--- mysql-5.7.31/cmake/ssl.cmake.orig	2020-06-02 13:05:42.000000000 +0200
+++ mysql-5.7.31/cmake/ssl.cmake	2021-09-26 10:27:27.431001078 +0200
@@ -172,20 +172,28 @@
       #   #define OPENSSL_VERSION_NUMBER 0x1000103fL
       # Encoded as MNNFFPPS: major minor fix patch status
       FILE(STRINGS "${OPENSSL_INCLUDE_DIR}/openssl/opensslv.h"
-        OPENSSL_VERSION_NUMBER
-        REGEX "^#[ ]*define[\t ]+OPENSSL_VERSION_NUMBER[\t ]+0x[0-9].*"
+        OPENSSL_VERSION_MAJOR
+        REGEX "^#[ ]*define[\t ]+OPENSSL_VERSION_MAJOR[\t ]+([0-9]+).*"
         )
       STRING(REGEX REPLACE
-        "^.*OPENSSL_VERSION_NUMBER[\t ]+0x([0-9]).*$" "\\1"
-        OPENSSL_MAJOR_VERSION "${OPENSSL_VERSION_NUMBER}"
+        "^#[ ]*define[\t ]+OPENSSL_VERSION_MAJOR[\t ]+([0-9]+).*" "\\1"
+        OPENSSL_MAJOR_VERSION ${OPENSSL_VERSION_MAJOR}
+        )
+      FILE(STRINGS "${OPENSSL_INCLUDE_DIR}/openssl/opensslv.h"
+        OPENSSL_VERSION_MINOR
+        REGEX "^#[ ]*define[\t ]+OPENSSL_VERSION_MINOR[\t ]+([0-9]+).*"
         )
       STRING(REGEX REPLACE
-        "^.*OPENSSL_VERSION_NUMBER[\t ]+0x[0-9]([0-9][0-9]).*$" "\\1"
-        OPENSSL_MINOR_VERSION "${OPENSSL_VERSION_NUMBER}"
+        "^#[ ]*define[\t ]+OPENSSL_VERSION_MINOR[\t ]+([0-9]+).*" "\\1"
+        OPENSSL_MINOR_VERSION ${OPENSSL_VERSION_MINOR}
+        )
+      FILE(STRINGS "${OPENSSL_INCLUDE_DIR}/openssl/opensslv.h"
+        OPENSSL_VERSION_PATCH
+        REGEX "^#[ ]*define[\t ]+OPENSSL_VERSION_PATCH[\t ]+([0-9]+).*"
         )
       STRING(REGEX REPLACE
-        "^.*OPENSSL_VERSION_NUMBER[\t ]+0x[0-9][0-9][0-9]([0-9][0-9]).*$" "\\1"
-        OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
+        "^#[ ]*define[\t ]+OPENSSL_VERSION_PATCH[\t ]+([0-9]+).*" "\\1"
+        OPENSSL_FIX_VERSION ${OPENSSL_VERSION_PATCH}
         )
     ENDIF()
     SET(OPENSSL_VERSION
@@ -203,7 +211,7 @@
     IF(OPENSSL_INCLUDE_DIR AND
        OPENSSL_LIBRARY   AND
        CRYPTO_LIBRARY      AND
-       OPENSSL_MAJOR_VERSION STREQUAL "1"
+       (OPENSSL_MAJOR_VERSION STREQUAL "1" OR OPENSSL_MAJOR_VERSION STREQUAL "3")
       )
       SET(OPENSSL_FOUND TRUE)
     ELSE()
--- percona-server-5.7.31-34/sql/mysqld.cc~	2020-08-15 11:23:18.000000000 +0200
+++ percona-server-5.7.31-34/sql/mysqld.cc	2021-09-26 16:17:42.275241856 +0200
@@ -161,6 +161,7 @@
 
 #if defined(HAVE_OPENSSL)
 #include <openssl/crypto.h>
+#include <openssl/evp.h>
 #endif
 
 #ifndef EMBEDDED_LIBRARY
@@ -3689,15 +3689,15 @@
 static int init_ssl()
 {
 #ifdef HAVE_OPENSSL
-  int fips_mode= FIPS_mode();
+  int fips_mode = EVP_default_properties_is_fips_enabled(NULL);
   if (fips_mode != 0)
   {
     /* FIPS is enabled, Log warning and Disable it now */
     sql_print_warning(
         "Percona Server cannot operate under OpenSSL FIPS mode."
         " Disabling FIPS.");
-    FIPS_mode_set(0);
+    EVP_set_default_properties(NULL, "fips=no");
   }
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
   CRYPTO_malloc_init();
 #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */