Update WolfSSL

Fix WolfSSL build:

- Do not build with TLSv1.0,it stopped working,at least with SChannel client
- Disable a test that depends on TLSv1.0
- define FP_MAX_BITS always, to fix 32bit builds.
- Increase MAX_AES_CTX_SIZE, to fix build on Linux

extra/wolfssl/user_settings.h.in

@@ -20,14 +20,18 @@
 #define WOLFSSL_AES_COUNTER
 #define NO_WOLFSSL_STUB
 #define OPENSSL_ALL
-#define WOLFSSL_ALLOW_TLSV10
+#define NO_OLD_TIMEVAL_NAME
+/*
+  FP_MAX_BITS is set high solely to satisfy ssl_8k_key.test
+  WolfSSL will use more stack space with it, with fastmath
+*/
+#define FP_MAX_BITS 16384
 
 #cmakedefine WOLFSSL_AESNI
 #cmakedefine USE_FAST_MATH
 #cmakedefine TFM_TIMING_RESISTANT
 #cmakedefine HAVE_INTEL_RDSEED
 #cmakedefine USE_INTEL_SPEEDUP
-#cmakedefine FP_MAX_BITS @FP_MAX_BITS@
 #cmakedefine USE_FAST_MATH
 #cmakedefine WOLFSSL_X86_64_BUILD
 

extra/wolfssl/wolfssl

@@ -1 +1 @@
-Subproject commit 3f13b49fa318fbd3216d7da36d942e7c276d3413
+Subproject commit e116c89a58af750421d82ece13f80516d2bde02e

include/mysql/service_my_crypt.h

@@ -45,7 +45,7 @@ extern "C" {
 /* The max key length of all supported algorithms */
 #define MY_AES_MAX_KEY_LENGTH 32
 
-#define MY_AES_CTX_SIZE 600
+#define MY_AES_CTX_SIZE 640
 
 enum my_aes_mode {
     MY_AES_ECB, MY_AES_CBC

include/ssl_compat.h

@@ -81,8 +81,8 @@
 
 #ifndef HAVE_WOLFSSL
 #define EVP_MD_CTX_reset(X) EVP_MD_CTX_cleanup(X)
-#endif
 #define EVP_CIPHER_CTX_reset(X) EVP_CIPHER_CTX_cleanup(X)
+#endif
 #define X509_get0_notBefore(X) X509_get_notBefore(X)
 #define X509_get0_notAfter(X) X509_get_notAfter(X)
 #endif

mysql-test/suite.pm

@@ -74,6 +74,9 @@ sub skip_combinations {
   $skip{'main/ssl_verify_ip.test'} = 'x509v3 support required'
     unless $openssl_ver ge "1.0.2";
 
+  $skip{'main/tls_version1.test'} = 'No TLSv1.0 support'
+    if $ssl_lib =~ /WolfSSL/;
+
   %skip;
 }