documentation
Apparently, WolfSSL wants to have *exactly* the same defines for
the user of the library as the was when building library itself.
A lot of #defines have an impact on ABI (structure sizes, alignment etc)
In Wolfcrypt, output length after CTR encryption is not the same
as input length. This is different from openssl and this makes unit test
aes-t fail.
So disable CTR for now.
- Add new submodule for WolfSSL
- Build and use wolfssl and wolfcrypt instead of yassl/taocrypt
- Use HAVE_WOLFSSL instead of HAVE_YASSL
- Increase MY_AES_CTX_SIZE, to avoid compile time asserts in my_crypt.cc
(sizeof(EVP_CIPHER_CTX) is larger on WolfSSL)
main.derived_cond_pushdown: Move all 10.3 tests to the end,
trim trailing white space, and add an "End of 10.3 tests" marker.
Add --sorted_result to tests where the ordering is not deterministic.
main.win_percentile: Add --sorted_result to tests where the
ordering is no longer deterministic.
if -DWITH_SSL=yes and system ssl cannot be used,
bundled ssl should be auto-selected.
That's how it worked in 10.0, and it was unintentionally broken in 10.1.
Both libraries and includes are required to check for symbols correctly.
In addition, we don't use SHA512_DIGEST_LENGTH symbol so remove the
extraneous check.
this disables the check, added in d937916c06
Applications shouldn't police OpenSSL versions that users are using.
And 0.9.8 on Mac OS X seems to have new fixes, despite being "0.9.8"
Description: If libmysql is compiled with WITH_SSL=NO,
--ssl-* are not useful.
Solution: 1. Restricted WITH_SSL to values : bundled | yes | system
2. Made "bundled" as default value for WITH_SSL. Also,
not specifying WITH_SSL or even specifying WITH_SSL=no
will be treated as/converted to WITH_SSL=bundled.
Reviewed-By: Tor Didriksen <tor.didriksen@oracle.com>
Reviewed-By: Georgi Kodinov <georgi.kodinov@oracle.com>
make repeated cmake runs less verbose:
* remove few not very useful MESSAGE's
* only run pkg_check_modules() if there's no cached result
* only print QQGraph messages on the first run
Incorrect usage of OPENSSL_INCLUDE_DIR variable within cmake caused the
configure step to fail. The variable was used before being checked if
the include directory actually existed.
mark path-related variables (AIO_LIBRARY, ODBC_LIBRARY, ODBC_INCLUDE_DIR,
Thrift_LIBS, Thrift_INCLUDE_DIRS, CRYPTO_LIBRARY, OPENSSL_LIBRARIES,
OPENSSL_ROOT_DIR, OPENSSL_INCLUDE_DIR) as advanced - paths are
automatically discovered by cmake.
mark few choice variables (ENABLED_LOCAL_INFILE, WITHOUT_SERVER,
DISABLE_SHARED) as not advanced - they are user choices, not automatically
configured values.
remove unused BACKUP_TEST variable.
Fixed debian/ubuntu build failure.
cmake/ssl.cmake:
Do not prefer static SSL libraries for WITH_SSL=system|yes as there is
no guarantee that they will link well with MariaDB shared objects.
Specifically on debian/ubuntu static SSL libraries are built without
-fPIC.
Restore 5.6 behavior. 10.0.3 never prefer static SSL libraries.
