summaryrefslogtreecommitdiff
path: root/vio
diff options
context:
space:
mode:
Diffstat (limited to 'vio')
-rw-r--r--vio/vio.c9
-rw-r--r--vio/viopipe.c4
-rw-r--r--vio/viosocket.c75
-rw-r--r--vio/viossl.c38
-rw-r--r--vio/viosslfactories.c91
5 files changed, 87 insertions, 130 deletions
diff --git a/vio/vio.c b/vio/vio.c
index ee84d27a3d8..52a5387a852 100644
--- a/vio/vio.c
+++ b/vio/vio.c
@@ -22,6 +22,7 @@
*/
#include "vio_priv.h"
+#include "ssl_compat.h"
#ifdef _WIN32
@@ -67,7 +68,7 @@ int vio_shared_memory_shutdown(Vio *vio, int how)
int vio_pipe_shutdown(Vio *vio, int how)
{
- return cancel_io(vio->hPipe, vio->thread_id);
+ return CancelIoEx(vio->hPipe, NULL);
}
#endif
@@ -79,7 +80,7 @@ static void vio_init(Vio *vio, enum enum_vio_type type,
my_socket sd, uint flags)
{
DBUG_ENTER("vio_init");
- DBUG_PRINT("enter", ("type: %d sd: %d flags: %d", type, sd, flags));
+ DBUG_PRINT("enter", ("type: %d sd: %d flags: %d", type, (int)sd, flags));
#ifndef HAVE_VIO_READ_BUFF
flags&= ~VIO_BUFFERED_READ;
@@ -248,7 +249,7 @@ Vio *mysql_socket_vio_new(MYSQL_SOCKET mysql_socket, enum enum_vio_type type, ui
Vio *vio;
my_socket sd= mysql_socket_getfd(mysql_socket);
DBUG_ENTER("mysql_socket_vio_new");
- DBUG_PRINT("enter", ("sd: %d", sd));
+ DBUG_PRINT("enter", ("sd: %d", (int)sd));
if ((vio = (Vio*) my_malloc(sizeof(*vio),MYF(MY_WME))))
{
vio_init(vio, type, sd, flags);
@@ -265,7 +266,7 @@ Vio *vio_new(my_socket sd, enum enum_vio_type type, uint flags)
Vio *vio;
MYSQL_SOCKET mysql_socket= MYSQL_INVALID_SOCKET;
DBUG_ENTER("vio_new");
- DBUG_PRINT("enter", ("sd: %d", sd));
+ DBUG_PRINT("enter", ("sd: %d", (int)sd));
mysql_socket_setfd(&mysql_socket, sd);
vio = mysql_socket_vio_new(mysql_socket, type, flags);
diff --git a/vio/viopipe.c b/vio/viopipe.c
index 2d784ecde61..84643935c13 100644
--- a/vio/viopipe.c
+++ b/vio/viopipe.c
@@ -78,7 +78,7 @@ size_t vio_read_pipe(Vio *vio, uchar *buf, size_t count)
disable_iocp_notification(&vio->overlapped);
/* Attempt to read from the pipe (overlapped I/O). */
- if (ReadFile(vio->hPipe, buf, count, &transferred, &vio->overlapped))
+ if (ReadFile(vio->hPipe, buf, (DWORD)count, &transferred, &vio->overlapped))
{
/* The operation completed immediately. */
ret= transferred;
@@ -101,7 +101,7 @@ size_t vio_write_pipe(Vio *vio, const uchar *buf, size_t count)
disable_iocp_notification(&vio->overlapped);
/* Attempt to write to the pipe (overlapped I/O). */
- if (WriteFile(vio->hPipe, buf, count, &transferred, &vio->overlapped))
+ if (WriteFile(vio->hPipe, buf, (DWORD)count, &transferred, &vio->overlapped))
{
/* The operation completed immediately. */
ret= transferred;
diff --git a/vio/viosocket.c b/vio/viosocket.c
index e22e8e85ff6..6c028c48c46 100644
--- a/vio/viosocket.c
+++ b/vio/viosocket.c
@@ -145,9 +145,9 @@ size_t vio_read(Vio *vio, uchar *buf, size_t size)
ssize_t ret;
int flags= 0;
DBUG_ENTER("vio_read");
- DBUG_PRINT("enter", ("sd: %d buf: %p size: %d",
- mysql_socket_getfd(vio->mysql_socket), buf,
- (int) size));
+ DBUG_PRINT("enter", ("sd: %d buf: %p size: %zu",
+ (int)mysql_socket_getfd(vio->mysql_socket), buf,
+ size));
/* Ensure nobody uses vio_read_buff and vio_read simultaneously. */
DBUG_ASSERT(vio->read_end == vio->read_pos);
@@ -212,9 +212,9 @@ size_t vio_read_buff(Vio *vio, uchar* buf, size_t size)
size_t rc;
#define VIO_UNBUFFERED_READ_MIN_SIZE 2048
DBUG_ENTER("vio_read_buff");
- DBUG_PRINT("enter", ("sd: %d buf: %p size: %d",
- mysql_socket_getfd(vio->mysql_socket),
- buf, (int) size));
+ DBUG_PRINT("enter", ("sd: %d buf: %p size:%zu",
+ (int)mysql_socket_getfd(vio->mysql_socket),
+ buf, size));
if (vio->read_pos < vio->read_end)
{
@@ -259,9 +259,9 @@ size_t vio_write(Vio *vio, const uchar* buf, size_t size)
ssize_t ret;
int flags= 0;
DBUG_ENTER("vio_write");
- DBUG_PRINT("enter", ("sd: %d buf: %p size: %d",
- mysql_socket_getfd(vio->mysql_socket), buf,
- (int) size));
+ DBUG_PRINT("enter", ("sd: %d buf: %p size: %zu",
+ (int)mysql_socket_getfd(vio->mysql_socket), buf,
+ size));
/* If timeout is enabled, do not block. */
if (vio->write_timeout >= 0)
@@ -305,59 +305,12 @@ size_t vio_write(Vio *vio, const uchar* buf, size_t size)
DBUG_RETURN(ret);
}
-#ifdef _WIN32
-static void CALLBACK cancel_io_apc(ULONG_PTR data)
-{
- CancelIo((HANDLE)data);
-}
-
-/*
- Cancel IO on Windows.
-
- On XP, issue CancelIo as asynchronous procedure call to the thread
- that started IO. On Vista+, simpler cancelation is done with
- CancelIoEx.
-*/
-
-int cancel_io(HANDLE handle, DWORD thread_id)
-{
- static BOOL (WINAPI *fp_CancelIoEx) (HANDLE, OVERLAPPED *);
- static volatile int first_time= 1;
- int rc;
- HANDLE thread_handle;
-
- if (first_time)
- {
- /* Try to load CancelIoEx using GetProcAddress */
- InterlockedCompareExchangePointer((volatile void *)&fp_CancelIoEx,
- GetProcAddress(GetModuleHandle("kernel32"), "CancelIoEx"), NULL);
- first_time =0;
- }
-
- if (fp_CancelIoEx)
- {
- return fp_CancelIoEx(handle, NULL)? 0 :-1;
- }
-
- thread_handle= OpenThread(THREAD_SET_CONTEXT, FALSE, thread_id);
- if (thread_handle)
- {
- rc= QueueUserAPC(cancel_io_apc, thread_handle, (ULONG_PTR)handle);
- CloseHandle(thread_handle);
- }
- return rc;
-
-}
-#endif
-
-
int vio_socket_shutdown(Vio *vio, int how)
{
int ret= shutdown(mysql_socket_getfd(vio->mysql_socket), how);
#ifdef _WIN32
/* Cancel possible IO in progress (shutdown does not do that on Windows). */
- (void) cancel_io((HANDLE) mysql_socket_getfd(vio->mysql_socket),
- vio->thread_id);
+ (void) CancelIoEx((HANDLE)mysql_socket_getfd(vio->mysql_socket), NULL);
#endif
return ret;
}
@@ -556,7 +509,7 @@ int vio_keepalive(Vio* vio, my_bool set_keep_alive)
uint opt = 0;
DBUG_ENTER("vio_keepalive");
DBUG_PRINT("enter", ("sd: %d set_keep_alive: %d",
- mysql_socket_getfd(vio->mysql_socket),
+ (int)mysql_socket_getfd(vio->mysql_socket),
(int)set_keep_alive));
if (vio->type != VIO_TYPE_NAMEDPIPE && vio->type != VIO_TYPE_SHARED_MEMORY)
@@ -610,7 +563,7 @@ int vio_close(Vio *vio)
{
int r=0;
DBUG_ENTER("vio_close");
- DBUG_PRINT("enter", ("sd: %d", mysql_socket_getfd(vio->mysql_socket)));
+ DBUG_PRINT("enter", ("sd: %d", (int)mysql_socket_getfd(vio->mysql_socket)));
if (vio->type != VIO_CLOSED)
{
@@ -1343,7 +1296,7 @@ int vio_getnameinfo(const struct sockaddr *sa,
}
return getnameinfo(sa, sa_length,
- hostname, hostname_size,
- port, port_size,
+ hostname, (uint)hostname_size,
+ port, (uint)port_size,
flags);
}
diff --git a/vio/viossl.c b/vio/viossl.c
index 8a81c22c035..02ef41db2de 100644
--- a/vio/viossl.c
+++ b/vio/viossl.c
@@ -124,6 +124,9 @@ static my_bool ssl_should_retry(Vio *vio, int ret, enum enum_vio_io_event *event
default:
should_retry= FALSE;
ssl_set_sys_error(ssl_error);
+#ifndef HAVE_YASSL
+ ERR_clear_error();
+#endif
break;
}
@@ -136,15 +139,15 @@ size_t vio_ssl_read(Vio *vio, uchar *buf, size_t size)
int ret;
SSL *ssl= vio->ssl_arg;
DBUG_ENTER("vio_ssl_read");
- DBUG_PRINT("enter", ("sd: %d buf: %p size: %d ssl: %p",
- mysql_socket_getfd(vio->mysql_socket), buf, (int) size,
+ DBUG_PRINT("enter", ("sd: %d buf: %p size: %zu ssl: %p",
+ (int)mysql_socket_getfd(vio->mysql_socket), buf, size,
vio->ssl_arg));
if (vio->async_context && vio->async_context->active)
- ret= my_ssl_read_async(vio->async_context, (SSL *)vio->ssl_arg, buf, size);
+ ret= my_ssl_read_async(vio->async_context, (SSL *)vio->ssl_arg, buf, (int)size);
else
{
- while ((ret= SSL_read(ssl, buf, size)) < 0)
+ while ((ret= SSL_read(ssl, buf, (int)size)) < 0)
{
enum enum_vio_io_event event;
@@ -168,16 +171,16 @@ size_t vio_ssl_write(Vio *vio, const uchar *buf, size_t size)
int ret;
SSL *ssl= vio->ssl_arg;
DBUG_ENTER("vio_ssl_write");
- DBUG_PRINT("enter", ("sd: %d buf: %p size: %d",
- mysql_socket_getfd(vio->mysql_socket),
- buf, (int) size));
+ DBUG_PRINT("enter", ("sd: %d buf: %p size: %zu",
+ (int)mysql_socket_getfd(vio->mysql_socket),
+ buf, size));
if (vio->async_context && vio->async_context->active)
ret= my_ssl_write_async(vio->async_context, (SSL *)vio->ssl_arg, buf,
- size);
+ (int)size);
else
{
- while ((ret= SSL_write(ssl, buf, size)) < 0)
+ while ((ret= SSL_write(ssl, buf, (int)size)) < 0)
{
enum enum_vio_io_event event;
@@ -200,7 +203,7 @@ size_t vio_ssl_write(Vio *vio, const uchar *buf, size_t size)
static long yassl_recv(void *ptr, void *buf, size_t len,
int flag __attribute__((unused)))
{
- return vio_read(ptr, buf, len);
+ return (long)vio_read(ptr, buf, len);
}
@@ -208,7 +211,7 @@ static long yassl_recv(void *ptr, void *buf, size_t len,
static long yassl_send(void *ptr, const void *buf, size_t len,
int flag __attribute__((unused)))
{
- return vio_write(ptr, buf, len);
+ return (long)vio_write(ptr, buf, len);
}
#endif
@@ -315,24 +318,19 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
{
int r;
SSL *ssl;
- my_bool unused;
- my_bool was_blocking;
my_socket sd= mysql_socket_getfd(vio->mysql_socket);
DBUG_ENTER("ssl_do");
- DBUG_PRINT("enter", ("ptr: 0x%lx, sd: %d ctx: 0x%lx",
- (long) ptr, sd, (long) ptr->ssl_context));
+ DBUG_PRINT("enter", ("ptr: %p, sd: %d ctx: %p",
+ ptr, (int)sd, ptr->ssl_context));
- /* Set socket to blocking if not already set */
- vio_blocking(vio, 1, &was_blocking);
if (!(ssl= SSL_new(ptr->ssl_context)))
{
DBUG_PRINT("error", ("SSL_new failure"));
*errptr= ERR_get_error();
- vio_blocking(vio, was_blocking, &unused);
DBUG_RETURN(1);
}
- DBUG_PRINT("info", ("ssl: 0x%lx timeout: %ld", (long) ssl, timeout));
+ DBUG_PRINT("info", ("ssl: %p timeout: %ld", ssl, timeout));
SSL_clear(ssl);
SSL_SESSION_set_timeout(SSL_get_session(ssl), timeout);
SSL_set_fd(ssl, sd);
@@ -360,7 +358,6 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
DBUG_PRINT("error", ("SSL_connect/accept failure"));
*errptr= SSL_errno(ssl, r);
SSL_free(ssl);
- vio_blocking(vio, was_blocking, &unused);
DBUG_RETURN(1);
}
@@ -371,7 +368,6 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
*/
if (vio_reset(vio, VIO_TYPE_SSL, SSL_get_fd(ssl), ssl, 0))
{
- vio_blocking(vio, was_blocking, &unused);
DBUG_RETURN(1);
}
diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
index 8895cce3d18..8ab7565a666 100644
--- a/vio/viosslfactories.c
+++ b/vio/viosslfactories.c
@@ -15,6 +15,7 @@
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335 USA */
#include "vio_priv.h"
+#include <ssl_compat.h>
#ifdef HAVE_OPENSSL
#ifndef HAVE_YASSL
@@ -26,49 +27,56 @@ static my_bool ssl_algorithms_added = FALSE;
static my_bool ssl_error_strings_loaded= FALSE;
/* the function below was generated with "openssl dhparam -2 -C 2048" */
+
static
DH *get_dh2048()
{
- static unsigned char dh2048_p[]={
- 0xA1,0xBB,0x7C,0x20,0xC5,0x5B,0xC0,0x7B,0x21,0x8B,0xD6,0xA8,
- 0x15,0xFC,0x3B,0xBA,0xAB,0x9F,0xDF,0x68,0xC4,0x79,0x78,0x0D,
- 0xC1,0x12,0x64,0xE4,0x15,0xC9,0x66,0xDB,0xF6,0xCB,0xB3,0x39,
- 0x02,0x5B,0x78,0x62,0xFB,0x09,0xAE,0x09,0x6B,0xDD,0xD4,0x5D,
- 0x97,0xBC,0xDC,0x7F,0xE6,0xD6,0xF1,0xCB,0xF5,0xEB,0xDA,0xA7,
- 0x2E,0x5A,0x43,0x2B,0xE9,0x40,0xE2,0x85,0x00,0x1C,0xC0,0x0A,
- 0x98,0x77,0xA9,0x31,0xDE,0x0B,0x75,0x4D,0x1E,0x1F,0x16,0x83,
- 0xCA,0xDE,0xBD,0x21,0xFC,0xC1,0x82,0x37,0x36,0x33,0x0B,0x66,
- 0x06,0x3C,0xF3,0xAF,0x21,0x57,0x57,0x80,0xF6,0x94,0x1B,0xA9,
- 0xD4,0xF6,0x8F,0x18,0x62,0x0E,0xC4,0x22,0xF9,0x5B,0x62,0xCC,
- 0x3F,0x19,0x95,0xCF,0x4B,0x00,0xA6,0x6C,0x0B,0xAF,0x9F,0xD5,
- 0xFA,0x3D,0x6D,0xDA,0x30,0x83,0x07,0x91,0xAC,0x15,0xFF,0x8F,
- 0x59,0x54,0xEA,0x25,0xBC,0x4E,0xEB,0x6A,0x54,0xDF,0x75,0x09,
- 0x72,0x0F,0xEF,0x23,0x70,0xE0,0xA8,0x04,0xEA,0xFF,0x90,0x54,
- 0xCD,0x84,0x18,0xC0,0x75,0x91,0x99,0x0F,0xA1,0x78,0x0C,0x07,
- 0xB7,0xC5,0xDE,0x55,0x06,0x7B,0x95,0x68,0x2C,0x33,0x39,0xBC,
- 0x2C,0xD0,0x6D,0xDD,0xFA,0xDC,0xB5,0x8F,0x82,0x39,0xF8,0x67,
- 0x44,0xF1,0xD8,0xF7,0x78,0x11,0x9A,0x77,0x9B,0x53,0x47,0xD6,
- 0x2B,0x5D,0x67,0xB8,0xB7,0xBC,0xC1,0xD7,0x79,0x62,0x15,0xC2,
- 0xC5,0x83,0x97,0xA7,0xF8,0xB4,0x9C,0xF6,0x8F,0x9A,0xC7,0xDA,
- 0x1B,0xBB,0x87,0x07,0xA7,0x71,0xAD,0xB2,0x8A,0x50,0xF8,0x26,
- 0x12,0xB7,0x3E,0x0B,
- };
- static unsigned char dh2048_g[]={
- 0x02,
- };
- DH *dh;
-
- if ((dh=DH_new()) == NULL) return(NULL);
- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
- if ((dh->p == NULL) || (dh->g == NULL))
- { DH_free(dh); return(NULL); }
- return(dh);
+ static unsigned char dhp_2048[] = {
+ 0xA1,0xBB,0x7C,0x20,0xC5,0x5B,0xC0,0x7B,0x21,0x8B,0xD6,0xA8,
+ 0x15,0xFC,0x3B,0xBA,0xAB,0x9F,0xDF,0x68,0xC4,0x79,0x78,0x0D,
+ 0xC1,0x12,0x64,0xE4,0x15,0xC9,0x66,0xDB,0xF6,0xCB,0xB3,0x39,
+ 0x02,0x5B,0x78,0x62,0xFB,0x09,0xAE,0x09,0x6B,0xDD,0xD4,0x5D,
+ 0x97,0xBC,0xDC,0x7F,0xE6,0xD6,0xF1,0xCB,0xF5,0xEB,0xDA,0xA7,
+ 0x2E,0x5A,0x43,0x2B,0xE9,0x40,0xE2,0x85,0x00,0x1C,0xC0,0x0A,
+ 0x98,0x77,0xA9,0x31,0xDE,0x0B,0x75,0x4D,0x1E,0x1F,0x16,0x83,
+ 0xCA,0xDE,0xBD,0x21,0xFC,0xC1,0x82,0x37,0x36,0x33,0x0B,0x66,
+ 0x06,0x3C,0xF3,0xAF,0x21,0x57,0x57,0x80,0xF6,0x94,0x1B,0xA9,
+ 0xD4,0xF6,0x8F,0x18,0x62,0x0E,0xC4,0x22,0xF9,0x5B,0x62,0xCC,
+ 0x3F,0x19,0x95,0xCF,0x4B,0x00,0xA6,0x6C,0x0B,0xAF,0x9F,0xD5,
+ 0xFA,0x3D,0x6D,0xDA,0x30,0x83,0x07,0x91,0xAC,0x15,0xFF,0x8F,
+ 0x59,0x54,0xEA,0x25,0xBC,0x4E,0xEB,0x6A,0x54,0xDF,0x75,0x09,
+ 0x72,0x0F,0xEF,0x23,0x70,0xE0,0xA8,0x04,0xEA,0xFF,0x90,0x54,
+ 0xCD,0x84,0x18,0xC0,0x75,0x91,0x99,0x0F,0xA1,0x78,0x0C,0x07,
+ 0xB7,0xC5,0xDE,0x55,0x06,0x7B,0x95,0x68,0x2C,0x33,0x39,0xBC,
+ 0x2C,0xD0,0x6D,0xDD,0xFA,0xDC,0xB5,0x8F,0x82,0x39,0xF8,0x67,
+ 0x44,0xF1,0xD8,0xF7,0x78,0x11,0x9A,0x77,0x9B,0x53,0x47,0xD6,
+ 0x2B,0x5D,0x67,0xB8,0xB7,0xBC,0xC1,0xD7,0x79,0x62,0x15,0xC2,
+ 0xC5,0x83,0x97,0xA7,0xF8,0xB4,0x9C,0xF6,0x8F,0x9A,0xC7,0xDA,
+ 0x1B,0xBB,0x87,0x07,0xA7,0x71,0xAD,0xB2,0x8A,0x50,0xF8,0x26,
+ 0x12,0xB7,0x3E,0x0B,
+ };
+ static unsigned char dhg_2048[] = {
+ 0x02
+ };
+ DH *dh = DH_new();
+ BIGNUM *dhp_bn, *dhg_bn;
+
+ if (dh == NULL)
+ return NULL;
+ dhp_bn = BN_bin2bn(dhp_2048, sizeof (dhp_2048), NULL);
+ dhg_bn = BN_bin2bn(dhg_2048, sizeof (dhg_2048), NULL);
+ if (dhp_bn == NULL || dhg_bn == NULL
+ || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
+ DH_free(dh);
+ BN_free(dhp_bn);
+ BN_free(dhg_bn);
+ return NULL;
+ }
+ return dh;
}
-
static const char*
-ssl_error_string[] =
+ssl_error_string[] =
{
"No error",
"Unable to get certificate",
@@ -92,8 +100,8 @@ vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file,
enum enum_ssl_init_error* error)
{
DBUG_ENTER("vio_set_cert_stuff");
- DBUG_PRINT("enter", ("ctx: 0x%lx cert_file: %s key_file: %s",
- (long) ctx, cert_file, key_file));
+ DBUG_PRINT("enter", ("ctx: %p cert_file: %s key_file: %s",
+ ctx, cert_file, key_file));
if (!cert_file && key_file)
cert_file= key_file;
@@ -148,9 +156,7 @@ static void check_ssl_init()
if (!ssl_algorithms_added)
{
ssl_algorithms_added= TRUE;
- SSL_library_init();
- OpenSSL_add_all_algorithms();
-
+ OPENSSL_init_ssl(0, NULL);
}
if (!ssl_error_strings_loaded)
@@ -205,6 +211,7 @@ new_VioSSLFd(const char *key_file, const char *cert_file,
none of the provided ciphers could be selected
*/
if (cipher &&
+ SSL_CTX_set_ciphersuites(ssl_fd->ssl_context, cipher) == 0 &&
SSL_CTX_set_cipher_list(ssl_fd->ssl_context, cipher) == 0)
{
*error= SSL_INITERR_CIPHERS;