From 759e46229fbf84a2d12846ef8d100e617e609aaf Mon Sep 17 00:00:00 2001
From: Sergei Golubchik <serg@mariadb.org>
Date: Wed, 3 May 2017 21:22:59 +0200
Subject: MDEV-10332  support for OpenSSL 1.1 and LibreSSL

post-review fixes:
* move all ssl implementation related ifdefs/defines to one file
  (ssl_compat.h)
* work around OpenSSL-1.1 desire to malloc every EVP context by
  run-time checking that context allocated on the stack is big enough
  (openssl.c)
* use newer version of the AWS SDK for OpenSSL 1.1
* use get_dh2048() function as generated by openssl 1.1
  (viosslfactories.c)
---
 sql-common/client.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

(limited to 'sql-common/client.c')

diff --git a/sql-common/client.c b/sql-common/client.c
index 2aba1f99f33..5af8c737889 100644
--- a/sql-common/client.c
+++ b/sql-common/client.c
@@ -104,11 +104,8 @@ my_bool	net_flush(NET *net);
 #define CONNECT_TIMEOUT 0
 #endif
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) || defined(HAVE_YASSL)
-#define ASN1_STRING_get0_data(X) ASN1_STRING_data(X)
-#endif
-
 #include "client_settings.h"
+#include <ssl_compat.h>
 #include <sql_common.h>
 #include <mysql/client_plugin.h>
 #include <my_context.h>
@@ -1773,9 +1770,8 @@ mysql_get_ssl_cipher(MYSQL *mysql __attribute__((unused)))
 
 #if defined(HAVE_OPENSSL)
 
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(HAVE_YASSL)
+#ifdef HAVE_X509_check_host
 #include <openssl/x509v3.h>
-#define HAVE_X509_check_host
 #endif
 
 static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const char **errptr)
-- 
cgit v1.2.1