WL#13290: remove wolfssl build support

RB#22348
zwang28 · Jun 19, 2019 · 3a608ec · 3a608ec
1 parent 3afb974
commit 3a608ec
Show file tree

Hide file tree

Showing 100 changed files with 92 additions and 4,633 deletions.
diff --git a/.gitignore b/.gitignore
@@ -9,9 +9,6 @@ TAGS_sorted_by_file
 # googletest files
 source_downloads
 
-# added so we can build with wolfSSL
-extra/wolfssl-*
-
 # Vim swap files
 [._]*.s[a-v][a-z]
 [._]*.sw[a-p]

diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -1116,7 +1116,7 @@ MYSQL_CHECK_ZLIB_WITH_COMPRESS()
 IF(BUILD_BUNDLED_ZLIB)
   INCLUDE_DIRECTORIES(SYSTEM ${CMAKE_CURRENT_SOURCE_DIR}/extra/zlib ${CMAKE_CURRENT_BINARY_DIR}/extra/zlib)
 ENDIF()
-# Add bundled wolfssl/wolfcrypt or system openssl.
+# Add system openssl.
 MYSQL_CHECK_SSL()
 MYSQL_CHECK_SSL_DLLS()
 

diff --git a/Docs/README.build b/Docs/README.build
@@ -1,4 +1,4 @@
-Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
+Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
 
 This program is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License, version 2.0,
@@ -67,10 +67,6 @@ For Mac users, please see
 You may also build OpenSSL yourself, and do
    cmake -DWITH_SSL=</path/to/custom/openssl>
 in order to build MySQL.
-
-Finally, there is an option to use wolfSSL,
-see extra/README-wolfssl.txt on how to set this up.
-
 ===
 
 It is possible to compile with Clang on Windows, which compiles faster

diff --git a/cmake/libutils.cmake b/cmake/libutils.cmake
@@ -353,8 +353,7 @@ MACRO(MERGE_CONVENIENCE_LIBRARIES)
 
   # On Windows, ssleay32.lib/libeay32.lib or libssl.lib/libcrypto.lib
   # must be merged into mysqlclient.lib
-  IF(WIN32 AND ${TARGET} STREQUAL "mysqlclient"
-      AND NOT WITH_SSL STREQUAL "wolfssl")
+  IF(WIN32 AND ${TARGET} STREQUAL "mysqlclient")
     SET(LINKER_EXTRA_FLAGS "")
     FOREACH(LIB ${SSL_LIBRARIES})
       STRING_APPEND(LINKER_EXTRA_FLAGS " ${LIB}")

diff --git a/cmake/ssl.cmake b/cmake/ssl.cmake
@@ -26,7 +26,6 @@
 #     - cmake -DCMAKE_PREFIX_PATH=</path/to/custom/openssl> -DWITH_SSL="system"
 #   or
 #     - cmake -DWITH_SSL=</path/to/custom/openssl>
-# - "wolfssl" uses wolfssl source code in <source dir>/extra/wolfssl-<version>
 #
 # The default value for WITH_SSL is "system"
 # set in cmake/build_configurations/feature_set.cmake
@@ -51,8 +50,6 @@ SET(WITH_SSL_DOC
   "${WITH_SSL_DOC}, \nyes (synonym for system)")
 SET(WITH_SSL_DOC
   "${WITH_SSL_DOC}, \n</path/to/custom/openssl/installation>")
-SET(WITH_SSL_DOC
-  "${WITH_SSL_DOC}, \nwolfssl (use wolfSSL. See extra/README-wolfssl.txt on how to set this up)")
 
 STRING(REPLACE "\n" "| " WITH_SSL_DOC_STRING "${WITH_SSL_DOC}")
 MACRO (CHANGE_SSL_SETTINGS string)
@@ -78,58 +75,6 @@ MACRO(FATAL_SSL_NOT_FOUND_ERROR string)
   ENDIF()
 ENDMACRO()
 
-MACRO (MYSQL_USE_WOLFSSL)
-  SET(WOLFSSL_VERSION "3.14.0")
-  SET(WOLFSSL_SOURCE_DIR "${CMAKE_SOURCE_DIR}/extra/wolfssl-${WOLFSSL_VERSION}")
-  MESSAGE(STATUS "WOLFSSL_SOURCE_DIR = ${WOLFSSL_SOURCE_DIR}")
-
-  SET(INC_DIRS
-    ${CMAKE_SOURCE_DIR}/include
-    ${WOLFSSL_SOURCE_DIR}
-    ${WOLFSSL_SOURCE_DIR}/wolfssl
-    ${WOLFSSL_SOURCE_DIR}/wolfssl/wolfcrypt
-  )
-  SET(SSL_LIBRARIES  wolfssl wolfcrypt)
-  IF(SOLARIS)
-    SET(SSL_LIBRARIES ${SSL_LIBRARIES} ${LIBSOCKET})
-  ENDIF()
-  INCLUDE_DIRECTORIES(BEFORE SYSTEM ${INC_DIRS})
-  SET(SSL_INTERNAL_INCLUDE_DIRS ${WOLFSSL_SOURCE_DIR})
-  ADD_DEFINITIONS(
-    -DBUILDING_WOLFSSL
-    -DHAVE_ECC
-    -DHAVE_HASHDRBG
-    -DHAVE_WOLFSSL
-    -DKEEP_OUR_CERT
-    -DMULTI_THREADED
-    -DOPENSSL_EXTRA
-    -DSESSION_CERT
-    -DWC_NO_HARDEN
-    -DWOLFSSL_AES_COUNTER
-    -DWOLFSSL_AES_DIRECT
-    -DWOLFSSL_ALLOW_TLSV10
-    -DWOLFSSL_CERT_EXT
-    -DWOLFSSL_MYSQL_COMPATIBLE
-    -DWOLFSSL_SHA224
-    -DWOLFSSL_SHA384
-    -DWOLFSSL_SHA512
-    -DWOLFSSL_STATIC_RSA
-    -DWOLFSSL_CERT_GEN
-    )
-  CHANGE_SSL_SETTINGS("wolfssl")
-  ADD_SUBDIRECTORY(${WOLFSSL_SOURCE_DIR})
-  ADD_SUBDIRECTORY(${WOLFSSL_SOURCE_DIR}/wolfcrypt)
-  GET_TARGET_PROPERTY(src wolfssl SOURCES)
-  FOREACH(file ${src})
-    SET(SSL_SOURCES ${SSL_SOURCES} ${WOLFSSL_SOURCE_DIR}/${file})
-  ENDFOREACH()
-  GET_TARGET_PROPERTY(src wolfcrypt SOURCES)
-  FOREACH(file ${src})
-    SET(SSL_SOURCES ${SSL_SOURCES}
-      ${WOLFSSL_SOURCE_DIR}/wolfcrypt/${file})
-  ENDFOREACH()
-ENDMACRO()
-
 MACRO(RESET_SSL_VARIABLES)
   UNSET(WITH_SSL_PATH)
   UNSET(WITH_SSL_PATH CACHE)
@@ -150,21 +95,13 @@ ENDMACRO()
 # MYSQL_CHECK_SSL
 #
 # Provides the following configure options:
-# WITH_SSL=[yes|wolfssl|system|<path/to/custom/installation>]
+# WITH_SSL=[yes|system|<path/to/custom/installation>]
 MACRO (MYSQL_CHECK_SSL)
 
   IF(NOT WITH_SSL)
     CHANGE_SSL_SETTINGS("system")
   ENDIF()
 
-  IF(WITH_SSL STREQUAL "bundled")
-    MESSAGE(WARNING
-      "bundled SSL (YaSSL) is no longer supported, changed to system"
-      )
-    RESET_SSL_VARIABLES()
-    CHANGE_SSL_SETTINGS("system")
-  ENDIF()
-
   # See if WITH_SSL is of the form </path/to/custom/installation>
   FILE(GLOB WITH_SSL_HEADER ${WITH_SSL}/include/openssl/ssl.h)
   IF (WITH_SSL_HEADER)
@@ -173,34 +110,7 @@ MACRO (MYSQL_CHECK_SSL)
     SET(WITH_SSL_PATH ${WITH_SSL})
   ENDIF()
 
-  IF(WITH_SSL STREQUAL "wolfssl")
-    MYSQL_USE_WOLFSSL()
-    # Reset some variables, in case we switch from /path/to/ssl to "wolfssl".
-    IF (WITH_SSL_PATH)
-      UNSET(WITH_SSL_PATH)
-      UNSET(WITH_SSL_PATH CACHE)
-    ENDIF()
-    IF (OPENSSL_ROOT_DIR)
-      UNSET(OPENSSL_ROOT_DIR)
-      UNSET(OPENSSL_ROOT_DIR CACHE)
-    ENDIF()
-    IF (OPENSSL_INCLUDE_DIR)
-      UNSET(OPENSSL_INCLUDE_DIR)
-      UNSET(OPENSSL_INCLUDE_DIR CACHE)
-    ENDIF()
-    IF (WIN32 AND OPENSSL_APPLINK_C)
-      UNSET(OPENSSL_APPLINK_C)
-      UNSET(OPENSSL_APPLINK_C CACHE)
-    ENDIF()
-    IF (OPENSSL_LIBRARY)
-      UNSET(OPENSSL_LIBRARY)
-      UNSET(OPENSSL_LIBRARY CACHE)
-    ENDIF()
-    IF (CRYPTO_LIBRARY)
-      UNSET(CRYPTO_LIBRARY)
-      UNSET(CRYPTO_LIBRARY CACHE)
-    ENDIF()
-  ELSEIF(WITH_SSL STREQUAL "system" OR
+  IF(WITH_SSL STREQUAL "system" OR
       WITH_SSL STREQUAL "yes" OR
       WITH_SSL_PATH
       )

diff --git a/extra/README-wolfssl.txt b/extra/README-wolfssl.txt
diff --git a/extra/libevent/CMakeLists.txt b/extra/libevent/CMakeLists.txt
@@ -128,12 +128,6 @@ option(EVENT__DISABLE_THREAD_SUPPORT
 option(EVENT__DISABLE_OPENSSL
     "Define if libevent should build without support for OpenSSL encrpytion" OFF)
 
-IF(WITH_SSL STREQUAL "wolfssl")
-  MESSAGE(STATUS "This version of libevent does not support the wolfssl  SSL library")
-  SET(EVENT__DISABLE_OPENSSL ON CACHE INTERNAL "" FORCE)
-  SET(EVENT__DISABLE_OPENSSL 1)
-ENDIF()
-
 option(EVENT__DISABLE_BENCHMARK
     "Defines if libevent should build without the benchmark exectuables" ON)
 

diff --git a/include/my_aes.h b/include/my_aes.h
@@ -1,7 +1,7 @@
 #ifndef MY_AES_INCLUDED
 #define MY_AES_INCLUDED
 
-/* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
+/* Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
 
  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License, version 2.0,
@@ -44,9 +44,7 @@ enum my_aes_opmode {
   my_aes_256_ecb,
   my_aes_128_cbc,
   my_aes_192_cbc,
-  my_aes_256_cbc
-#ifndef HAVE_WOLFSSL
-  ,
+  my_aes_256_cbc,
   my_aes_128_cfb1,
   my_aes_192_cfb1,
   my_aes_256_cfb1,
@@ -59,15 +57,10 @@ enum my_aes_opmode {
   my_aes_128_ofb,
   my_aes_192_ofb,
   my_aes_256_ofb
-#endif
 };
 
 #define MY_AES_BEGIN my_aes_128_ecb
-#ifdef HAVE_WOLFSSL
-#define MY_AES_END my_aes_256_cbc
-#else
 #define MY_AES_END my_aes_256_ofb
-#endif
 
 /* If bad data discovered during decoding */
 #define MY_AES_BAD_DATA -1

diff --git a/include/my_rnd.h b/include/my_rnd.h
@@ -2,7 +2,7 @@
 #define MY_RANDOM_INCLUDED
 
 /*
-   Copyright (c) 2012, 2018, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2012, 2019, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License, version 2.0,
@@ -26,7 +26,7 @@
 
 /**
   @file include/my_rnd.h
-  A wrapper to use OpenSSL/wolfSSL PRNGs.
+  A wrapper to use OpenSSL PRNGs.
 */
 
 #include <stddef.h>

diff --git a/include/mysql/service_ssl_wrapper.h b/include/mysql/service_ssl_wrapper.h
@@ -26,12 +26,12 @@
 #include "my_compiler.h"
 #include "violite.h"
 
-namespace ssl_wrappe_service {
+namespace ssl_wrapper_service {
 
 int MY_ATTRIBUTE((visibility("default")))
     dummy_function_to_ensure_we_are_linked_into_the_server();
 
-}  // namespace ssl_wrappe_service
+}  // namespace ssl_wrapper_service
 
 /**
   Return version of SSL used in currect connection

diff --git a/include/sha2.h b/include/sha2.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2007, 2018, Oracle and/or its affiliates. All rights reserved.
+/* Copyright (c) 2007, 2019, Oracle and/or its affiliates. All rights reserved.
 
  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License, version 2.0,
@@ -32,13 +32,7 @@
 #include <openssl/evp.h>
 #include <stddef.h>
 
-#if !defined(HAVE_WOLFSSL)
 #include <openssl/sha.h>
-#endif  // !defined(HAVE_WOLFSSL)
-
-#if defined(HAVE_WOLFSSL) && defined(__cplusplus)
-extern "C" {
-#endif  // defined(HAVE_WOLFSSL) && defined(__cplusplus)
 
 #define GEN_OPENSSL_EVP_SHA2_BRIDGE(size)                      \
   unsigned char *SHA_EVP##size(const unsigned char *input_ptr, \
@@ -50,9 +44,5 @@ GEN_OPENSSL_EVP_SHA2_BRIDGE(256)
 GEN_OPENSSL_EVP_SHA2_BRIDGE(224)
 #undef GEN_OPENSSL_EVP_SHA2_BRIDGE
 
-#if defined(HAVE_WOLFSSL) && defined(__cplusplus)
-}
-#endif  // defined(HAVE_WOLFSSL) && defined(__cplusplus)
-
 #endif /* HAVE_OPENSSL */
 #endif /* included_sha2_h */
diff --git a/include/sslopt-case.h b/include/sslopt-case.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
+/* Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License, version 2.0,
@@ -35,10 +35,8 @@ case OPT_SSL_MODE:
   ssl_mode_set_explicitly = true;
   break;
 case OPT_SSL_FIPS_MODE:
-#ifndef HAVE_WOLFSSL
   opt_ssl_fips_mode =
       find_type_or_exit(argument, &ssl_fips_mode_typelib, opt->name) - 1;
-#endif  //#ifndef HAVE_WOLFSSL
   break;
 case OPT_SSL_CA:
 case OPT_SSL_CAPATH:
@@ -51,10 +49,5 @@ case OPT_SSL_CIPHER:
 case OPT_SSL_CRL:
 case OPT_SSL_CRLPATH:
 case OPT_TLS_VERSION:
-#ifdef HAVE_WOLFSSL
-  /* crl has no effect in wolfSSL */
-  opt_ssl_crl = NULL;
-  opt_ssl_crlpath = NULL;
-#endif /* HAVE_WOLFSSL */
   break;
 #endif /* HAVE_OPENSSL */
diff --git a/include/sslopt-longopts.h b/include/sslopt-longopts.h
@@ -174,11 +174,7 @@
     {"ssl-fips-mode",
      OPT_SSL_FIPS_MODE,
      "SSL FIPS mode (applies only for OpenSSL); "
-#ifndef HAVE_WOLFSSL
      "permitted values are: OFF, ON, STRICT",
-#else
-     "permitted values are: OFF",
-#endif
      0,
      0,
      0,

diff --git a/include/sslopt-vars.h b/include/sslopt-vars.h
@@ -55,13 +55,7 @@ const char *ssl_mode_names_lib[] = {"DISABLED",  "PREFERRED",       "REQUIRED",
 TYPELIB ssl_mode_typelib = {array_elements(ssl_mode_names_lib) - 1, "",
                             ssl_mode_names_lib, NULL};
 
-const char *ssl_fips_mode_names_lib[] =
-#ifndef HAVE_WOLFSSL
-    {"OFF", "ON", "STRICT",
-#else
-    {"OFF",
-#endif
-     NullS};
+const char *ssl_fips_mode_names_lib[] = {"OFF", "ON", "STRICT", NullS};
 TYPELIB ssl_fips_mode_typelib = {array_elements(ssl_fips_mode_names_lib) - 1,
                                  "", ssl_fips_mode_names_lib, NULL};