diff --git a/mysys_ssl/my_aes_openssl.cc b/mysys_ssl/my_aes_openssl.cc index 261ba8a..719f7d0 100644 --- a/mysys_ssl/my_aes_openssl.cc +++ b/mysys_ssl/my_aes_openssl.cc @@ -122,7 +122,7 @@ int my_aes_encrypt(const unsigned char *source, uint32 source_length, enum my_aes_opmode mode, const unsigned char *iv, bool padding) { - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new(); const EVP_CIPHER *cipher= aes_evp_type(mode); int u_len, f_len; /* The real key to be used for encryption */ @@ -132,23 +132,25 @@ int my_aes_encrypt(const unsigned char *source, uint32 source_length, if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) return MY_AES_BAD_DATA; - if (!EVP_EncryptInit(&ctx, cipher, rkey, iv)) + if (!EVP_EncryptInit(ctx, cipher, rkey, iv)) goto aes_error; /* Error */ - if (!EVP_CIPHER_CTX_set_padding(&ctx, padding)) + if (!EVP_CIPHER_CTX_set_padding(ctx, padding)) goto aes_error; /* Error */ - if (!EVP_EncryptUpdate(&ctx, dest, &u_len, source, source_length)) + if (!EVP_EncryptUpdate(ctx, dest, &u_len, source, source_length)) goto aes_error; /* Error */ - if (!EVP_EncryptFinal(&ctx, dest + u_len, &f_len)) + if (!EVP_EncryptFinal(ctx, dest + u_len, &f_len)) goto aes_error; /* Error */ - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_cleanup(ctx); + EVP_CIPHER_CTX_free(ctx); return u_len + f_len; aes_error: /* need to explicitly clean up the error if we want to ignore it */ ERR_clear_error(); - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_cleanup(ctx); + EVP_CIPHER_CTX_free(ctx); return MY_AES_BAD_DATA; } @@ -159,8 +161,8 @@ int my_aes_decrypt(const unsigned char *source, uint32 source_length, bool padding) { - EVP_CIPHER_CTX ctx; - const EVP_CIPHER *cipher= aes_evp_type(mode); + EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new(); + const EVP_CIPHER* cipher = aes_evp_type(mode); int u_len, f_len; /* The real key to be used for decryption */ @@ -170,24 +172,26 @@ int my_aes_decrypt(const unsigned char *source, uint32 source_length, if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) return MY_AES_BAD_DATA; - EVP_CIPHER_CTX_init(&ctx); + EVP_CIPHER_CTX_init(ctx); - if (!EVP_DecryptInit(&ctx, aes_evp_type(mode), rkey, iv)) + if (!EVP_DecryptInit(ctx, aes_evp_type(mode), rkey, iv)) goto aes_error; /* Error */ - if (!EVP_CIPHER_CTX_set_padding(&ctx, padding)) + if (!EVP_CIPHER_CTX_set_padding(ctx, padding)) goto aes_error; /* Error */ - if (!EVP_DecryptUpdate(&ctx, dest, &u_len, source, source_length)) + if (!EVP_DecryptUpdate(ctx, dest, &u_len, source, source_length)) goto aes_error; /* Error */ - if (!EVP_DecryptFinal_ex(&ctx, dest + u_len, &f_len)) + if (!EVP_DecryptFinal_ex(ctx, dest + u_len, &f_len)) goto aes_error; /* Error */ - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_cleanup(ctx); + EVP_CIPHER_CTX_free(ctx); return u_len + f_len; aes_error: /* need to explicitly clean up the error if we want to ignore it */ ERR_clear_error(); - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_cleanup(ctx); + EVP_CIPHER_CTX_free(ctx); return MY_AES_BAD_DATA; } diff --git a/sql-common/client_authentication.cc b/sql-common/client_authentication.cc index a6ff23e..0ffd612 100644 --- a/sql-common/client_authentication.cc +++ b/sql-common/client_authentication.cc @@ -83,7 +83,7 @@ RSA *rsa_init(MYSQL *mysql) if (mysql->options.extension != NULL && mysql->options.extension->server_public_key_path != NULL && - mysql->options.extension->server_public_key_path != '\0') + *mysql->options.extension->server_public_key_path != '\0') { pub_key_file= fopen(mysql->options.extension->server_public_key_path, "r"); diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c index da5449a..b526653 100644 --- a/vio/viosslfactories.c +++ b/vio/viosslfactories.c @@ -121,6 +121,9 @@ static DH *get_dh2048(void) DH *dh; if ((dh=DH_new())) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + DH_set0_pqg(dh, BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL), NULL, BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL)); +#else dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); if (! dh->p || ! dh->g) @@ -128,6 +131,7 @@ static DH *get_dh2048(void) DH_free(dh); dh=0; } +#endif } return(dh); }