[packages/mysql/MYSQL_5_7] Backport patch from 8.0 to improve ssl errors.

Mon Nov 29 11:05:59 CET 2021

commit 0eb80c53dfc0cf36403c18570522e2b353b95168
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Mon Nov 29 11:04:39 2021 +0100

    Backport patch from 8.0 to improve ssl errors.
    
    commit 0548790b7b83837993f3e6f5c512006d1c4c9c0f
    Author: Georgi Kodinov <georgi.kodinov at oracle.com>
    Date:   Tue Aug 14 17:23:17 2018 +0200
    
        Bug #27855668: CONTRIBUTION BY FACEBOOK: FIX OPENSSL ERROR CODES
    
        A slightly modified version of the facebook contribution that still
        fixes the issue reported, but also does not remove the posibility to
        print the additional errors in the stack if DBUG is on.

 mysql.spec       |  4 ++--
 ssl-errors.patch | 45 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+), 2 deletions(-)
---

diff --git a/mysql.spec b/mysql.spec
index 8d6c188..384ee63 100644
--- a/mysql.spec
+++ b/mysql.spec
@@ -62,7 +62,7 @@ Source12:	%{name}-ndb-cpc.sysconfig
 Source13:	%{name}-client.conf
 Source14:	my.cnf
 Patch0:		%{name}-opt.patch
-
+Patch1:		ssl-errors.patch
 Patch2:		%{name}-protobuf.patch
 Patch3:		%{name}-5.7-sphinx.patch
 Patch4:		%{name}-sphinx.patch
@@ -467,7 +467,7 @@ Ten pakiet zawiera standardowego demona MySQL NDB CPC.
 %setup -q %{?with_sphinx:-a100} %{!?with_system_boost:-a101}
 
 %patch0 -p1
-
+%patch1 -p1
 %patch2 -p1
 %if %{with sphinx}
 # http://www.sphinxsearch.com/docs/manual-0.9.9.html#sphinxse-mysql51
diff --git a/ssl-errors.patch b/ssl-errors.patch
new file mode 100644
index 0000000..5034b82
--- /dev/null
+++ b/ssl-errors.patch
@@ -0,0 +1,45 @@
+diff -urp mysql-5.7.36.org/vio/viossl.c mysql-5.7.36/vio/viossl.c
+--- mysql-5.7.36.org/vio/viossl.c	2021-09-07 07:26:47.000000000 +0200
++++ mysql-5.7.36/vio/viossl.c	2021-11-29 10:34:20.106597290 +0100
+@@ -137,7 +137,7 @@ static my_bool ssl_should_retry(Vio *vio
+                                 enum enum_vio_io_event *event,
+                                 unsigned long *ssl_errno_holder)
+ {
+-  int ssl_error;
++  int ssl_error, err_error;
+   SSL *ssl= vio->ssl_arg;
+   my_bool should_retry= TRUE;
+ 
+@@ -148,12 +148,23 @@ static my_bool ssl_should_retry(Vio *vio
+   switch (ssl_error)
+   {
+   case SSL_ERROR_WANT_READ:
++    err_error = ssl_error;  // for backward compatibility.
+     *event= VIO_IO_EVENT_READ;
+     break;
+   case SSL_ERROR_WANT_WRITE:
++    err_error = ssl_error;  // for backward compatibility.
+     *event= VIO_IO_EVENT_WRITE;
+     break;
+   default:
++    /* first save the top ERR error */
++#ifdef HAVE_WOLFSSL
++    /* TODO: when wolfSSL issue 4240 is fixed (see bug 27855668) remove the
++     * "if" branch */
++    err_error = ssl_error;
++#else
++    err_error = ERR_get_error();
++#endif
++    /* now report all remaining errors on and/or clear the error stack */
+ #ifndef NDEBUG  /* Debug build */
+     /* Note: the OpenSSL error queue gets cleared in report_errors(). */
+     report_errors(ssl);
+@@ -166,7 +177,7 @@ static my_bool ssl_should_retry(Vio *vio
+     break;
+   }
+ 
+-  *ssl_errno_holder= ssl_error;
++  *ssl_errno_holder= err_error;
+ 
+   return should_retry;
+ }
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/mysql.git/commitdiff/0eb80c53dfc0cf36403c18570522e2b353b95168

