From b247fc0fb2324d0252f1f46281f9887eeb3d7925 Mon Sep 17 00:00:00 2001

From: Sergei Golubchik <serg@mariadb.org>

Date: Wed, 3 May 2017 21:22:59 +0200

Subject: [PATCH 2/5] MDEV-10332  support for OpenSSL 1.1 and LibreSSL

post-review fixes:

* move all ssl implementation related ifdefs/defines to one file

  (ssl_compat.h)

* work around OpenSSL-1.1 desire to malloc every EVP context by

  run-time checking that context allocated on the stack is big enough

  (openssl.c)

* use newer version of the AWS SDK for OpenSSL 1.1

* use get_dh2048() function as generated by openssl 1.1

  (viosslfactories.c)

---

 include/my_crypt.h             |  15 ------

 include/ssl_compat.h           |  75 ++++++++++++++++++++++++++++

 include/violite.h              |  12 -----

 mysql-test/mysql-test-run.pl   |   2 +-

 mysql-test/t/openssl_6975.test |   7 ++-

 mysql-test/t/ssl_8k_key.test   |   5 +-

 mysys_ssl/CMakeLists.txt       |   1 +

 mysys_ssl/my_crypt.cc          | 102 +++++++++++++++-----------------------

 mysys_ssl/my_md5.cc            |  85 +++++++++++---------------------

 mysys_ssl/openssl.c            |  71 +++++++++++++++++++++++++++

 mysys_ssl/yassl.cc             |  19 --------

 sql-common/client.c            |   8 +--

 sql/mysqld.cc                  |  49 +++++++++----------

 sql/slave.cc                   |  19 +-------

 vio/vio.c                      |   1 +

 vio/viosslfactories.c          | 108 ++++++++++++++++++-----------------------

 16 files changed, 295 insertions(+), 284 deletions(-)

 create mode 100644 include/ssl_compat.h

 create mode 100644 mysys_ssl/openssl.c

diff --git a/include/my_crypt.h b/include/my_crypt.h

index e7dd9d80100..719e349bfb9 100644

--- a/include/my_crypt.h

+++ b/include/my_crypt.h

@@ -21,19 +21,4 @@

 #include <my_config.h> /* HAVE_EncryptAes128{Ctr,Gcm} */

 #include <mysql/service_my_crypt.h>

-/* OpenSSL version specific definitions */

-#if !defined(HAVE_YASSL) && defined(OPENSSL_VERSION_NUMBER)

-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

-#define ERR_remove_state(X)

-#else

-#define EVP_CIPHER_CTX_reset(X) EVP_CIPHER_CTX_cleanup(X)

-#define RAND_OpenSSL() RAND_SSLeay();

-#if defined(HAVE_ERR_remove_thread_state)

-#define ERR_remove_state(X) ERR_remove_thread_state(NULL)

-#endif

-#endif

-#elif defined(HAVE_YASSL)

-#define EVP_CIPHER_CTX_reset(X) EVP_CIPHER_CTX_cleanup(X)

-#endif /* !defined(HAVE_YASSL) */

-

 #endif /* MY_CRYPT_INCLUDED */

diff --git a/include/ssl_compat.h b/include/ssl_compat.h

new file mode 100644

index 00000000000..b0e3ed497cd

--- /dev/null

+++ b/include/ssl_compat.h

@@ -0,0 +1,75 @@

+/*

+ Copyright (c) 2016, 2017 MariaDB Corporation

+

+ This program is free software; you can redistribute it and/or modify

+ it under the terms of the GNU General Public License as published by

+ the Free Software Foundation; version 2 of the License.

+

+ This program is distributed in the hope that it will be useful,

+ but WITHOUT ANY WARRANTY; without even the implied warranty of

+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ GNU General Public License for more details.

+

+ You should have received a copy of the GNU General Public License

+ along with this program; if not, write to the Free Software

+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */

+

+#include <openssl/opensslv.h>

+

+/* OpenSSL version specific definitions */

+#if !defined(HAVE_YASSL) && defined(OPENSSL_VERSION_NUMBER)

+

+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)

+#define HAVE_X509_check_host 1

+#endif

+

+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

+#define HAVE_OPENSSL11 1

+#define ERR_remove_state(X) ERR_clear_error()

+#define EVP_MD_CTX_cleanup(X) EVP_MD_CTX_reset(X)

+#define EVP_CIPHER_CTX_SIZE 168

+#define EVP_MD_CTX_SIZE 48

+#undef EVP_MD_CTX_init

+#define EVP_MD_CTX_init(X) do { bzero((X), EVP_MD_CTX_SIZE); EVP_MD_CTX_reset(X); } while(0)

+#undef EVP_CIPHER_CTX_init

+#define EVP_CIPHER_CTX_init(X) do { bzero((X), EVP_CIPHER_CTX_SIZE); EVP_CIPHER_CTX_reset(X); } while(0)

+

+#else

+#define HAVE_OPENSSL10 1

+/*

+  Unfortunately RAND_bytes manual page does not provide any guarantees

+  in relation to blocking behavior. Here we explicitly use SSLeay random

+  instead of whatever random engine is currently set in OpenSSL. That way

+  we are guaranteed to have a non-blocking random.

+*/

+#define RAND_OpenSSL() RAND_SSLeay()

+

+#ifdef HAVE_ERR_remove_thread_state

+#define ERR_remove_state(X) ERR_remove_thread_state(NULL)

+#endif /* HAVE_ERR_remove_thread_state */

+

+#endif /* HAVE_OPENSSL11 */

+

+#elif defined(HAVE_YASSL)

+#define BN_free(X) do { } while(0)

+#endif /* !defined(HAVE_YASSL) */

+

+#ifndef HAVE_OPENSSL11

+#define ASN1_STRING_get0_data(X)        ASN1_STRING_data(X)

+#define OPENSSL_init_ssl(X,Y)           SSL_library_init()

+#define DH_set0_pqg(D,P,Q,G)            ((D)->p= (P), (D)->g= (G))

+#define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf)

+#define EVP_CIPHER_CTX_encrypting(ctx)  ((ctx)->encrypt)

+#define EVP_CIPHER_CTX_SIZE             sizeof(EVP_CIPHER_CTX)

+#define EVP_MD_CTX_SIZE                 sizeof(EVP_MD_CTX)

+#endif

+

+#ifdef	__cplusplus

+extern "C" {

+#endif /* __cplusplus */

+

+int check_openssl_compatibility();

+

+#ifdef	__cplusplus

+}

+#endif

diff --git a/include/violite.h b/include/violite.h

index 23800696e5a..572d4741c80 100644

--- a/include/violite.h

+++ b/include/violite.h

@@ -123,13 +123,6 @@ int vio_getnameinfo(const struct sockaddr *sa,

                     int flags);

 #ifdef HAVE_OPENSSL

-#include <openssl/opensslv.h>

-#if OPENSSL_VERSION_NUMBER < 0x0090700f

-#define DES_cblock des_cblock

-#define DES_key_schedule des_key_schedule

-#define DES_set_key_unchecked(k,ks) des_set_key_unchecked((k),*(ks))

-#define DES_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e) des_ede3_cbc_encrypt((i),(o),(l),*(k1),*(k2),*(k3),(iv),(e))

-#endif

 /* apple deprecated openssl in MacOSX Lion */

 #ifdef __APPLE__

 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"

@@ -146,11 +139,6 @@ typedef my_socket YASSL_SOCKET_T;

 #include <openssl/ssl.h>

 #include <openssl/err.h>

-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

-#define ERR_remove_state(X)

-#elif defined(HAVE_ERR_remove_thread_state)

-#define ERR_remove_state(X) ERR_remove_thread_state(NULL)

-#endif

 enum enum_ssl_init_error

 {

   SSL_INITERR_NOERROR= 0, SSL_INITERR_CERT, SSL_INITERR_KEY,

diff --git a/mysql-test/mysql-test-run.pl b/mysql-test/mysql-test-run.pl

index d53a8180c22..22bcabab7b6 100755

--- a/mysql-test/mysql-test-run.pl

+++ b/mysql-test/mysql-test-run.pl

@@ -2300,7 +2300,7 @@ sub environment_setup {

   $ENV{'MYSQL_PLUGIN'}=             $exe_mysql_plugin;

   $ENV{'MYSQL_EMBEDDED'}=           $exe_mysql_embedded;

-  my $client_config_exe= 

+  my $client_config_exe=

     native_path("$bindir/libmariadb/mariadb_config$opt_vs_config/mariadb_config");

   my $tls_info= `$client_config_exe --tlsinfo`;

   ($ENV{CLIENT_TLS_LIBRARY},$ENV{CLIENT_TLS_LIBRARY_VERSION})=

diff --git a/mysql-test/t/openssl_6975.test b/mysql-test/t/openssl_6975.test

index 6cf5d82cf54..6a82d013fb6 100644

--- a/mysql-test/t/openssl_6975.test

+++ b/mysql-test/t/openssl_6975.test

@@ -19,9 +19,8 @@ let $mysql=$MYSQL --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$

 disable_abort_on_error;

 echo TLS1.2 ciphers: user is ok with any cipher;

 exec $mysql                  --ssl-cipher=AES128-SHA256;

---replace_result DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-GCM-SHA384

---replace_result ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384

-exec $mysql                  --ssl-cipher=TLSv1.2

+--replace_result DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384

+exec $mysql                  --ssl-cipher=TLSv1.2;

 echo TLS1.2 ciphers: user requires SSLv3 cipher AES128-SHA;

 exec $mysql --user ssl_sslv3 --ssl-cipher=AES128-SHA256;

 exec $mysql --user ssl_sslv3 --ssl-cipher=TLSv1.2;

@@ -31,7 +30,7 @@ exec $mysql --user ssl_tls12 --ssl-cipher=TLSv1.2;

 echo SSLv3 ciphers: user is ok with any cipher;

 exec $mysql                  --ssl-cipher=AES256-SHA;

-exec $mysql                  --ssl-cipher=DHE-RSA-AES256-SHA

+exec $mysql                  --ssl-cipher=SSLv3;

 echo SSLv3 ciphers: user requires SSLv3 cipher AES128-SHA;

 exec $mysql --user ssl_sslv3 --ssl-cipher=AES128-SHA;

 exec $mysql --user ssl_sslv3 --ssl-cipher=SSLv3;

diff --git a/mysql-test/t/ssl_8k_key.test b/mysql-test/t/ssl_8k_key.test

index 470d577edb8..9d5b382726e 100644

--- a/mysql-test/t/ssl_8k_key.test

+++ b/mysql-test/t/ssl_8k_key.test

@@ -1,6 +1,5 @@

-# This test should work in embedded server after we fix mysqltest

--- source include/require_openssl_client.inc

--- source include/not_embedded.inc

+# schannel does not support keys longer than 4k

+-- source include/not_windows.inc

 -- source include/have_ssl_communication.inc

 #

diff --git a/mysys_ssl/CMakeLists.txt b/mysys_ssl/CMakeLists.txt

index 4f6f7458c5b..f8a767ed6f3 100644

--- a/mysys_ssl/CMakeLists.txt

+++ b/mysys_ssl/CMakeLists.txt

@@ -28,6 +28,7 @@ SET(MYSYS_SSL_HIDDEN_SOURCES

     my_sha384.cc

     my_sha512.cc

     my_md5.cc

+    openssl.c

    )

 SET(MYSYS_SSL_SOURCES

diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc

index 0ff49a2c427..ed1c82dbac6 100644

--- a/mysys_ssl/my_crypt.cc

+++ b/mysys_ssl/my_crypt.cc

@@ -1,6 +1,6 @@

 /*

  Copyright (c) 2014 Google Inc.

- Copyright (c) 2014, 2015 MariaDB Corporation

+ Copyright (c) 2014, 2017 MariaDB Corporation

  This program is free software; you can redistribute it and/or modify

  it under the terms of the GNU General Public License as published by

@@ -21,30 +21,31 @@

 #ifdef HAVE_YASSL

 #include "yassl.cc"

 #else

-

 #include <openssl/evp.h>

 #include <openssl/aes.h>

 #include <openssl/err.h>

 #include <openssl/rand.h>

-

 #endif

-#include <my_crypt.h>

-#define MY_CIPHER_CTX_SIZE 384

+#include <my_crypt.h>

+#include <ssl_compat.h>

 class MyCTX

 {

 public:

+  char ctx_buf[EVP_CIPHER_CTX_SIZE];

   EVP_CIPHER_CTX *ctx;

-  const uchar *key;

-  unsigned int klen;

-  MyCTX() {

-            ctx= EVP_CIPHER_CTX_new();

-          }

-  virtual ~MyCTX() {

-                     EVP_CIPHER_CTX_free(ctx);

-                     ERR_remove_state(0);

-                    }

+

+  MyCTX()

+  {

+    ctx= (EVP_CIPHER_CTX *)ctx_buf;

+    EVP_CIPHER_CTX_init(ctx);

+  }

+  virtual ~MyCTX()

+  {

+    EVP_CIPHER_CTX_cleanup(ctx);

+    ERR_remove_state(0);

+  }

   virtual int init(const EVP_CIPHER *cipher, int encrypt, const uchar *key,

                    uint klen, const uchar *iv, uint ivlen)

@@ -78,9 +79,12 @@ class MyCTX

 class MyCTX_nopad : public MyCTX

 {

 public:

+  const uchar *key;

+  uint klen, buf_len;

+  uchar oiv[MY_AES_BLOCK_SIZE];

+

   MyCTX_nopad() : MyCTX() { }

   ~MyCTX_nopad() { }

-  unsigned int buf_len;

   int init(const EVP_CIPHER *cipher, int encrypt, const uchar *key, uint klen,

            const uchar *iv, uint ivlen)

@@ -89,19 +93,8 @@ class MyCTX_nopad : public MyCTX

     this->key= key;

     this->klen= klen;

     this->buf_len= 0;

-    /* FIX-ME:

-       For the sake of backward compatibility we do some strange hack here:

-       Since ECB doesn't need an IV (and therefore is considered kind of

-       insecure) we need to store the specified iv.

-       The last nonpadding block will be encrypted with an additional

-       expensive crypt_call in ctr mode instead

-       of encrypting the entire plain text in ctr-mode */

-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

-    const unsigned char *oiv= EVP_CIPHER_CTX_original_iv(ctx);

-#else

-    const unsigned char *oiv= ctx->oiv;

-#endif

-    memcpy((char *)oiv, iv, ivlen);

+    memcpy(oiv, iv, ivlen);

+    DBUG_ASSERT(ivlen == 0 || ivlen == sizeof(oiv));

     int res= MyCTX::init(cipher, encrypt, key, klen, iv, ivlen);

@@ -111,34 +104,30 @@ class MyCTX_nopad : public MyCTX

   int update(const uchar *src, uint slen, uchar *dst, uint *dlen)

   {

-    buf_len= slen % MY_AES_BLOCK_SIZE;

+    buf_len+= slen;

     return MyCTX::update(src, slen, dst, dlen);

   }

   int finish(uchar *dst, uint *dlen)

   {

+    buf_len %= MY_AES_BLOCK_SIZE;

     if (buf_len)

     {

-      const uchar *org_iv;

-      unsigned char *buf;

+      uchar *buf= EVP_CIPHER_CTX_buf_noconst(ctx);

       /*

         Not much we can do, block ciphers cannot encrypt data that aren't

         a multiple of the block length. At least not without padding.

         Let's do something CTR-like for the last partial block.

+

+        NOTE this assumes that there are only buf_len bytes in the buf.

+        If OpenSSL will change that, we'll need to change the implementation

+        of this class too.

       */

       uchar mask[MY_AES_BLOCK_SIZE];

       uint mlen;

-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

-      org_iv= EVP_CIPHER_CTX_original_iv(ctx);

-      buf= EVP_CIPHER_CTX_buf_noconst(ctx);

-#else

-      org_iv= ctx->oiv;

-      buf= ctx->buf;

-#endif

-

       my_aes_crypt(MY_AES_ECB, ENCRYPTION_FLAG_ENCRYPT | ENCRYPTION_FLAG_NOPAD,

-                   org_iv, sizeof(mask), mask, &mlen, key, klen, 0, 0);

+                   oiv, sizeof(mask), mask, &mlen, key, klen, 0, 0);

       DBUG_ASSERT(mlen == sizeof(mask));

       for (uint i=0; i < buf_len; i++)

@@ -178,9 +167,8 @@ make_aes_dispatcher(gcm)

 class MyCTX_gcm : public MyCTX

 {

 public:

-  const uchar *aad= NULL;

+  const uchar *aad;

   int aadlen;

-  my_bool encrypt;

   MyCTX_gcm() : MyCTX() { }

   ~MyCTX_gcm() { }

@@ -192,7 +180,6 @@ class MyCTX_gcm : public MyCTX

     int real_ivlen= EVP_CIPHER_CTX_iv_length(ctx);

     aad= iv + real_ivlen;

     aadlen= ivlen - real_ivlen;

-    this->encrypt= encrypt;

     return res;

   }

@@ -204,14 +191,14 @@ class MyCTX_gcm : public MyCTX

       before decrypting the data. it can encrypt data piecewise, like, first

       half, then the second half, but it must decrypt all at once

     */

-    if (!this->encrypt)

+    if (!EVP_CIPHER_CTX_encrypting(ctx))

     {

       slen-= MY_AES_BLOCK_SIZE;

       if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, MY_AES_BLOCK_SIZE,

                               (void*)(src + slen)))

         return MY_AES_OPENSSL_ERROR;

     }

-    int unused= 0;

+    int unused;

     if (aadlen && !EVP_CipherUpdate(ctx, NULL, &unused, aad, aadlen))

       return MY_AES_OPENSSL_ERROR;

     aadlen= 0;

@@ -220,12 +207,12 @@ class MyCTX_gcm : public MyCTX

   int finish(uchar *dst, uint *dlen)

   {

-    int fin= 0;

+    int fin;

     if (!EVP_CipherFinal_ex(ctx, dst, &fin))

       return MY_AES_BAD_DATA;

     DBUG_ASSERT(fin == 0);

-    if (this->encrypt)

+    if (EVP_CIPHER_CTX_encrypting(ctx))

     {

       if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, MY_AES_BLOCK_SIZE, dst))

         return MY_AES_OPENSSL_ERROR;

@@ -295,20 +282,15 @@ int my_aes_crypt(enum my_aes_mode mode, int flags,

 {

   void *ctx= alloca(MY_AES_CTX_SIZE);

   int res1, res2;

-  uint d1= 0, d2= 0;

+  uint d1= 0, d2;

   if ((res1= my_aes_crypt_init(ctx, mode, flags, key, klen, iv, ivlen)))

     return res1;

   res1= my_aes_crypt_update(ctx, src, slen, dst, &d1;;

   res2= my_aes_crypt_finish(ctx, dst + d1, &d2;;

-  *dlen= d1 + d2;

-  /* in case of failure clear error queue */

-#ifndef HAVE_YASSL

-  /* since we don't check the crypto error messages we need to

-     clear the error queue - otherwise subsequent crypto or tls/ssl

-     calls will fail */

-  if (!*dlen)

-    ERR_clear_error();

-#endif

+  if (res1 || res2)

+    ERR_remove_state(0); /* in case of failure clear error queue */

+  else

+    *dlen= d1 + d2;

   return res1 ? res1 : res2;

 }

@@ -350,12 +332,6 @@ int my_random_bytes(uchar* buf, int num)

 int my_random_bytes(uchar *buf, int num)

 {

-  /*

-    Unfortunately RAND_bytes manual page does not provide any guarantees

-    in relation to blocking behavior. Here we explicitly use SSLeay random

-    instead of whatever random engine is currently set in OpenSSL. That way

-    we are guaranteed to have a non-blocking random.

-  */

   RAND_METHOD *rand = RAND_OpenSSL();

   if (rand == NULL || rand->bytes(buf, num) != 1)

     return MY_AES_OPENSSL_ERROR;

diff --git a/mysys_ssl/my_md5.cc b/mysys_ssl/my_md5.cc

index 02c01dd7148..0105082b7e1 100644

--- a/mysys_ssl/my_md5.cc

+++ b/mysys_ssl/my_md5.cc

@@ -1,5 +1,5 @@

 /* Copyright (c) 2012, Oracle and/or its affiliates.

-   Copyright (c) 2014, SkySQL Ab.

+   Copyright (c) 2017, MariaDB Corporation

    This program is free software; you can redistribute it and/or modify

    it under the terms of the GNU General Public License as published by

@@ -27,50 +27,34 @@

 #include <my_md5.h>

 #include <stdarg.h>

-#define MA_HASH_CTX_SIZE 512

-

 #if defined(HAVE_YASSL)

 #include "md5.hpp"

+#include <ssl_compat.h>

-typedef TaoCrypt::MD5 MD5_CONTEXT;

+typedef TaoCrypt::MD5 EVP_MD_CTX;

-static void md5_init(MD5_CONTEXT *context)

+static void md5_init(EVP_MD_CTX *context)

 {

-  context= new(context) MD5_CONTEXT;

+  context= new(context) EVP_MD_CTX;

   context->Init();

 }

-/*

-  this is a variant of md5_init to be used in this file only.

-  does nothing for yassl, because the context's constructor was called automatically.

-*/

-static void md5_init_fast(MD5_CONTEXT *context)

-{

-}

-

-static void md5_input(MD5_CONTEXT *context, const uchar *buf, unsigned len)

+static void md5_input(EVP_MD_CTX *context, const uchar *buf, unsigned len)

 {

   context->Update((const TaoCrypt::byte *) buf, len);

 }

-static void md5_result(MD5_CONTEXT *context, uchar digest[MD5_HASH_SIZE])

+static void md5_result(EVP_MD_CTX *context, uchar digest[MD5_HASH_SIZE])

 {

     context->Final((TaoCrypt::byte *) digest);

 }

 #elif defined(HAVE_OPENSSL)

-

-

 #include <openssl/evp.h>

+#include <ssl_compat.h>

-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

-#define EVP_MD_CTX_reset(X) EVP_MD_CTX_cleanup(X)

-#endif

-typedef EVP_MD_CTX MD5_CONTEXT;

-

-static void md5_init(MD5_CONTEXT *context)

+static void md5_init(EVP_MD_CTX *context)

 {

-  memset(context, 0, my_md5_context_size());

   EVP_MD_CTX_init(context);

 #ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW

   /* Ok to ignore FIPS: MD5 is not used for crypto here */

@@ -79,20 +63,15 @@ static void md5_init(MD5_CONTEXT *context)

   EVP_DigestInit_ex(context, EVP_md5(), NULL);

 }

-static void md5_init_fast(MD5_CONTEXT *context)

-{

-  md5_init(context);

-}

-

-static void md5_input(MD5_CONTEXT *context, const uchar *buf, unsigned len)

+static void md5_input(EVP_MD_CTX *context, const uchar *buf, unsigned len)

 {

   EVP_DigestUpdate(context, buf, len);

 }

-static void md5_result(MD5_CONTEXT *context, uchar digest[MD5_HASH_SIZE])

+static void md5_result(EVP_MD_CTX *context, uchar digest[MD5_HASH_SIZE])

 {

   EVP_DigestFinal_ex(context, digest, NULL);

-  EVP_MD_CTX_reset(context);

+  EVP_MD_CTX_cleanup(context);

 }

 #endif /* HAVE_YASSL */

@@ -108,26 +87,23 @@ static void md5_result(MD5_CONTEXT *context, uchar digest[MD5_HASH_SIZE])

 */

 void my_md5(uchar *digest, const char *buf, size_t len)

 {

-#ifdef HAVE_YASSL

-  MD5_CONTEXT md5_context;

-#else

-  unsigned char md5_context[MA_HASH_CTX_SIZE];

-#endif

-  md5_init_fast((MD5_CONTEXT *)&md5_context);

-  md5_input((MD5_CONTEXT *)&md5_context, (const uchar *)buf, len);

-  md5_result((MD5_CONTEXT *)&md5_context, digest);

+  char ctx_buf[EVP_MD_CTX_SIZE];

+  EVP_MD_CTX * const ctx= (EVP_MD_CTX*)ctx_buf;

+  md5_init(ctx);

+  md5_input(ctx, (const uchar *)buf, len);

+  md5_result(ctx, digest);

 }

 /**

   Wrapper function to compute MD5 message digest for

-  two messages in order to emulate md5(msg1, msg2).

+  many messages, concatenated.

   @param digest [out]  Computed MD5 digest

   @param buf1   [in]   First message

   @param len1   [in]   Length of first message

-  @param buf2   [in]   Second message

-  @param len2   [in]   Length of second message

+         ...

+  @param bufN   [in]   NULL terminates the list of buf,len pairs.

   @return              void

 */

@@ -135,37 +111,34 @@ void my_md5_multi(uchar *digest, ...)

 {

   va_list args;

   const uchar *str;

-#ifdef HAVE_YASSL

-  MD5_CONTEXT md5_context;

-#else

-  unsigned char md5_context[MA_HASH_CTX_SIZE];

-#endif

+  char ctx_buf[EVP_MD_CTX_SIZE];

+  EVP_MD_CTX * const ctx= (EVP_MD_CTX*)ctx_buf;

   va_start(args, digest);

-  md5_init_fast((MD5_CONTEXT *)&md5_context);

+  md5_init(ctx);

   for (str= va_arg(args, const uchar*); str; str= va_arg(args, const uchar*))

-    md5_input((MD5_CONTEXT *)&md5_context, str, va_arg(args, size_t));

+    md5_input(ctx, str, va_arg(args, size_t));

-  md5_result((MD5_CONTEXT *)&md5_context, digest);

+  md5_result(ctx, digest);

   va_end(args);

 }

 size_t my_md5_context_size()

 {

-  return MA_HASH_CTX_SIZE;

+  return EVP_MD_CTX_SIZE;

 }

 void my_md5_init(void *context)

 {

-  md5_init((MD5_CONTEXT *)context);

+  md5_init((EVP_MD_CTX *)context);

 }

 void my_md5_input(void *context, const uchar *buf, size_t len)

 {

-  md5_input((MD5_CONTEXT *)context, buf, len);

+  md5_input((EVP_MD_CTX *)context, buf, len);

 }

 void my_md5_result(void *context, uchar *digest)

 {

-  md5_result((MD5_CONTEXT *)context, digest);

+  md5_result((EVP_MD_CTX *)context, digest);

 }

diff --git a/mysys_ssl/openssl.c b/mysys_ssl/openssl.c

new file mode 100644

index 00000000000..a3f1ca29ec1

--- /dev/null

+++ b/mysys_ssl/openssl.c

@@ -0,0 +1,71 @@

+/*

+ Copyright (c) 2017, MariaDB Corporation.

+

+ This program is free software; you can redistribute it and/or modify

+ it under the terms of the GNU General Public License as published by

+ the Free Software Foundation; version 2 of the License.

+

+ This program is distributed in the hope that it will be useful,

+ but WITHOUT ANY WARRANTY; without even the implied warranty of

+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ GNU General Public License for more details.

+

+ You should have received a copy of the GNU General Public License

+ along with this program; if not, write to the Free Software

+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */

+

+#include <my_global.h>

+#include <ssl_compat.h>

+

+#ifdef HAVE_YASSL

+

+int check_openssl_compatibility()

+{

+  return 0;

+}

+#else

+#include <openssl/evp.h>

+

+#ifdef HAVE_OPENSSL11

+typedef void *(*CRYPTO_malloc_t)(size_t, const char *, int);

+#endif

+

+#ifdef HAVE_OPENSSL10

+typedef void *(*CRYPTO_malloc_t)(size_t);

+#define CRYPTO_malloc   malloc

+#define CRYPTO_realloc  realloc

+#define CRYPTO_free     free

+#endif

+

+static uint allocated_size, allocated_count;

+

+static void *coc_malloc(size_t size)

+{

+  allocated_size+= size;

+  allocated_count++;

+  return malloc(size);

+}

+

+int check_openssl_compatibility()

+{

+  EVP_CIPHER_CTX *evp_ctx;

+  EVP_MD_CTX     *md5_ctx;

+

+  CRYPTO_set_mem_functions((CRYPTO_malloc_t)coc_malloc, CRYPTO_realloc, CRYPTO_free);

+

+  allocated_size= allocated_count= 0;

+  evp_ctx= EVP_CIPHER_CTX_new();

+  EVP_CIPHER_CTX_free(evp_ctx);

+  if (allocated_count != 1 || allocated_size > EVP_CIPHER_CTX_SIZE)

+    return 1;

+

+  allocated_size= allocated_count= 0;

+  md5_ctx= EVP_MD_CTX_create();

+  EVP_MD_CTX_destroy(md5_ctx);

+  if (allocated_count != 1 || allocated_size > EVP_MD_CTX_SIZE)

+    return 1;

+

+  CRYPTO_set_mem_functions(CRYPTO_malloc, CRYPTO_realloc, CRYPTO_free);

+  return 0;

+}

+#endif

diff --git a/mysys_ssl/yassl.cc b/mysys_ssl/yassl.cc

index 9e6f90d8d77..aa5631f2ab8 100644

--- a/mysys_ssl/yassl.cc

+++ b/mysys_ssl/yassl.cc

@@ -24,7 +24,6 @@