diff --git a/deps/Makefile b/deps/Makefile index 47c0f3c3b2..aac8709cca 100644 --- a/deps/Makefile +++ b/deps/Makefile @@ -82,6 +82,11 @@ endif libinjection: libinjection/libinjection/src/libinjection.a +BIO_MATCH := $(shell ./libssl/verify-bio_st-match.sh \&>/dev/null; echo $$?) +ifneq ($(BIO_MATCH),0) +$(error Incompatible OpenSSL version: struct bio_st mismatch!) +endif + libssl/openssl/libssl.a: cd libssl && rm -rf openssl-openssl-*/ openssl-3*/ || true cd libssl && tar -zxf openssl-*.tar.gz @@ -93,6 +98,7 @@ libssl/openssl/libssl.a: libssl: libssl/openssl/libssl.a + MIN_VERSION := 4.9.0 GCC_VERSION := $(shell gcc -dumpversion) SORTED_VERSIONS := $(shell echo -e "$(GCC_VERSION)\n$(MIN_VERSION)" | sort -V) diff --git a/deps/libssl/README.md b/deps/libssl/README.md index 5181cbd5eb..eab127418f 100644 --- a/deps/libssl/README.md +++ b/deps/libssl/README.md @@ -6,6 +6,13 @@ In ProxySQL 2.1.1 , libssl was upgraded to version 1.1.1j In ProxySQL 2.4.0 , libssl was upgraded from version 1.1.1j to 3.0.2 +In ProxySQL 2.4.8 , libssl was upgraded from version 3.0.2 to 3.0.8 + +In ProxySQL 2.5.x , libssl was upgraded from version 3.0.8 to 3.1.0 + + Do not upgrade without extensive testing. See note about `struct bio_st` in MySQL_Data_Stream.cpp . + +Run `verify-bio_st-match.sh` to confirm compatibility. diff --git a/deps/libssl/openssl b/deps/libssl/openssl index 75c1d8f45b..9763886482 120000 --- a/deps/libssl/openssl +++ b/deps/libssl/openssl @@ -1 +1 @@ -openssl-3.0.8 \ No newline at end of file +openssl-3.1.0 \ No newline at end of file diff --git a/deps/libssl/openssl-3.0.8.tar.gz b/deps/libssl/openssl-3.1.0.tar.gz similarity index 62% rename from deps/libssl/openssl-3.0.8.tar.gz rename to deps/libssl/openssl-3.1.0.tar.gz index 6a01626a84..0aa5c9e2f8 100644 Binary files a/deps/libssl/openssl-3.0.8.tar.gz and b/deps/libssl/openssl-3.1.0.tar.gz differ diff --git a/deps/libssl/verify-bio_st-match.sh b/deps/libssl/verify-bio_st-match.sh index 93b35e3c75..b4903e032a 100755 --- a/deps/libssl/verify-bio_st-match.sh +++ b/deps/libssl/verify-bio_st-match.sh @@ -4,16 +4,16 @@ pushd $(dirname $0) &>/dev/null trap 'popd &>/dev/null' EXIT -echo "checking for './deps/libssl/openssl/crypto/bio/bio_local.h'" +echo "checking for 'deps/libssl/openssl/crypto/bio/bio_local.h'" if [[ ! -e './openssl/crypto/bio/bio_local.h' ]]; then echo "extracting 'openssl-*.tar.gz'" tar -zxf openssl-*.tar.gz fi -echo "extracting 'struct bio_st' from './deps/libssl/openssl/crypto/bio/bio_local.h'" +echo "extracting 'struct bio_st' from 'deps/libssl/openssl/crypto/bio/bio_local.h'" DEPBIOST=$(cd ../../; cat ./deps/libssl/openssl/crypto/bio/bio_local.h | sed -n '/^struct bio_st {/,/}/p') -echo "extracting 'struct bio_st' from './lib/mysql_data_stream.cpp'" +echo "extracting 'struct bio_st' from 'lib/mysql_data_stream.cpp'" LIBBIOST=$(cd ../../; cat ./lib/mysql_data_stream.cpp | sed '/^\/\*/,/*\//d' | sed -n '/^struct bio_st {/,/}/p') echo -n "Comparing ... "