,0xA6,0x6C,0x0B,0xAF,0x9F,0xD5, - 0xFA,0x3D,0x6D,0xDA,0x30,0x83,0x07,0x91,0xAC,0x15,0xFF,0x8F, - 0x59,0x54,0xEA,0x25,0xBC,0x4E,0xEB,0x6A,0x54,0xDF,0x75,0x09, - 0x72,0x0F,0xEF,0x23,0x70,0xE0,0xA8,0x04,0xEA,0xFF,0x90,0x54, - 0xCD,0x84,0x18,0xC0,0x75,0x91,0x99,0x0F,0xA1,0x78,0x0C,0x07, - 0xB7,0xC5,0xDE,0x55,0x06,0x7B,0x95,0x68,0x2C,0x33,0x39,0xBC, - 0x2C,0xD0,0x6D,0xDD,0xFA,0xDC,0xB5,0x8F,0x82,0x39,0xF8,0x67, - 0x44,0xF1,0xD8,0xF7,0x78,0x11,0x9A,0x77,0x9B,0x53,0x47,0xD6, - 0x2B,0x5D,0x67,0xB8,0xB7,0xBC,0xC1,0xD7,0x79,0x62,0x15,0xC2, - 0xC5,0x83,0x97,0xA7,0xF8,0xB4,0x9C,0xF6,0x8F,0x9A,0xC7,0xDA, - 0x1B,0xBB,0x87,0x07,0xA7,0x71,0xAD,0xB2,0x8A,0x50,0xF8,0x26, - 0x12,0xB7,0x3E,0x0B, - }; - static unsigned char dh2048_g[]={ - 0x02, - }; - DH *dh; - - if ((dh=DH_new()) == NULL) return(NULL); - dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); - dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); - if ((dh->p == NULL) || (dh->g == NULL)) - { DH_free(dh); return(NULL); } - return(dh); + static unsigned char dhp_2048[] = { + 0xA1,0xBB,0x7C,0x20,0xC5,0x5B,0xC0,0x7B,0x21,0x8B,0xD6,0xA8, + 0x15,0xFC,0x3B,0xBA,0xAB,0x9F,0xDF,0x68,0xC4,0x79,0x78,0x0D, + 0xC1,0x12,0x64,0xE4,0x15,0xC9,0x66,0xDB,0xF6,0xCB,0xB3,0x39, + 0x02,0x5B,0x78,0x62,0xFB,0x09,0xAE,0x09,0x6B,0xDD,0xD4,0x5D, + 0x97,0xBC,0xDC,0x7F,0xE6,0xD6,0xF1,0xCB,0xF5,0xEB,0xDA,0xA7, + 0x2E,0x5A,0x43,0x2B,0xE9,0x40,0xE2,0x85,0x00,0x1C,0xC0,0x0A, + 0x98,0x77,0xA9,0x31,0xDE,0x0B,0x75,0x4D,0x1E,0x1F,0x16,0x83, + 0xCA,0xDE,0xBD,0x21,0xFC,0xC1,0x82,0x37,0x36,0x33,0x0B,0x66, + 0x06,0x3C,0xF3,0xAF,0x21,0x57,0x57,0x80,0xF6,0x94,0x1B,0xA9, + 0xD4,0xF6,0x8F,0x18,0x62,0x0E,0xC4,0x22,0xF9,0x5B,0x62,0xCC, + 0x3F,0x19,0x95,0xCF,0x4B,0x00,0xA6,0x6C,0x0B,0xAF,0x9F,0xD5, + 0xFA,0x3D,0x6D,0xDA,0x30,0x83,0x07,0x91,0xAC,0x15,0xFF,0x8F, + 0x59,0x54,0xEA,0x25,0xBC,0x4E,0xEB,0x6A,0x54,0xDF,0x75,0x09, + 0x72,0x0F,0xEF,0x23,0x70,0xE0,0xA8,0x04,0xEA,0xFF,0x90,0x54, + 0xCD,0x84,0x18,0xC0,0x75,0x91,0x99,0x0F,0xA1,0x78,0x0C,0x07, + 0xB7,0xC5,0xDE,0x55,0x06,0x7B,0x95,0x68,0x2C,0x33,0x39,0xBC, + 0x2C,0xD0,0x6D,0xDD,0xFA,0xDC,0xB5,0x8F,0x82,0x39,0xF8,0x67, + 0x44,0xF1,0xD8,0xF7,0x78,0x11,0x9A,0x77,0x9B,0x53,0x47,0xD6, + 0x2B,0x5D,0x67,0xB8,0xB7,0xBC,0xC1,0xD7,0x79,0x62,0x15,0xC2, + 0xC5,0x83,0x97,0xA7,0xF8,0xB4,0x9C,0xF6,0x8F,0x9A,0xC7,0xDA, + 0x1B,0xBB,0x87,0x07,0xA7,0x71,0xAD,0xB2,0x8A,0x50,0xF8,0x26, + 0x12,0xB7,0x3E,0x0B, + }; + static unsigned char dhg_2048[] = { + 0x02 + }; + DH *dh = DH_new(); + BIGNUM *dhp_bn, *dhg_bn; + + if (dh == NULL) + return NULL; + dhp_bn = BN_bin2bn(dhp_2048, sizeof (dhp_2048), NULL); + dhg_bn = BN_bin2bn(dhg_2048, sizeof (dhg_2048), NULL); + if (dhp_bn == NULL || dhg_bn == NULL + || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) { + DH_free(dh); + BN_free(dhp_bn); + BN_free(dhg_bn); + return NULL; + } + return dh; } - static const char* -ssl_error_string[] = +ssl_error_string[] = { "No error", "Unable to get certificate", @@ -92,8 +100,8 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file, enum enum_ssl_init_error* error) { DBUG_ENTER("vio_set_cert_stuff"); - DBUG_PRINT("enter", ("ctx: 0x%lx cert_file: %s key_file: %s", - (long) ctx, cert_file, key_file)); + DBUG_PRINT("enter", ("ctx: %p cert_file: %s key_file: %s", + ctx, cert_file, key_file)); if (!cert_file && key_file) cert_file= key_file; @@ -148,9 +156,7 @@ static void check_ssl_init() if (!ssl_algorithms_added) { ssl_algorithms_added= TRUE; - SSL_library_init(); - OpenSSL_add_all_algorithms(); - + OPENSSL_init_ssl(0, NULL); } if (!ssl_error_strings_loaded) @@ -205,6 +211,7 @@ new_VioSSLFd(const char *key_file, const char *cert_file, none of the provided ciphers could be selected */ if (cipher && + SSL_CTX_set_ciphersuites(ssl_fd->ssl_context, cipher) == 0 && SSL_CTX_set_cipher_list(ssl_fd->ssl_context, cipher) == 0) { *error= SSL_INITERR_CIPHERS; |