| Log Message: |
Fix data encryption at rest when building with LibreSSL
Replace RAND_SSLeay->bytes with arc4random_buf when using LibreSSL, as
it supports RAND_SSLeay only for ABI compatibility [0].
Note that the code in question in mariadb mentions that RAND_bytes
isn't guaranteed to not block and therefore uses these functions directly.
As LibreSSL implements RAND_bytes in terms of arc4random_buf, which
shouldn't block, the patch could also use RAND_bytes instead of
using arc4random_buf directly, but the current version of the patch
has been tested in production and might be less confusing overall.
Bumped revision, as this fixes a runtime problem.
[0]
https://github.com/libressl/libressl/blob/master/src/crypto/rand/rand_lib.c#L36
PR: 213577
Approved by: ssl blanket
|
head/databases/mariadb101-server/Makefile