From https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch > +#if OPENSSL_VERSION_NUMBER < 0x10100000L > dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); > dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); > if (! dh->p || ! dh->g) > { > +#else > + if (! DH_set0_pqg(dh, > + BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL), > + BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL), > + NULL)) > + { > +#endif The parameter order of the DH_set0_pqg call in the openssl 1.1 branch is obviously wrong. It should be: > +#else > + if (! DH_set0_pqg(dh, > + BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL), > + NULL, > + BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL))) > + { > +#endif This bug results in libmysqlclient + SSL failing with: > SSL connection error: SSL_CTX_set_tmp_dh failed
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f3738737cebd87a225cc00de863a94d821f00a8f commit f3738737cebd87a225cc00de863a94d821f00a8f Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2018-09-18 13:11:56 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2018-09-18 13:11:56 +0000 dev-db/mysql-connector-c: Adjust openssl 1.1 patch to correct parameters Closes: https://bugs.gentoo.org/666436 Package-Manager: Portage-2.3.49, Repoman-2.3.10 dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)