From e03f47859fe2fdbe465613712448a65dcdfc03ac Mon Sep 17 00:00:00 2001 From: unknown Date: Wed, 31 May 2006 16:19:06 +0200 Subject: [PATCH] Bug#19575 MySQL-shared-5.0.21-0.glibc23 causes segfault in SSL_library_init - Include prefix files that renames all public functions in yaSSLs OpenSSL API to ya. They will otherwise conflict with OpenSSL functions if loaded by an application that uses OpenSSL as well as libmysqlclient with yaSSL support. client/Makefile.am: Remove $yassl_includes ...and one "suspicious line" config/ac-macros/yassl.m4: Remove yassl_includes as they are the same as "normal" include extra/yassl/include/openssl/crypto.h: Add include file "prefix_crypto.h" to rename SSL_* functions to yaSSL_* extra/yassl/include/openssl/ssl.h: Add include file "prefix_crypto.h" to rename SSL_* functions to yaSSL_* libmysql/Makefile.am: Remove yassl_includes libmysql_r/Makefile.am: Remove yassl_includes libmysqld/Makefile.am: Remove yassl_includes And one suspicious line libmysqld/examples/Makefile.am: Remove yassl_includes server-tools/instance-manager/Makefile.am: Remove yassl_includes sql/Makefile.am: Remove yassl_includes tools/Makefile.am: Add link with yaSSL libs vio/Makefile.am: Remove yassl_includes extra/yassl/include/openssl/generate_prefix_files.pl: Add utility script to parse the header files to generate the prefix_* files that renames yaSSL SSL_* functions extra/yassl/include/openssl/prefix_crypto.h: Add prefix file for crypto.h extra/yassl/include/openssl/prefix_ssl.h: Add prefix file for ssl.h --- client/Makefile.am | 4 +- config/ac-macros/yassl.m4 | 2 - extra/yassl/include/openssl/crypto.h | 2 + .../include/openssl/generate_prefix_files.pl | 45 ++++++ extra/yassl/include/openssl/prefix_crypto.h | 1 + extra/yassl/include/openssl/prefix_ssl.h | 152 ++++++++++++++++++ extra/yassl/include/openssl/ssl.h | 1 + libmysql/Makefile.am | 2 +- libmysql_r/Makefile.am | 2 +- libmysqld/Makefile.am | 4 +- libmysqld/examples/Makefile.am | 2 +- server-tools/instance-manager/Makefile.am | 2 +- sql/Makefile.am | 2 +- tools/Makefile.am | 2 +- vio/Makefile.am | 2 +- 15 files changed, 212 insertions(+), 13 deletions(-) create mode 100755 extra/yassl/include/openssl/generate_prefix_files.pl create mode 100644 extra/yassl/include/openssl/prefix_crypto.h create mode 100644 extra/yassl/include/openssl/prefix_ssl.h diff --git a/client/Makefile.am b/client/Makefile.am index 9d133125a0d..5787905fd35 100644 --- a/client/Makefile.am +++ b/client/Makefile.am @@ -25,7 +25,7 @@ endif INCLUDES = -I$(top_builddir)/include \ -I$(top_srcdir)/include \ -I$(top_srcdir)/regex \ - $(openssl_includes) $(yassl_includes) + $(openssl_includes) LIBS = @CLIENT_LIBS@ LDADD= @CLIENT_EXTRA_LDFLAGS@ \ $(top_builddir)/libmysql/libmysqlclient.la @@ -69,7 +69,7 @@ link_sources: done; \ rm -f $(srcdir)/my_user.c; \ @LN_CP_F@ $(top_srcdir)/sql-common/my_user.c my_user.c; - + # Don't update the files from bitkeeper %::SCCS/s.% diff --git a/config/ac-macros/yassl.m4 b/config/ac-macros/yassl.m4 index 5beb87c7652..2dc231c1f5a 100644 --- a/config/ac-macros/yassl.m4 +++ b/config/ac-macros/yassl.m4 @@ -19,7 +19,6 @@ AC_DEFUN([MYSQL_CHECK_YASSL], [ AC_MSG_RESULT([using bundled yaSSL]) yassl_dir="extra/yassl" yassl_libs="-L\$(top_srcdir)/extra/yassl/src -lyassl -L\$(top_srcdir)/extra/yassl/taocrypt/src -ltaocrypt" - yassl_includes="-I\$(top_srcdir)/extra/yassl/include" AC_DEFINE([HAVE_OPENSSL], [1], [Defined by configure. Using yaSSL for OpenSSL emulation.]) AC_DEFINE([HAVE_YASSL], [1], [Defined by configure. Using yaSSL for OpenSSL emulation.]) # System specific checks @@ -40,7 +39,6 @@ AC_DEFUN([MYSQL_CHECK_YASSL], [ AC_MSG_RESULT(no) fi AC_SUBST(yassl_libs) - AC_SUBST(yassl_includes) AC_SUBST(yassl_dir) AM_CONDITIONAL([HAVE_YASSL], [ test "$with_yassl" = "yes" ]) ]) diff --git a/extra/yassl/include/openssl/crypto.h b/extra/yassl/include/openssl/crypto.h index 4a0c1db0df1..12b7ea0e92d 100644 --- a/extra/yassl/include/openssl/crypto.h +++ b/extra/yassl/include/openssl/crypto.h @@ -3,6 +3,8 @@ #ifndef ysSSL_crypto_h__ #define yaSSL_crypto_h__ +#include "prefix_crypto.h" + const char* SSLeay_version(int type); #define SSLEAY_VERSION 0x0900L diff --git a/extra/yassl/include/openssl/generate_prefix_files.pl b/extra/yassl/include/openssl/generate_prefix_files.pl new file mode 100755 index 00000000000..b921ee11e9a --- /dev/null +++ b/extra/yassl/include/openssl/generate_prefix_files.pl @@ -0,0 +1,45 @@ +#!/usr/bin/perl +# +# This script generates defines for all functions +# in yassl/include/openssl/ so they are renamed to +# ya. Hopefully that is unique enough. +# +# The script is to be run manually when we import +# a new version of yaSSL +# + + + +# Find all functions in "input" and add macros +# to prefix/rename them into "output +sub generate_prefix($$) +{ + my $input= shift; + my $output= shift; + open(IN, $input) + or die("Can't open input file $input: $!"); + open(OUT, ">", $output) + or mtr_error("Can't open output file $output: $!"); + + while () + { + chomp; + + if ( /typedef/ ) + { + next; + } + + if ( /^\s*[a-zA-Z0-9*_ ]+\s+([_a-zA-Z0-9]+)\s*\(/ ) + { + print OUT "#define $1 ya$1\n"; + } + } + + close OUT; + close IN; +} + +generate_prefix("ssl.h", "prefix_ssl.h"); +generate_prefix("crypto.h", "prefix_crypto.h"); + diff --git a/extra/yassl/include/openssl/prefix_crypto.h b/extra/yassl/include/openssl/prefix_crypto.h new file mode 100644 index 00000000000..3fa5f32c627 --- /dev/null +++ b/extra/yassl/include/openssl/prefix_crypto.h @@ -0,0 +1 @@ +#define SSLeay_version yaSSLeay_version diff --git a/extra/yassl/include/openssl/prefix_ssl.h b/extra/yassl/include/openssl/prefix_ssl.h new file mode 100644 index 00000000000..7f815156f47 --- /dev/null +++ b/extra/yassl/include/openssl/prefix_ssl.h @@ -0,0 +1,152 @@ +#define Copyright yaCopyright +#define yaSSL_CleanUp yayaSSL_CleanUp +#define DH_new yaDH_new +#define DH_free yaDH_free +#define RSA_free yaRSA_free +#define RSA_generate_key yaRSA_generate_key +#define X509_free yaX509_free +#define X509_STORE_CTX_get_current_cert yaX509_STORE_CTX_get_current_cert +#define X509_STORE_CTX_get_error yaX509_STORE_CTX_get_error +#define X509_STORE_CTX_get_error_depth yaX509_STORE_CTX_get_error_depth +#define X509_NAME_oneline yaX509_NAME_oneline +#define X509_get_issuer_name yaX509_get_issuer_name +#define X509_get_subject_name yaX509_get_subject_name +#define X509_verify_cert_error_string yaX509_verify_cert_error_string +#define X509_LOOKUP_add_dir yaX509_LOOKUP_add_dir +#define X509_LOOKUP_load_file yaX509_LOOKUP_load_file +#define X509_LOOKUP_hash_dir yaX509_LOOKUP_hash_dir +#define X509_LOOKUP_file yaX509_LOOKUP_file +#define X509_STORE_add_lookup yaX509_STORE_add_lookup +#define X509_STORE_new yaX509_STORE_new +#define X509_STORE_get_by_subject yaX509_STORE_get_by_subject +#define ERR_get_error_line_data yaERR_get_error_line_data +#define ERR_print_errors_fp yaERR_print_errors_fp +#define ERR_error_string yaERR_error_string +#define ERR_remove_state yaERR_remove_state +#define ERR_get_error yaERR_get_error +#define ERR_peek_error yaERR_peek_error +#define ERR_GET_REASON yaERR_GET_REASON +#define SSL_CTX_new yaSSL_CTX_new +#define SSL_new yaSSL_new +#define SSL_set_fd yaSSL_set_fd +#define SSL_connect yaSSL_connect +#define SSL_write yaSSL_write +#define SSL_read yaSSL_read +#define SSL_accept yaSSL_accept +#define SSL_CTX_free yaSSL_CTX_free +#define SSL_free yaSSL_free +#define SSL_clear yaSSL_clear +#define SSL_shutdown yaSSL_shutdown +#define SSL_set_connect_state yaSSL_set_connect_state +#define SSL_set_accept_state yaSSL_set_accept_state +#define SSL_do_handshake yaSSL_do_handshake +#define SSL_get_cipher yaSSL_get_cipher +#define SSL_get_cipher_name yaSSL_get_cipher_name +#define SSL_get_shared_ciphers yaSSL_get_shared_ciphers +#define SSL_get_cipher_list yaSSL_get_cipher_list +#define SSL_get_version yaSSL_get_version +#define SSLeay_version yaSSLeay_version +#define SSL_get_error yaSSL_get_error +#define SSL_load_error_strings yaSSL_load_error_strings +#define SSL_set_session yaSSL_set_session +#define SSL_get_session yaSSL_get_session +#define SSL_SESSION_set_timeout yaSSL_SESSION_set_timeout +#define SSL_get_peer_certificate yaSSL_get_peer_certificate +#define SSL_get_verify_result yaSSL_get_verify_result +#define SSL_CTX_set_verify yaSSL_CTX_set_verify +#define SSL_CTX_load_verify_locations yaSSL_CTX_load_verify_locations +#define SSL_CTX_set_default_verify_paths yaSSL_CTX_set_default_verify_paths +#define SSL_CTX_check_private_key yaSSL_CTX_check_private_key +#define SSL_CTX_set_session_id_context yaSSL_CTX_set_session_id_context +#define SSL_CTX_set_tmp_rsa_callback yaSSL_CTX_set_tmp_rsa_callback +#define SSL_CTX_set_options yaSSL_CTX_set_options +#define SSL_CTX_set_session_cache_mode yaSSL_CTX_set_session_cache_mode +#define SSL_CTX_set_timeout yaSSL_CTX_set_timeout +#define SSL_CTX_use_certificate_chain_file yaSSL_CTX_use_certificate_chain_file +#define SSL_CTX_set_default_passwd_cb yaSSL_CTX_set_default_passwd_cb +#define SSL_CTX_use_RSAPrivateKey_file yaSSL_CTX_use_RSAPrivateKey_file +#define SSL_CTX_set_info_callback yaSSL_CTX_set_info_callback +#define SSL_CTX_sess_accept yaSSL_CTX_sess_accept +#define SSL_CTX_sess_connect yaSSL_CTX_sess_connect +#define SSL_CTX_sess_accept_good yaSSL_CTX_sess_accept_good +#define SSL_CTX_sess_connect_good yaSSL_CTX_sess_connect_good +#define SSL_CTX_sess_accept_renegotiate yaSSL_CTX_sess_accept_renegotiate +#define SSL_CTX_sess_connect_renegotiate yaSSL_CTX_sess_connect_renegotiate +#define SSL_CTX_sess_hits yaSSL_CTX_sess_hits +#define SSL_CTX_sess_cb_hits yaSSL_CTX_sess_cb_hits +#define SSL_CTX_sess_cache_full yaSSL_CTX_sess_cache_full +#define SSL_CTX_sess_misses yaSSL_CTX_sess_misses +#define SSL_CTX_sess_timeouts yaSSL_CTX_sess_timeouts +#define SSL_CTX_sess_number yaSSL_CTX_sess_number +#define SSL_CTX_sess_get_cache_size yaSSL_CTX_sess_get_cache_size +#define SSL_CTX_get_verify_mode yaSSL_CTX_get_verify_mode +#define SSL_get_verify_mode yaSSL_get_verify_mode +#define SSL_CTX_get_verify_depth yaSSL_CTX_get_verify_depth +#define SSL_get_verify_depth yaSSL_get_verify_depth +#define SSL_get_default_timeout yaSSL_get_default_timeout +#define SSL_CTX_get_session_cache_mode yaSSL_CTX_get_session_cache_mode +#define SSL_session_reused yaSSL_session_reused +#define SSL_set_rfd yaSSL_set_rfd +#define SSL_set_wfd yaSSL_set_wfd +#define SSL_set_shutdown yaSSL_set_shutdown +#define SSL_want_read yaSSL_want_read +#define SSL_want_write yaSSL_want_write +#define SSL_pending yaSSL_pending +#define SSL_CTX_use_certificate_file yaSSL_CTX_use_certificate_file +#define SSL_CTX_use_PrivateKey_file yaSSL_CTX_use_PrivateKey_file +#define SSL_CTX_set_cipher_list yaSSL_CTX_set_cipher_list +#define SSL_CTX_sess_set_cache_size yaSSL_CTX_sess_set_cache_size +#define SSL_CTX_set_tmp_dh yaSSL_CTX_set_tmp_dh +#define OpenSSL_add_all_algorithms yaOpenSSL_add_all_algorithms +#define SSL_library_init yaSSL_library_init +#define SSLeay_add_ssl_algorithms yaSSLeay_add_ssl_algorithms +#define SSL_get_current_cipher yaSSL_get_current_cipher +#define SSL_CIPHER_description yaSSL_CIPHER_description +#define SSL_alert_type_string_long yaSSL_alert_type_string_long +#define SSL_alert_desc_string_long yaSSL_alert_desc_string_long +#define SSL_state_string_long yaSSL_state_string_long +#define EVP_md5 yaEVP_md5 +#define EVP_des_ede3_cbc yaEVP_des_ede3_cbc +#define EVP_BytesToKey yaEVP_BytesToKey +#define DES_set_key_unchecked yaDES_set_key_unchecked +#define DES_ede3_cbc_encrypt yaDES_ede3_cbc_encrypt +#define RAND_screen yaRAND_screen +#define RAND_file_name yaRAND_file_name +#define RAND_write_file yaRAND_write_file +#define RAND_load_file yaRAND_load_file +#define RAND_status yaRAND_status +#define DES_set_key yaDES_set_key +#define DES_set_odd_parity yaDES_set_odd_parity +#define DES_ecb_encrypt yaDES_ecb_encrypt +#define SSL_CTX_set_default_passwd_cb_userdata yaSSL_CTX_set_default_passwd_cb_userdata +#define SSL_SESSION_free yaSSL_SESSION_free +#define SSL_get_certificate yaSSL_get_certificate +#define SSL_get_privatekey yaSSL_get_privatekey +#define X509_get_pubkey yaX509_get_pubkey +#define EVP_PKEY_copy_parameters yaEVP_PKEY_copy_parameters +#define EVP_PKEY_free yaEVP_PKEY_free +#define ERR_error_string_n yaERR_error_string_n +#define ERR_free_strings yaERR_free_strings +#define EVP_cleanup yaEVP_cleanup +#define X509_get_ext_d2i yaX509_get_ext_d2i +#define GENERAL_NAMES_free yaGENERAL_NAMES_free +#define sk_GENERAL_NAME_num yask_GENERAL_NAME_num +#define sk_GENERAL_NAME_value yask_GENERAL_NAME_value +#define ASN1_STRING_data yaASN1_STRING_data +#define ASN1_STRING_length yaASN1_STRING_length +#define ASN1_STRING_type yaASN1_STRING_type +#define X509_NAME_get_index_by_NID yaX509_NAME_get_index_by_NID +#define X509_NAME_ENTRY_get_data yaX509_NAME_ENTRY_get_data +#define X509_NAME_get_entry yaX509_NAME_get_entry +#define ASN1_STRING_to_UTF8 yaASN1_STRING_to_UTF8 +#define SSLv23_client_method yaSSLv23_client_method +#define SSLv2_client_method yaSSLv2_client_method +#define SSL_get1_session yaSSL_get1_session +#define X509_get_notBefore yaX509_get_notBefore +#define X509_get_notAfter yaX509_get_notAfter +#define MD4_Init yaMD4_Init +#define MD4_Update yaMD4_Update +#define MD4_Final yaMD4_Final +#define MD5_Init yaMD5_Init +#define MD5_Update yaMD5_Update +#define MD5_Final yaMD5_Final diff --git a/extra/yassl/include/openssl/ssl.h b/extra/yassl/include/openssl/ssl.h index a7eca9138a2..fb646f08a82 100644 --- a/extra/yassl/include/openssl/ssl.h +++ b/extra/yassl/include/openssl/ssl.h @@ -28,6 +28,7 @@ #ifndef yaSSL_openssl_h__ #define yaSSL_openssl_h__ +#include "prefix_ssl.h" #include /* ERR_print fp */ #include "opensslv.h" /* for version number */ #include "rsa.h" diff --git a/libmysql/Makefile.am b/libmysql/Makefile.am index b580884e934..d089d56f38a 100644 --- a/libmysql/Makefile.am +++ b/libmysql/Makefile.am @@ -24,7 +24,7 @@ target = libmysqlclient.la target_defs = -DUNDEF_THREADS_HACK -DDONT_USE_RAID @LIB_EXTRA_CCFLAGS@ LIBS = @CLIENT_LIBS@ INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include \ - $(openssl_includes) $(yassl_includes) @ZLIB_INCLUDES@ + $(openssl_includes) @ZLIB_INCLUDES@ include $(srcdir)/Makefile.shared diff --git a/libmysql_r/Makefile.am b/libmysql_r/Makefile.am index d28f31b2258..aaf81add00b 100644 --- a/libmysql_r/Makefile.am +++ b/libmysql_r/Makefile.am @@ -25,7 +25,7 @@ target_defs = -DDONT_USE_RAID -DMYSQL_CLIENT @LIB_EXTRA_CCFLAGS@ LIBS = @LIBS@ @ZLIB_LIBS@ @openssl_libs@ INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include \ - $(openssl_includes) $(yassl_includes) @ZLIB_INCLUDES@ + $(openssl_includes) @ZLIB_INCLUDES@ ## automake barfs if you don't use $(srcdir) or $(top_srcdir) in include include $(top_srcdir)/libmysql/Makefile.shared diff --git a/libmysqld/Makefile.am b/libmysqld/Makefile.am index 5ec9cdfe5bf..54eb27be037 100644 --- a/libmysqld/Makefile.am +++ b/libmysqld/Makefile.am @@ -29,7 +29,7 @@ INCLUDES= @bdb_includes@ \ -I$(top_builddir)/include -I$(top_srcdir)/include \ -I$(top_srcdir)/sql -I$(top_srcdir)/sql/examples \ -I$(top_srcdir)/regex \ - $(openssl_includes) $(yassl_includes) @ZLIB_INCLUDES@ + $(openssl_includes) @ZLIB_INCLUDES@ noinst_LIBRARIES = libmysqld_int.a pkglib_LIBRARIES = libmysqld.a @@ -81,7 +81,7 @@ INC_LIB= $(top_builddir)/regex/libregex.a \ $(top_builddir)/strings/libmystrings.a \ $(top_builddir)/dbug/libdbug.a \ $(top_builddir)/vio/libvio.a - + # # To make it easy for the end user to use the embedded library we diff --git a/libmysqld/examples/Makefile.am b/libmysqld/examples/Makefile.am index 414cf63b003..01429378dfb 100644 --- a/libmysqld/examples/Makefile.am +++ b/libmysqld/examples/Makefile.am @@ -34,7 +34,7 @@ link_sources: DEFS = -DEMBEDDED_LIBRARY INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include -I$(srcdir) \ -I$(top_srcdir) -I$(top_srcdir)/client -I$(top_srcdir)/regex \ - $(openssl_includes) $(yassl_includes) + $(openssl_includes) LIBS = @LIBS@ @WRAPLIBS@ @CLIENT_LIBS@ $(yassl_libs) LDADD = @CLIENT_EXTRA_LDFLAGS@ ../libmysqld.a @innodb_system_libs@ @LIBDL@ $(CXXLDFLAGS) diff --git a/server-tools/instance-manager/Makefile.am b/server-tools/instance-manager/Makefile.am index 218eceebd12..6b5d80a99af 100644 --- a/server-tools/instance-manager/Makefile.am +++ b/server-tools/instance-manager/Makefile.am @@ -15,7 +15,7 @@ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA INCLUDES= @ZLIB_INCLUDES@ -I$(top_srcdir)/include \ - @openssl_includes@ @yassl_includes@ -I$(top_builddir)/include + @openssl_includes@ -I$(top_builddir)/include DEFS= -DMYSQL_INSTANCE_MANAGER -DMYSQL_SERVER diff --git a/sql/Makefile.am b/sql/Makefile.am index 1597ad2c4a8..453e50a3b0b 100644 --- a/sql/Makefile.am +++ b/sql/Makefile.am @@ -22,7 +22,7 @@ MYSQLBASEdir= $(prefix) INCLUDES = @ZLIB_INCLUDES@ \ @bdb_includes@ @innodb_includes@ @ndbcluster_includes@ \ -I$(top_builddir)/include -I$(top_srcdir)/include \ - -I$(top_srcdir)/regex -I$(srcdir) $(yassl_includes) \ + -I$(top_srcdir)/regex -I$(srcdir) \ $(openssl_includes) WRAPLIBS= @WRAPLIBS@ SUBDIRS = share diff --git a/tools/Makefile.am b/tools/Makefile.am index 0f726bd5fc3..61b9a612dc5 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -24,7 +24,7 @@ INCLUDES= -I$(top_builddir)/include -I$(top_srcdir)/include \ $(openssl_includes) LDADD= @CLIENT_EXTRA_LDFLAGS@ \ $(top_builddir)/libmysql_r/libmysqlclient_r.la \ - @openssl_libs@ @ZLIB_LIBS@ + @openssl_libs@ @yassl_libs@ @ZLIB_LIBS@ bin_PROGRAMS= mysqltestmanager mysqltestmanager_SOURCES= mysqlmanager.c $(yassl_dummy_link_fix) mysqltestmanager_DEPENDENCIES= $(LIBRARIES) $(pkglib_LTLIBRARIES) diff --git a/vio/Makefile.am b/vio/Makefile.am index 544639139de..e89191d57cd 100644 --- a/vio/Makefile.am +++ b/vio/Makefile.am @@ -20,7 +20,7 @@ else yassl_dummy_link_fix= endif INCLUDES= -I$(top_builddir)/include -I$(top_srcdir)/include \ - $(openssl_includes) $(yassl_includes) + $(openssl_includes) LDADD= @CLIENT_EXTRA_LDFLAGS@ $(openssl_libs) $(yassl_libs) pkglib_LIBRARIES= libvio.a noinst_PROGRAMS = test-ssl test-sslserver test-sslclient