Skip to content

Commit a6cc59f

Browse files
AliSQLAliSQL
authored andcommitted
[Feature] Issue#53 Support TLSv1.2 SSL Protocol
Description =========== Bundled openSSL (openssl-1.0.1u) source codes to compile statically instead of yaSSL, then MySQL server can support TLSv1.2 SSL protocol. For the compatibility, we supply new parameter '--tls-version' to control how to decide the supportable TLS version. If compiled with openSSL, then tls-version default value 'TLSv1, TLSv1.1, TLSv1.2' If compiled with yaSSL, then tls-version default value 'TLSv1, TLSv1.1' Also the added cmake option: DWITH_SSL=openssl means that openssl was built statically. Compatibility ============= The TLS Protocol version matrix: ----------------------------------------------------------------------- Pre_Server Post_yaSSL_Server Post_openSSL_Server Pre_Client TLSv1.0 TLSv1.0 TLSv1.0 Post_yaSSL_Client TLSv1.0 TLSv1.1 TLSv1.1 Post_openSSL_Client TLSv1.0 TLSv1.1 TLSv1.2 -----------------------------------------------------------------------
1 parent 041c282 commit a6cc59f

4,323 files changed

Lines changed: 1273840 additions & 56 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

CMakeLists.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -421,7 +421,7 @@ INCLUDE_DIRECTORIES(${CMAKE_CURRENT_BINARY_DIR}/include)
421421

422422
# Add bundled or system zlib.
423423
MYSQL_CHECK_ZLIB_WITH_COMPRESS()
424-
# Add bundled yassl/taocrypt or system openssl.
424+
# Add bundled yassl/taocrypt or system openssl or bundled openssl.
425425
MYSQL_CHECK_SSL()
426426
# Add system/bundled editline.
427427
MYSQL_CHECK_EDITLINE()

cmake/ssl.cmake

Lines changed: 66 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,18 @@ SET(WITH_SSL_DOC
4141
"${WITH_SSL_DOC}, system (use os library)")
4242
SET(WITH_SSL_DOC
4343
"${WITH_SSL_DOC}, </path/to/custom/installation>")
44+
SET(WITH_SSL_DOC
45+
"${WITH_SSL_DOC}, openssl (use bundled openssl)")
46+
47+
IF(CMAKE_VERSION VERSION_LESS "2.8.6")
48+
MACRO (MYSQL_CHECK_SSL)
49+
ENDMACRO()
50+
MESSAGE(SEND_ERROR
51+
"The cmake version require at least 2.8.6")
52+
RETURN()
53+
ENDIF()
54+
55+
INCLUDE(ExternalProject)
4456

4557
MACRO (CHANGE_SSL_SETTINGS string)
4658
SET(WITH_SSL ${string} CACHE STRING ${WITH_SSL_DOC} FORCE)
@@ -72,10 +84,60 @@ MACRO (MYSQL_USE_BUNDLED_SSL)
7284
ENDFOREACH()
7385
ENDMACRO()
7486

87+
#
88+
#Compile openssl statically.
89+
#
90+
MACRO (MYSQL_USE_BUNDLED_OPENSSL)
91+
SET(SOURCE_DIR "${CMAKE_SOURCE_DIR}/extra/openssl")
92+
SET(BINARY_DIR "${CMAKE_BINARY_DIR}/${CMAKE_CFG_INTDIR}/extra/openssl")
93+
SET(SSL_INCLUDE_DIRS ${SOURCE_DIR}/include)
94+
SET(SSL_DEFINES "-DHAVE_OPENSSL")
95+
SET(OPENSSL_CONFIGURE_OPTS "-fPIC no-shared")
96+
IF (CMAKE_BUILD_TYPE MATCHES "Debug" AND NOT APPLE)
97+
LIST(APPEND LIBARAFT_CONFIGURE_OPTS --enable-debug)
98+
ENDIF()
99+
100+
IF(CMAKE_GENERATOR MATCHES "Makefiles")
101+
SET(MAKE_COMMAND ${CMAKE_MAKE_PROGRAM})
102+
ELSE() # Xcode/Ninja generators
103+
SET(MAKE_COMMAND make)
104+
ENDIF()
105+
106+
ExternalProject_Add(openssl
107+
PREFIX extra/openssl
108+
SOURCE_DIR ${SOURCE_DIR}
109+
BINARY_DIR ${BINARY_DIR}
110+
STAMP_DIR ${BINARY_DIR}
111+
CONFIGURE_COMMAND "${SOURCE_DIR}/config" ${OPENSSL_CONFIGURE_OPTS}
112+
BUILD_COMMAND ${MAKE_COMMAND}
113+
INSTALL_COMMAND ""
114+
)
115+
116+
SET(MY_OPENSSL_LIBSSL "${BINARY_DIR}/libssl.a")
117+
SET(MY_OPENSSL_LIBCRYPTO "${BINARY_DIR}/libcrypto.a")
118+
SET(SSL_LIBRARIES ${MY_OPENSSL_LIBSSL} ${MY_OPENSSL_LIBCRYPTO})
119+
IF(CMAKE_SYSTEM_NAME MATCHES "SunOS")
120+
SET(SSL_LIBRARIES ${SSL_LIBRARIES} ${LIBSOCKET})
121+
ENDIF()
122+
IF(CMAKE_SYSTEM_NAME MATCHES "Linux")
123+
SET(SSL_LIBRARIES ${SSL_LIBRARIES} ${LIBDL})
124+
ENDIF()
125+
126+
ADD_LIBRARY(libssl STATIC IMPORTED)
127+
SET_TARGET_PROPERTIES(libssl PROPERTIES IMPORTED_LOCATION "${MY_OPENSSL_LIBSSL}")
128+
ADD_DEPENDENCIES(libssl openssl)
129+
ADD_LIBRARY(libcrypto STATIC IMPORTED)
130+
SET_TARGET_PROPERTIES(libcrypto PROPERTIES IMPORTED_LOCATION "${MY_OPENSSL_LIBCRYPTO}")
131+
ADD_DEPENDENCIES(libcrypto openssl)
132+
133+
ENDMACRO()
134+
135+
136+
75137
# MYSQL_CHECK_SSL
76138
#
77139
# Provides the following configure options:
78-
# WITH_SSL=[yes|bundled|system|<path/to/custom/installation>]
140+
# WITH_SSL=[yes|bundled|system|openssl|<path/to/custom/installation>]
79141
MACRO (MYSQL_CHECK_SSL)
80142
IF(NOT WITH_SSL)
81143
IF(WIN32)
@@ -89,7 +151,9 @@ MACRO (MYSQL_CHECK_SSL)
89151
SET(WITH_SSL_PATH ${WITH_SSL} CACHE PATH "path to custom SSL installation")
90152
ENDIF()
91153

92-
IF(WITH_SSL STREQUAL "bundled")
154+
IF(WITH_SSL STREQUAL "openssl")
155+
MYSQL_USE_BUNDLED_OPENSSL()
156+
ELSEIF(WITH_SSL STREQUAL "bundled")
93157
MYSQL_USE_BUNDLED_SSL()
94158
# Reset some variables, in case we switch from /path/to/ssl to "bundled".
95159
IF (WITH_SSL_PATH)

extra/openssl/ACKNOWLEDGMENTS

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
Please https://www.openssl.org/community/thanks.html for the current
2+
acknowledgements.

0 commit comments

Comments
 (0)