Revert "MDEV-14027: Determine TLS/SSL library version"

This reverts commit 113418c.
mariadb-corporation · Oct 15, 2017 · d67ee8b · d67ee8b
1 parent 113418c
commit d67ee8b
Show file tree

Hide file tree

Showing 7 changed files with 13 additions and 45 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -338,7 +338,7 @@ CONFIGURE_FILE(${CC_SOURCE_DIR}/include/mariadb_version.h.in
 INCLUDE_DIRECTORIES(${CC_BINARY_DIR}/include)
 
 IF(WIN32)
-  SET(SYSTEM_LIBS ws2_32 advapi32 kernel32 shlwapi version)
+  SET(SYSTEM_LIBS ws2_32 advapi32 kernel32 shlwapi)
 ELSE()
   SET(SYSTEM_LIBS ${SYSTEM_LIBS} ${LIBPTHREAD} ${LIBDL} ${LIBM})
   IF(ICONV_EXTERNAL)

diff --git a/include/ma_tls.h b/include/ma_tls.h
@@ -1,9 +1,6 @@
 #ifndef _ma_tls_h_
 #define _ma_tls_h_
 
-#define TLS_VERSION_LENGTH 64
-extern char tls_library_version[TLS_VERSION_LENGTH];
-
 enum enum_pvio_tls_type {
   SSL_TYPE_DEFAULT=0,
 #ifdef _WIN32

diff --git a/libmariadb/ma_tls.c b/libmariadb/ma_tls.c
@@ -153,7 +153,7 @@ static my_bool ma_pvio_tls_compare_fp(const char *cert_fp,
     char d1, d2;
     if (*p == ':')
       p++;
-    if (p - fp > (int)fp_len -1)
+    if (p - fp > fp_len -1)
       return 1;
     if ((d1 = ma_hex2int(*p)) == - 1 ||
         (d2 = ma_hex2int(*(p+1))) == -1 ||

diff --git a/libmariadb/mariadb_lib.c b/libmariadb/mariadb_lib.c
@@ -3709,9 +3709,15 @@ my_bool STDCALL mariadb_get_infov(MYSQL *mysql, enum mariadb_value value, void *
     break;
   case MARIADB_TLS_LIBRARY:
 #ifdef HAVE_TLS
-    *((char **)arg)= tls_library_version;
+#ifdef HAVE_GNUTLS
+    *((const char **)arg)= "GNUTLS";
+#elif HAVE_OPENSSL
+    *((const char **)arg)= "OPENSSL";
+#elif HAVE_SCHANNEL
+    *((const char **)arg)= "SCHANNEL";
+#endif
 #else
-    *((char **)arg)= "Off";
+    *((char **)arg)= "OFF";
 #endif
     break;
   case MARIADB_CLIENT_VERSION:

diff --git a/libmariadb/secure/gnutls.c b/libmariadb/secure/gnutls.c
@@ -969,8 +969,6 @@ int ma_tls_start(char *errmsg, size_t errmsg_len)
     ma_tls_get_error(errmsg, errmsg_len, rc);
     goto end;
   }
-  snprint(tls_library_version, TLS_VERSION_LENGTH - 1, "GnuTLS %s",
-          gnutls_check_version(NULL));
   ma_tls_initialized= TRUE;
 end:
   pthread_mutex_unlock(&LOCK_gnutls_config);

diff --git a/libmariadb/secure/openssl.c b/libmariadb/secure/openssl.c
@@ -26,7 +26,6 @@
 #include <mysql/client_plugin.h>
 #include <string.h>
 #include <openssl/ssl.h> /* SSL and SSL_CTX */
-#include <openssl/crypto.h> /* for OpenSSL_version */
 #include <openssl/err.h> /* error reporting */
 #include <openssl/conf.h>
 #include <openssl/md4.h>
@@ -61,7 +60,7 @@ extern my_bool ma_tls_initialized;
 extern unsigned int mariadb_deinitialize_ssl;
 
 #define MAX_SSL_ERR_LEN 100
-char tls_library_version[TLS_VERSION_LENGTH];
+
 static pthread_mutex_t LOCK_openssl_config;
 #ifndef HAVE_OPENSSL_1_1_API
 static pthread_mutex_t *LOCK_crypto= NULL;
@@ -320,13 +319,6 @@ int ma_tls_start(char *errmsg __attribute__((unused)), size_t errmsg_len __attri
   ma_BIO_method.bwrite= ma_bio_write;
 #endif
   rc= 0;
-  snprintf(tls_library_version, TLS_VERSION_LENGTH - 1, "%s",
-#if defined(LIBRESSL_VERSION_NUMBER) || !defined(HAVE_OPENSSL_1_1_API)
-           SSLeay_version(SSLEAY_VERSION));
-#else
-           OpenSSL_version(OPENSSL_VERSION));
-#endif
-
   ma_tls_initialized= TRUE;
 end:
   pthread_mutex_unlock(&LOCK_openssl_config);

diff --git a/libmariadb/secure/schannel.c b/libmariadb/secure/schannel.c
@@ -21,8 +21,8 @@
 
 #pragma comment (lib, "crypt32.lib")
 #pragma comment (lib, "secur32.lib")
-#pragma comment (lib, "version.lib")
 
+//#define VOID void
 
 extern my_bool ma_tls_initialized;
 
@@ -31,8 +31,6 @@ extern my_bool ma_tls_initialized;
 #define PROT_TLS1_2 4
 #define PROT_TLS1_3 8
 
-char tls_library_version[TLS_VERSION_LENGTH];
-
 static struct
 {
   DWORD cipher_id;
@@ -163,6 +161,7 @@ cipher_map[] =
 #define MAX_ALG_ID 50
 
 void ma_schannel_set_sec_error(MARIADB_PVIO *pvio, DWORD ErrorNo);
+void ma_schannel_set_win_error(MYSQL *mysql);
 
 /*
   Initializes SSL and allocate global
@@ -177,31 +176,7 @@ void ma_schannel_set_sec_error(MARIADB_PVIO *pvio, DWORD ErrorNo);
 */
 int ma_tls_start(char *errmsg, size_t errmsg_len)
 {
-  DWORD size;
-  DWORD handle;
 
-  if ((size= GetFileVersionInfoSize("schannel.dll", &handle)))
-  {
-    LPBYTE VersionInfo;
-    if ((VersionInfo = (LPBYTE)malloc(size)))
-    {
-      unsigned int len;
-      VS_FIXEDFILEINFO *fileinfo;
-
-      GetFileVersionInfo("schannel.dll", 0, size, VersionInfo);
-      VerQueryValue(VersionInfo, "\\", (LPVOID *)&fileinfo, &len);
-      snprintf(tls_library_version, TLS_VERSION_LENGTH - 1, "Schannel %d.%d.%d.%d\n",
-        HIWORD(fileinfo->dwFileVersionMS),
-        LOWORD(fileinfo->dwFileVersionMS),
-        HIWORD(fileinfo->dwFileVersionLS),
-        LOWORD(fileinfo->dwFileVersionLS));
-      free(VersionInfo);
-      goto end;
-    }
-  }
-  /* this shouldn't happen anyway */
-  strcpy(tls_library_version, "Schannel 0.0.0.0");
-end:
   ma_tls_initialized = TRUE;
   return 0;
 }