diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2020-08-25 10:45:55 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2020-08-25 10:45:55 +0100 |
| commit | 3cf7c3ef441822c889356fd1812ebf2944a59851 (patch) | |
| tree | c513fe68548b40365c1c2ebfe35c58ad431cdd77 /dev-db/mysql-connector-c | |
| parent | 05b8b0e0af1d72e51a3ee61522941bf7605cd01c (diff) | |
gentoo resync : 25.08.2020
Diffstat (limited to 'dev-db/mysql-connector-c')
11 files changed, 77 insertions, 899 deletions
diff --git a/dev-db/mysql-connector-c/Manifest b/dev-db/mysql-connector-c/Manifest index 45c8544954b0..1c0d7f64fa63 100644 --- a/dev-db/mysql-connector-c/Manifest +++ b/dev-db/mysql-connector-c/Manifest @@ -1,15 +1,7 @@ -AUX 20028_all_mysql-5.6-gcc7.patch 603 BLAKE2B f03dc2e39dca4496cc084b427daa60014464876df456bf290a5de3431b481691a35ac9ac00d71cc86931efe3bca70dae012bedefc6d29ad7fec2feeb07cce014 SHA512 f9dab813418f38f3a877b8672cdec153d6f0f289144c35277e8275cc7a58195f974b7bf76b74f8dd2403643b1199f5e6d6bcde661ce5f79f614ff10347b52278 -AUX 6.1.11-openssl-1.1.patch 8987 BLAKE2B 8bd00bb778e086cbdcd04b6ac904f36bd64bbbb332f913129eb3acbaf6da4d044fdc65523626a9fed47d6bf5859826af489bd9ae7ae51664c613c966a88708ba SHA512 46af56504ed2a69ce74a5e2040ee8b3355f5ac48fb80e4668b635f01a2650d07f50dd098ad43239e8b35a80e975a5a9549bd1b1a9c1a0612ed9e4750b537bb76 -AUX mysql-connector-c-8.0.17-use-relative-include-path-for-udf_registration_types-h.patch 684 BLAKE2B 10007011b38462ffa8b539f9ac531c715fcead4e6bb1d1c04ea8055decc0aa6eda8b22e3967d91773316d04062ca231cf8561ce72ab2b5aaeaf37a0bb425c7f5 SHA512 d0e60dff5faa7b6c71878803d598b46266021029c874c8f6834d496de10ddf42d3b806fae3c6d532c1890cb5f491bbd69235bd1ac919848011a9ca57c465ce1c AUX mysql-connector-c-8.0.18-always-build-decompress-utilities.patch 874 BLAKE2B 1622ba22ebb68d8b72499efec3075bbbe157b1ceaab5651dbc6dea996c831159161878a859972119dd4d5c20bb631681efb00b8d9715b3097890def8016898f4 SHA512 02ae005e8ac710dcc75f07011006df63a6d22f030b4eff0c6d28f78b083b1d7385190c9080812b5c9c2a84ad66972594b7d79a1485285c9ad76245577d42e528 AUX mysql-connector-c-8.0.19-do-not-install-comp_err.patch 307 BLAKE2B 864c07e9d4fb9a38ac418476f4b7738caa1f2a5dc633ad5921859793983c7b42acd87263ce2703df5a8c7d3bc3d7a60efb28a3ff17c311d89cc7b12edd22574f SHA512 cbb9be24a67a649b68230fe3482063d2d16fb629233e070289eb1ab0011bd8c43b0c056e4b6ca430a62ce0e8f47bb9490cb6746b7dc3fe06a05670b078cd084f -AUX mysql-connector-c-8.0.19-libressl.patch 10501 BLAKE2B 73a31afdbbb591cadd45f158ca16c39344f540459b20683e5998f0e0f0d593dfd06e7198d3d8a5e06f8e65ff6b7a5f79435a1face9997f3316e487ef1e081459 SHA512 1d8e75e8ba6866ff4d0dced7211607e41033bbdfabd0f8a670ac221e7366e272cfc2b9c4d0f259e5d33ed486e9697bcefbdb0e6a0cd65ed2811b63e9cf1610f3 -AUX mysql-connector-c-8.0.20-libressl.patch 11923 BLAKE2B a545f2570e744cce7e4e59109daebfd2f29d2065bfeadbb48f9d910c3d2d24e5fe24064e6453e6f423a241b59a69f26492a0cd82801e81f2eec13674291a4abe SHA512 cee40efd1ce9806fb36d0d36374b2d231a45553a2ff595d5e752f1b0ae80a9bb61cfeaa7a280f51f290580de777517524eac563028c747dbc2ac7b269cc1dcb4 -AUX mysql_com.patch 1787 BLAKE2B 4fbd40325f400586926072927b3f07231d577f18c1e30951c34c36ded9b9e42b7c3dc47ca51df974265c28b40116e30274d8a73d6a843e5d9d0074430bc17b08 SHA512 340365b05d72045af0ef12fd5c260a796be547d9abb97a6ef3d6aaf30aecf29368c1dfa28f1284da544a81656f0436f11ada2f8c5cb481540d1f1c90dd354b49 -DIST mysql-boost-8.0.19.tar.gz 264147972 BLAKE2B 61a5ccbef1a7a675c85e4e6bda8e5285bdb931e6ee14d4710bf13dfd9157d1095200db2886dc93ea7251d3d59245f35c0bef5ba88ba6aac209b1e080f3b07dc4 SHA512 5ffc03f005ab2585694902e926b6cb2b10059b2b030549eccd3949f9c3b2f02626d02529f940dec003f2d69683856fd1c720ff12f89dfbdc48befaf24a9c4d01 -DIST mysql-boost-8.0.20.tar.gz 266282970 BLAKE2B 2aeb9d6c575ed9dc2d00d3e51e6391c59ffa39156491d9ed2c07e19bb2efb88a14d5a9d4b537c137d71854e39fa3a7fc2b93618118d4fd062e92ba2d83783c6f SHA512 7a962e9ddec7069008c5ab6ac2801515e2661ca2875afc6141541c03e2f941f4255b3c0d806a4df2fd2f2f1d12323aeb1e456c1d364777a18ccebefad7b22a99 -DIST mysql-connector-c-6.1.11-src.tar.gz 3489345 BLAKE2B 813512520ef660521221565a4466e81d902629d0ee731f746b68eed2b9129ea8361fcabe184537ec8ba91aed5a4b02dfb3450b36524c2e98f81fba148eee0cf1 SHA512 271395c888a93b833e0bbe1840b9987ecdb37d0f1cf89904207cc9aa99ed32e538aee8c9529ff39b6533947159776a8f5aa079da86ed51b1d26b086f4ffdd7c6 -EBUILD mysql-connector-c-6.1.11-r2.ebuild 2287 BLAKE2B 831b0960af0f087357840434bf61ef773df2a98357fec736c9279fff8f44e9d68384aca45381aa9b332137f5ba6b3ab9478fb3c21169893a520f9017508ee827 SHA512 f06aef9d2d5e2bc0a607d66d10b7cd755e34cf5167f0fb2b2ed5595f50b8f8d6f41e839879c343ec272121f4c1c1d71ff6ada70e40f7cd9ea69b8fd385b85abd -EBUILD mysql-connector-c-8.0.19.ebuild 2927 BLAKE2B 37b57beb51549b94d75bf1695b93914042303f933e5294e9b73804ab7a6bae986ac89db6e648f78e9b1fcf106cfab143f4942da76ed930cf71b5f14fde9c7709 SHA512 d6404f3558f254a08702dea0036d346155e83dc6695b1237e0da9d17cb5aa85e32a3c60195d461cf33d976be2ec9af2519abb16aab16a1b73c27c34e38bd88b2 -EBUILD mysql-connector-c-8.0.20.ebuild 2936 BLAKE2B cc7571d0d64f102259368c247f8c992997965f985b3582c72d36457798e6341844f349b4de635dd0a94bb2092505e071eff4de64b8e96f90f145123a8f6b462a SHA512 5b7b0134429713e44c6c4f98ce8b04cdd0bedc9520c72772a274cb522a3590e856455553cbb83d868b3fee606e9a00fff233a6358bb0d635811d4c2a0b1f5450 +AUX mysql-connector-c-8.0.21-libressl.patch 13288 BLAKE2B 5aad519f99103e579356d89ae92dda1e2496268cebdfe8dd3797138a5efe03370365225581399bb2373b847f61e2b4be726d940cde624d3cdda94b5c69904a3a SHA512 f4d057ce159153133e100c71c65f75bd558ba1ea914cd878023dc4e4a628d63b60d0ac671a97d26863b3f48c3dc8984317bb09362378c3b96b8ed47f08c1f6ea +AUX mysql-connector-c-8.0.21-survive-malformed-charset-files.patch 580 BLAKE2B 76ea04058e14dce1cdd057b51e17d358ff582c82f27a537fb47aa66d58c88327231ca10755a6e02d0c1dab5c67d6eb92d9e9d5d74038595a203b65d3372d4577 SHA512 d8075a712bf12697499b1da2df7f43662bcce073113193e4b29261f965f10af43b1d529f1fe14ffed6c7c9bda3d3b0a61a2b3462e865724496d3d80f10c5264e +DIST mysql-boost-8.0.21.tar.gz 278292192 BLAKE2B 9e5a14d1401f58f6f620c8691d2d4d3ada122a79a4e081380050961f0add93bf32b682c60ea2a6e58f50a4fcedbd323d8efe2d5f3e1f2bba5010e201a2df5d44 SHA512 18128edd7d9604ea69bd308f372d6663ef3629503969148e3a2117175c4ef625358b31b96e0e1b8d10a87037719e3cb61d5c71eee1e26ab0e0a1731977a2d7c1 +EBUILD mysql-connector-c-8.0.21-r2.ebuild 3002 BLAKE2B bd309386636ee9e1e6cb5f2019e06718036ada58e0dfd6b6b9f94228ea129d348dd8f08306af2ae85b3d68bcb7f936e06dfe2a889483dd62f148fa299bf57efd SHA512 ee1811c9c6c4e1dd27ece9a70d6e6ca174f2d0419704a4612a97e7421505884adee9e2db97282e9ecc341c09bd6381a3d7572d32dc4ce9031793977583720921 MISC metadata.xml 239 BLAKE2B c4d6706d083b72927d239f41a644a4009c054c1c1a388af7733d3a2daf47d354009eb472573304a6be272601f05535297bcd9ceaea811a741cd905577ffe53d1 SHA512 e6e2fafe2f503db1d12e3d2368a99631ee8d014b7ea802d9879e7e3e2c0f9378675fffccd78ed09b914ae781ac3902567b1a53a721906e3ea63ceb51d0a1654b diff --git a/dev-db/mysql-connector-c/files/20028_all_mysql-5.6-gcc7.patch b/dev-db/mysql-connector-c/files/20028_all_mysql-5.6-gcc7.patch deleted file mode 100644 index cf8caedb7f1b..000000000000 --- a/dev-db/mysql-connector-c/files/20028_all_mysql-5.6-gcc7.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/sql-common/client_authentication.cc b/sql-common/client_authentication.cc -index eaeb2d4..035ecd2 100644 ---- a/sql-common/client_authentication.cc -+++ b/sql-common/client_authentication.cc -@@ -84,7 +84,7 @@ RSA *rsa_init(MYSQL *mysql) - - if (mysql->options.extension != NULL && - mysql->options.extension->server_public_key_path != NULL && -- mysql->options.extension->server_public_key_path != '\0') -+ mysql->options.extension->server_public_key_path[0] != '\0') - { - pub_key_file= fopen(mysql->options.extension->server_public_key_path, - "r"); diff --git a/dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch b/dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch deleted file mode 100644 index 3459206e4f76..000000000000 --- a/dev-db/mysql-connector-c/files/6.1.11-openssl-1.1.patch +++ /dev/null @@ -1,300 +0,0 @@ -From 7961393dd45e4ad1cdc7544b4bba2e98a5d2760c Mon Sep 17 00:00:00 2001 -From: eroen <eroen@occam.eroen.eu> -Date: Fri, 20 Jan 2017 14:43:53 +0100 -Subject: [PATCH] Don't use deprecated API with openssl 1.1 - -If openssl 1.1.0 is built with `--api=1.1 disable-deprecated`, using -deprecated APIs causes build errors. - -X-Gentoo-Bug: 606600 -X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=606600 ---- - mysys_ssl/my_aes_openssl.cc | 54 ++++++++++++++++++++++++++++++++------------- - sql-common/client.c | 16 ++++++++++++-- - vio/viossl.c | 8 +++++++ - vio/viosslfactories.c | 23 +++++++++++++++++++ - 4 files changed, 84 insertions(+), 17 deletions(-) - -diff --git a/mysys_ssl/my_aes_openssl.cc b/mysys_ssl/my_aes_openssl.cc -index 261ba8a..59a95e3 100644 ---- a/mysys_ssl/my_aes_openssl.cc -+++ b/mysys_ssl/my_aes_openssl.cc -@@ -22,6 +22,12 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ - #include <openssl/evp.h> - #include <openssl/err.h> - #include <openssl/bio.h> -+#include <openssl/opensslv.h> -+ -+#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L) -+#undef OPENSSL_VERSION_NUMBER -+#define OPENSSL_VERSION_NUMBER 0x1000107fL -+#endif - - /* - xplugin needs BIO_new_bio_pair, but the server does not. -@@ -122,7 +128,7 @@ int my_aes_encrypt(const unsigned char *source, uint32 source_length, - enum my_aes_opmode mode, const unsigned char *iv, - bool padding) - { -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx; - const EVP_CIPHER *cipher= aes_evp_type(mode); - int u_len, f_len; - /* The real key to be used for encryption */ -@@ -132,23 +138,31 @@ int my_aes_encrypt(const unsigned char *source, uint32 source_length, - if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) - return MY_AES_BAD_DATA; - -- if (!EVP_EncryptInit(&ctx, cipher, rkey, iv)) -+ if (!EVP_EncryptInit(ctx, cipher, rkey, iv)) - goto aes_error; /* Error */ -- if (!EVP_CIPHER_CTX_set_padding(&ctx, padding)) -+ if (!EVP_CIPHER_CTX_set_padding(ctx, padding)) - goto aes_error; /* Error */ -- if (!EVP_EncryptUpdate(&ctx, dest, &u_len, source, source_length)) -+ if (!EVP_EncryptUpdate(ctx, dest, &u_len, source, source_length)) - goto aes_error; /* Error */ - -- if (!EVP_EncryptFinal(&ctx, dest + u_len, &f_len)) -+ if (!EVP_EncryptFinal(ctx, dest + u_len, &f_len)) - goto aes_error; /* Error */ - -- EVP_CIPHER_CTX_cleanup(&ctx); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_cleanup(ctx); -+#else -+ EVP_CIPHER_CTX_free(ctx); -+#endif - return u_len + f_len; - - aes_error: - /* need to explicitly clean up the error if we want to ignore it */ - ERR_clear_error(); -- EVP_CIPHER_CTX_cleanup(&ctx); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_cleanup(ctx); -+#else -+ EVP_CIPHER_CTX_free(ctx); -+#endif - return MY_AES_BAD_DATA; - } - -@@ -159,7 +173,7 @@ int my_aes_decrypt(const unsigned char *source, uint32 source_length, - bool padding) - { - -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx; - const EVP_CIPHER *cipher= aes_evp_type(mode); - int u_len, f_len; - -@@ -170,24 +184,34 @@ int my_aes_decrypt(const unsigned char *source, uint32 source_length, - if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) - return MY_AES_BAD_DATA; - -- EVP_CIPHER_CTX_init(&ctx); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_init(ctx); -+#endif - -- if (!EVP_DecryptInit(&ctx, aes_evp_type(mode), rkey, iv)) -+ if (!EVP_DecryptInit(ctx, aes_evp_type(mode), rkey, iv)) - goto aes_error; /* Error */ -- if (!EVP_CIPHER_CTX_set_padding(&ctx, padding)) -+ if (!EVP_CIPHER_CTX_set_padding(ctx, padding)) - goto aes_error; /* Error */ -- if (!EVP_DecryptUpdate(&ctx, dest, &u_len, source, source_length)) -+ if (!EVP_DecryptUpdate(ctx, dest, &u_len, source, source_length)) - goto aes_error; /* Error */ -- if (!EVP_DecryptFinal_ex(&ctx, dest + u_len, &f_len)) -+ if (!EVP_DecryptFinal_ex(ctx, dest + u_len, &f_len)) - goto aes_error; /* Error */ - -- EVP_CIPHER_CTX_cleanup(&ctx); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_cleanup(ctx); -+#else -+ EVP_CIPHER_CTX_free(ctx); -+#endif - return u_len + f_len; - - aes_error: - /* need to explicitly clean up the error if we want to ignore it */ - ERR_clear_error(); -- EVP_CIPHER_CTX_cleanup(&ctx); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_cleanup(ctx); -+#else -+ EVP_CIPHER_CTX_free(ctx); -+#endif - return MY_AES_BAD_DATA; - } - -diff --git a/sql-common/client.c b/sql-common/client.c -index 9e88e9f..fe7daf7 100644 ---- a/sql-common/client.c -+++ b/sql-common/client.c -@@ -86,6 +86,14 @@ my_bool net_flush(NET *net); - # include <sys/un.h> - #endif - -+#ifdef HAVE_OPENSSL -+#include <openssl/opensslv.h> -+#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L) -+#undef OPENSSL_VERSION_NUMBER -+#define OPENSSL_VERSION_NUMBER 0x1000107fL -+#endif -+#endif -+ - #ifndef _WIN32 - #include <errno.h> - #define SOCKET_ERROR -1 -@@ -2685,7 +2693,7 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c - { - SSL *ssl; - X509 *server_cert= NULL; -- char *cn= NULL; -+ const char *cn= NULL; - int cn_loc= -1; - ASN1_STRING *cn_asn1= NULL; - X509_NAME_ENTRY *cn_entry= NULL; -@@ -2757,7 +2765,11 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c - goto error; - } - -- cn= (char *) ASN1_STRING_data(cn_asn1); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ cn= (const char *) ASN1_STRING_data(cn_asn1); -+#else -+ cn= (const char *) ASN1_STRING_get0_data(cn_asn1); -+#endif - - // There should not be any NULL embedded in the CN - if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn)) -diff --git a/vio/viossl.c b/vio/viossl.c -index 5622cb7..94b0f09 100644 ---- a/vio/viossl.c -+++ b/vio/viossl.c -@@ -24,6 +24,12 @@ - - #ifdef HAVE_OPENSSL - -+#include <openssl/opensslv.h> -+#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L) -+#undef OPENSSL_VERSION_NUMBER -+#define OPENSSL_VERSION_NUMBER 0x1000107fL -+#endif -+ - #ifndef DBUG_OFF - - static void -@@ -310,8 +316,10 @@ void vio_ssl_delete(Vio *vio) - } - - #ifndef HAVE_YASSL -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - ERR_remove_thread_state(0); - #endif -+#endif - - vio_delete(vio); - } -@@ -427,7 +427,12 @@ - for (j = 0; j < n; j++) - { - SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - DBUG_PRINT("info", (" %d: %s\n", c->id, c->name)); -+#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ -+ DBUG_PRINT("info", -+ (" %d: %s\n", SSL_COMP_get_id(c), SSL_COMP_get0_name(c))); -+#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ - } - } - #endif -diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c -index da5449a..87b30c3 100644 ---- a/vio/viosslfactories.c -+++ b/vio/viosslfactories.c -@@ -16,6 +16,14 @@ - #include "vio_priv.h" - - #ifdef HAVE_OPENSSL -+#include <openssl/bn.h> -+#include <openssl/dh.h> -+#include <openssl/opensslv.h> -+ -+#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L) -+#undef OPENSSL_VERSION_NUMBER -+#define OPENSSL_VERSION_NUMBER 0x1000107fL -+#endif - - #define TLS_VERSION_OPTION_SIZE 256 - #define SSL_CIPHER_LIST_SIZE 4096 -@@ -121,10 +129,18 @@ static DH *get_dh2048(void) - DH *dh; - if ((dh=DH_new())) - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); - dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); - if (! dh->p || ! dh->g) - { -+#else -+ if (! DH_set0_pqg(dh, -+ BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL), -+ NULL, -+ BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL))) -+ { -+#endif - DH_free(dh); - dh=0; - } -@@ -247,6 +263,8 @@ typedef struct CRYPTO_dynlock_value - } openssl_lock_t; - - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ - /* Array of locks used by openssl internally for thread synchronization. - The number of locks is equal to CRYPTO_num_locks. - */ -@@ -389,9 +407,11 @@ static void deinit_lock_callback_functions() - { - set_lock_callback_functions(FALSE); - } -+#endif - - void vio_ssl_end() - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - int i= 0; - - if (ssl_initialized) { -@@ -409,6 +429,7 @@ void vio_ssl_end() - - ssl_initialized= FALSE; - } -+#endif - } - - #endif //OpenSSL specific -@@ -419,6 +440,7 @@ void ssl_start() - { - ssl_initialized= TRUE; - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - SSL_library_init(); - OpenSSL_add_all_algorithms(); - SSL_load_error_strings(); -@@ -427,6 +449,7 @@ void ssl_start() - init_ssl_locks(); - init_lock_callback_functions(); - #endif -+#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ - } - } - --- -2.11.0 - diff --git a/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.17-use-relative-include-path-for-udf_registration_types-h.patch b/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.17-use-relative-include-path-for-udf_registration_types-h.patch deleted file mode 100644 index 8fabd9952cc4..000000000000 --- a/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.17-use-relative-include-path-for-udf_registration_types-h.patch +++ /dev/null @@ -1,24 +0,0 @@ -https://bugs.gentoo.org/692644 - ---- a/include/mysql.h.pp -+++ b/include/mysql.h.pp -@@ -175,7 +175,7 @@ struct rand_struct { - unsigned long seed1, seed2, max_value; - double max_value_dbl; - }; --#include <mysql/udf_registration_types.h> -+#include "mysql/udf_registration_types.h" - enum Item_result { - INVALID_RESULT = -1, - STRING_RESULT = 0, ---- a/include/mysql_com.h -+++ b/include/mysql_com.h -@@ -1002,7 +1002,7 @@ struct rand_struct { - }; - - /* Include the types here so existing UDFs can keep compiling */ --#include <mysql/udf_registration_types.h> -+#include "mysql/udf_registration_types.h" - - /** - @addtogroup group_cs_compresson_constants Constants when using compression diff --git a/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.19-libressl.patch b/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.19-libressl.patch deleted file mode 100644 index 1fc949ae8564..000000000000 --- a/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.19-libressl.patch +++ /dev/null @@ -1,297 +0,0 @@ ---- a/cmake/ssl.cmake -+++ b/cmake/ssl.cmake -@@ -229,13 +229,14 @@ MACRO (MYSQL_CHECK_SSL) - OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}" - ) - ENDIF() -- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0") -+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION) -+ IF(HAVE_TLS1_3_VERSION) - ADD_DEFINITIONS(-DHAVE_TLSv13) - ENDIF() - IF(OPENSSL_INCLUDE_DIR AND - OPENSSL_LIBRARY AND - CRYPTO_LIBRARY AND -- OPENSSL_MAJOR_VERSION STREQUAL "1" -+ OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1" - ) - SET(OPENSSL_FOUND TRUE) - FIND_PROGRAM(OPENSSL_EXECUTABLE openssl ---- a/mysys/my_md5.cc -+++ b/mysys/my_md5.cc -@@ -56,7 +56,9 @@ static void my_md5_hash(unsigned char *digest, unsigned const char *buf, - int compute_md5_hash(char *digest, const char *buf, int len) { - int retval = 0; - int fips_mode = 0; -+#ifndef LIBRESSL_VERSION_NUMBER - fips_mode = FIPS_mode(); -+#endif - /* If fips mode is ON/STRICT restricted method calls will result into abort, - * skipping call. */ - if (fips_mode == 0) { ---- a/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c -+++ b/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c -@@ -329,6 +329,7 @@ error: - return 1; - } - -+#ifndef LIBRESSL_VERSION_NUMBER - #define OPENSSL_ERROR_LENGTH 512 - static int configure_ssl_fips_mode(const uint fips_mode) { - int rc = -1; -@@ -352,6 +353,7 @@ static int configure_ssl_fips_mode(const uint fips_mode) { - EXIT: - return rc; - } -+#endif - - static int configure_ssl_ca(SSL_CTX *ssl_ctx, const char *ca_file, - const char *ca_path) { -@@ -555,10 +557,12 @@ int xcom_init_ssl(const char *server_key_file, const char *server_cert_file, - int verify_server = SSL_VERIFY_NONE; - int verify_client = SSL_VERIFY_NONE; - -+#ifndef LIBRESSL_VERSION_NUMBER - if (configure_ssl_fips_mode(ssl_fips_mode) != 1) { - G_ERROR("Error setting the ssl fips mode"); - goto error; - } -+#endif - - SSL_library_init(); - SSL_load_error_strings(); -@@ -622,7 +626,7 @@ error: - void xcom_cleanup_ssl() { - if (!xcom_use_ssl()) return; - --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - ERR_remove_thread_state(0); - #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ - } ---- a/plugin/x/client/xconnection_impl.cc -+++ b/plugin/x/client/xconnection_impl.cc -@@ -520,6 +520,7 @@ XError Connection_impl::get_ssl_error(const int error_id) { - return XError(CR_SSL_CONNECTION_ERROR, buffer); - } - -+#ifndef LIBRESSL_VERSION_NUMBER - /** - Set fips mode in openssl library, - When we set fips mode ON/STRICT, it will perform following operations: -@@ -559,6 +560,7 @@ int set_fips_mode(const uint32_t fips_mode, - EXIT: - return rc; - } -+#endif - - XError Connection_impl::activate_tls() { - if (nullptr == m_vio) return get_socket_error(SOCKET_ECONNRESET); -@@ -569,12 +571,14 @@ XError Connection_impl::activate_tls() { - if (!m_context->m_ssl_config.is_configured()) - return XError{CR_SSL_CONNECTION_ERROR, ER_TEXT_TLS_NOT_CONFIGURATED, true}; - -+#ifndef LIBRESSL_VERSION_NUMBER - char err_string[OPENSSL_ERROR_LENGTH] = {'\0'}; - if (set_fips_mode( - static_cast<uint32_t>(m_context->m_ssl_config.m_ssl_fips_mode), - err_string) != 1) { - return XError{CR_SSL_CONNECTION_ERROR, err_string, true}; - } -+#endif - auto ssl_ctx_flags = process_tls_version( - details::null_when_empty(m_context->m_ssl_config.m_tls_version)); - ---- a/router/src/http/src/tls_client_context.cc -+++ b/router/src/http/src/tls_client_context.cc -@@ -54,7 +54,7 @@ void TlsClientContext::verify(TlsVerify verify) { - - void TlsClientContext::cipher_suites(const std::string &ciphers) { - // TLSv1.3 ciphers are controlled via SSL_CTX_set_ciphersuites() --#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 1) -+#ifdef TLS1_3_VERSION - if (1 != SSL_CTX_set_ciphersuites(ssl_ctx_.get(), ciphers.c_str())) { - throw TlsError("set-cipher-suites"); - } ---- a/router/src/http/src/tls_context.cc -+++ b/router/src/http/src/tls_context.cc -@@ -91,7 +91,7 @@ static int o11x_version(TlsVersion version) { - return TLS1_1_VERSION; - case TlsVersion::TLS_1_2: - return TLS1_2_VERSION; --#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 1) -+#ifdef TLS1_3_VERSION - case TlsVersion::TLS_1_3: - return TLS1_3_VERSION; - #endif -@@ -120,9 +120,11 @@ void TlsContext::version_range(TlsVersion min_version, TlsVersion max_version) { - switch (min_version) { - default: - // unknown, leave all disabled -+#ifdef TLS1_3_VERSION - // fallthrough - case TlsVersion::TLS_1_3: - opts |= SSL_OP_NO_TLSv1_2; -+#endif - // fallthrough - case TlsVersion::TLS_1_2: - opts |= SSL_OP_NO_TLSv1_1; -@@ -170,8 +172,10 @@ TlsVersion TlsContext::min_version() const { - return TlsVersion::TLS_1_1; - case TLS1_2_VERSION: - return TlsVersion::TLS_1_2; -+#ifdef TLS1_3_VERSION - case TLS1_3_VERSION: - return TlsVersion::TLS_1_3; -+#endif - case 0: - return TlsVersion::AUTO; - default: -@@ -230,7 +234,8 @@ TlsContext::InfoCallback TlsContext::info_callback() const { - } - - int TlsContext::security_level() const { --#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0) -+#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0) && \ -+ !defined(LIBRESSL_VERSION_NUMBER) - return SSL_CTX_get_security_level(ssl_ctx_.get()); - #else - return 0; ---- a/router/src/http/src/tls_server_context.cc -+++ b/router/src/http/src/tls_server_context.cc -@@ -166,7 +166,8 @@ void TlsServerContext::init_tmp_dh(const std::string &dh_params) { - } - - } else { --#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0) -+#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0) && \ -+ !defined(LIBRESSL_VERSION_NUMBER) - dh2048.reset(DH_get_2048_256()); - #else - /* ---- a/sql-common/client.cc -+++ b/sql-common/client.cc -@@ -7730,7 +7730,7 @@ int STDCALL mysql_options(MYSQL *mysql, enum mysql_option option, - #endif - break; - case MYSQL_OPT_SSL_FIPS_MODE: { --#if defined(HAVE_OPENSSL) -+#if defined(HAVE_OPENSSL) && !defined(LIBRESSL_VERSION_NUMBER) - char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'}; - ENSURE_EXTENSIONS_PRESENT(&mysql->options); - mysql->options.extension->ssl_fips_mode = *static_cast<const uint *>(arg); ---- a/sql/mysqld.cc -+++ b/sql/mysqld.cc -@@ -4818,7 +4818,7 @@ static int init_thread_environment() { - - static PSI_memory_key key_memory_openssl = PSI_NOT_INSTRUMENTED; - --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - #define FILE_LINE_ARGS - #else - #define FILE_LINE_ARGS , const char *, int -@@ -4854,12 +4854,14 @@ static void init_ssl() { - } - - static int init_ssl_communication() { -+#ifndef LIBRESSL_VERSION_NUMBER - char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'}; - int ret_fips_mode = set_fips_mode(opt_ssl_fips_mode, ssl_err_string); - if (ret_fips_mode != 1) { - LogErr(ERROR_LEVEL, ER_SSL_FIPS_MODE_ERROR, ssl_err_string); - return 1; - } -+#endif - if (SslAcceptorContext::singleton_init(opt_use_ssl)) return 1; - - #if OPENSSL_VERSION_NUMBER < 0x10100000L ---- a/sql/sys_vars.cc -+++ b/sql/sys_vars.cc -@@ -4417,6 +4417,7 @@ static Sys_var_ulong Sys_max_execution_time( - HINT_UPDATEABLE SESSION_VAR(max_execution_time), CMD_LINE(REQUIRED_ARG), - VALID_RANGE(0, ULONG_MAX), DEFAULT(0), BLOCK_SIZE(1)); - -+#ifndef LIBRESSL_VERSION_NUMBER - static bool update_fips_mode(sys_var *, THD *, enum_var_type) { - char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'}; - if (set_fips_mode(opt_ssl_fips_mode, ssl_err_string) != 1) { -@@ -4427,15 +4428,30 @@ static bool update_fips_mode(sys_var *, THD *, enum_var_type) { - return false; - } - } -+#endif - -+#if defined(LIBRESSL_VERSION_NUMBER) -+static const char *ssl_fips_mode_names[] = {"OFF", 0}; -+#else - static const char *ssl_fips_mode_names[] = {"OFF", "ON", "STRICT", 0}; -+#endif - static Sys_var_enum Sys_ssl_fips_mode( - "ssl_fips_mode", - "SSL FIPS mode (applies only for OpenSSL); " -+#ifndef LIBRESSL_VERSION_NUMBER - "permitted values are: OFF, ON, STRICT", -+#else -+ "permitted values are: OFF", -+#endif - GLOBAL_VAR(opt_ssl_fips_mode), CMD_LINE(REQUIRED_ARG, OPT_SSL_FIPS_MODE), - ssl_fips_mode_names, DEFAULT(0), NO_MUTEX_GUARD, NOT_IN_BINLOG, -- ON_CHECK(NULL), ON_UPDATE(update_fips_mode), NULL); -+ ON_CHECK(NULL), -+#ifndef LIBRESSL_VERSION_NUMBER -+ ON_UPDATE(update_fips_mode), -+#else -+ ON_UPDATE(NULL), -+#endif -+ NULL); - - #if defined(HAVE_OPENSSL) - static Sys_var_bool Sys_auto_generate_certs( ---- a/vio/viossl.cc -+++ b/vio/viossl.cc -@@ -45,7 +45,7 @@ - BIO_set_callback_ex was added in openSSL 1.1.1 - For older openSSL, use the deprecated BIO_set_callback. - */ --#if OPENSSL_VERSION_NUMBER >= 0x10101000L -+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER) - #define HAVE_BIO_SET_CALLBACK_EX - #endif - -@@ -637,7 +637,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout, - #if !defined(DBUG_OFF) - { - STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; -- ssl_comp_methods = SSL_COMP_get_compression_methods(); -+ ssl_comp_methods = (STACK_OF(SSL_COMP) *)SSL_COMP_get_compression_methods(); - n = sk_SSL_COMP_num(ssl_comp_methods); - DBUG_PRINT("info", ("Available compression methods:\n")); - if (n == 0) -@@ -645,7 +645,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout, - else - for (j = 0; j < n; j++) { - SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - DBUG_PRINT("info", (" %d: %s\n", c->id, c->name)); - #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ - DBUG_PRINT("info", ---- a/vio/viosslfactories.cc -+++ b/vio/viosslfactories.cc -@@ -420,6 +420,7 @@ void ssl_start() { - } - } - -+#ifndef LIBRESSL_VERSION_NUMBER - /** - Set fips mode in openssl library, - When we set fips mode ON/STRICT, it will perform following operations: -@@ -473,6 +474,7 @@ EXIT: - @returns openssl current fips mode - */ - uint get_fips_mode() { return FIPS_mode(); } -+#endif - - long process_tls_version(const char *tls_version) { - const char *separator = ","; diff --git a/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.20-libressl.patch b/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.21-libressl.patch index 88f32419239a..78f3e78fd6d4 100644 --- a/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.20-libressl.patch +++ b/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.21-libressl.patch @@ -1,4 +1,4 @@ -From 2108922a8292d74874ede834158c208d81c3cf76 Mon Sep 17 00:00:00 2001 +From 4aadff7b08f6a69160a44c1742d5a12fb5abc059 Mon Sep 17 00:00:00 2001 From: Thomas Deutschmann <whissi@gentoo.org> Date: Thu, 30 Apr 2020 20:01:48 +0200 Subject: [PATCH 5/5] Add LibreSSL support @@ -7,7 +7,7 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> --- cmake/ssl.cmake | 5 +++-- mysys/my_md5.cc | 2 ++ - .../bindings/xcom/xcom/xcom_ssl_transport.c | 6 +++++- + .../bindings/xcom/xcom/xcom_ssl_transport.cc | 6 +++++- plugin/x/client/xconnection_impl.cc | 4 ++++ router/src/http/src/tls_client_context.cc | 2 +- router/src/http/src/tls_context.cc | 9 ++++++-- @@ -19,6 +19,8 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> vio/viosslfactories.cc | 2 ++ 12 files changed, 54 insertions(+), 14 deletions(-) +diff --git a/cmake/ssl.cmake b/cmake/ssl.cmake +index 52feadeaa..3b8332695 100644 --- a/cmake/ssl.cmake +++ b/cmake/ssl.cmake @@ -222,13 +222,14 @@ MACRO (MYSQL_CHECK_SSL) @@ -38,6 +40,8 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> ) SET(OPENSSL_FOUND TRUE) FIND_PROGRAM(OPENSSL_EXECUTABLE openssl +diff --git a/mysys/my_md5.cc b/mysys/my_md5.cc +index dea997b25..531696329 100644 --- a/mysys/my_md5.cc +++ b/mysys/my_md5.cc @@ -56,7 +56,9 @@ static void my_md5_hash(unsigned char *digest, unsigned const char *buf, @@ -50,9 +54,11 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> /* If fips mode is ON/STRICT restricted method calls will result into abort, * skipping call. */ if (fips_mode == 0) { ---- a/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c -+++ b/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c -@@ -329,6 +329,7 @@ error: +diff --git a/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.cc b/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.cc +index 8bf63ce14..02f91b44e 100644 +--- a/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.cc ++++ b/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.cc +@@ -325,6 +325,7 @@ error: return 1; } @@ -60,7 +66,7 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> #define OPENSSL_ERROR_LENGTH 512 static int configure_ssl_fips_mode(const uint fips_mode) { int rc = -1; -@@ -352,6 +353,7 @@ static int configure_ssl_fips_mode(const uint fips_mode) { +@@ -348,6 +349,7 @@ static int configure_ssl_fips_mode(const uint fips_mode) { EXIT: return rc; } @@ -68,7 +74,7 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> static int configure_ssl_ca(SSL_CTX *ssl_ctx, const char *ca_file, const char *ca_path) { -@@ -555,10 +557,12 @@ int xcom_init_ssl(const char *server_key_file, const char *server_cert_file, +@@ -544,10 +546,12 @@ int xcom_init_ssl(const char *server_key_file, const char *server_cert_file, int verify_server = SSL_VERIFY_NONE; int verify_client = SSL_VERIFY_NONE; @@ -81,7 +87,7 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> SSL_library_init(); SSL_load_error_strings(); -@@ -622,7 +626,7 @@ error: +@@ -611,7 +615,7 @@ error: void xcom_cleanup_ssl() { if (!xcom_use_ssl()) return; @@ -90,9 +96,11 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> ERR_remove_thread_state(0); #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ } +diff --git a/plugin/x/client/xconnection_impl.cc b/plugin/x/client/xconnection_impl.cc +index 13bc6794e..5223169db 100644 --- a/plugin/x/client/xconnection_impl.cc +++ b/plugin/x/client/xconnection_impl.cc -@@ -511,6 +511,7 @@ XError Connection_impl::get_ssl_error(const int error_id) { +@@ -498,6 +498,7 @@ XError Connection_impl::get_ssl_error(const int error_id) { return XError(CR_SSL_CONNECTION_ERROR, buffer); } @@ -100,7 +108,7 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> /** Set fips mode in openssl library, When we set fips mode ON/STRICT, it will perform following operations: -@@ -550,6 +551,7 @@ int set_fips_mode(const uint32_t fips_mode, +@@ -537,6 +538,7 @@ int set_fips_mode(const uint32_t fips_mode, EXIT: return rc; } @@ -108,7 +116,7 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> XError Connection_impl::activate_tls() { if (nullptr == m_vio) return get_socket_error(SOCKET_ECONNRESET); -@@ -560,12 +562,14 @@ XError Connection_impl::activate_tls() { +@@ -547,12 +549,14 @@ XError Connection_impl::activate_tls() { if (!m_context->m_ssl_config.is_configured()) return XError{CR_SSL_CONNECTION_ERROR, ER_TEXT_TLS_NOT_CONFIGURATED, true}; @@ -123,6 +131,8 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> auto ssl_ctx_flags = process_tls_version( details::null_when_empty(m_context->m_ssl_config.m_tls_version)); +diff --git a/router/src/http/src/tls_client_context.cc b/router/src/http/src/tls_client_context.cc +index 297ceee30..7c1157289 100644 --- a/router/src/http/src/tls_client_context.cc +++ b/router/src/http/src/tls_client_context.cc @@ -54,7 +54,7 @@ void TlsClientContext::verify(TlsVerify verify) { @@ -134,6 +144,8 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> if (1 != SSL_CTX_set_ciphersuites(ssl_ctx_.get(), ciphers.c_str())) { throw TlsError("set-cipher-suites"); } +diff --git a/router/src/http/src/tls_context.cc b/router/src/http/src/tls_context.cc +index 60ed7e6ca..388ef8f28 100644 --- a/router/src/http/src/tls_context.cc +++ b/router/src/http/src/tls_context.cc @@ -91,7 +91,7 @@ static int o11x_version(TlsVersion version) { @@ -178,6 +190,8 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> return SSL_CTX_get_security_level(ssl_ctx_.get()); #else return 0; +diff --git a/router/src/http/src/tls_server_context.cc b/router/src/http/src/tls_server_context.cc +index 0f4472419..707d7de86 100644 --- a/router/src/http/src/tls_server_context.cc +++ b/router/src/http/src/tls_server_context.cc @@ -167,7 +167,8 @@ void TlsServerContext::init_tmp_dh(const std::string &dh_params) { @@ -190,9 +204,11 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> dh2048.reset(DH_get_2048_256()); #else /* +diff --git a/sql-common/client.cc b/sql-common/client.cc +index ffb136b5b..8a0c7b834 100644 --- a/sql-common/client.cc +++ b/sql-common/client.cc -@@ -7752,6 +7752,7 @@ int STDCALL mysql_options(MYSQL *mysql, enum mysql_option option, +@@ -7766,6 +7766,7 @@ int STDCALL mysql_options(MYSQL *mysql, enum mysql_option option, return 1; break; case MYSQL_OPT_SSL_FIPS_MODE: { @@ -200,7 +216,7 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'}; ENSURE_EXTENSIONS_PRESENT(&mysql->options); mysql->options.extension->ssl_fips_mode = *static_cast<const uint *>(arg); -@@ -7763,6 +7764,7 @@ int STDCALL mysql_options(MYSQL *mysql, enum mysql_option option, +@@ -7777,6 +7778,7 @@ int STDCALL mysql_options(MYSQL *mysql, enum mysql_option option, "Set Fips mode ON/STRICT failed, detail: '%s'.", ssl_err_string); return 1; } @@ -208,9 +224,11 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> } break; case MYSQL_OPT_SSL_MODE: ENSURE_EXTENSIONS_PRESENT(&mysql->options); +diff --git a/sql/mysqld.cc b/sql/mysqld.cc +index 682e8d5ae..96a922d7a 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc -@@ -4857,7 +4857,7 @@ static int init_thread_environment() { +@@ -5109,7 +5109,7 @@ static int init_thread_environment() { static PSI_memory_key key_memory_openssl = PSI_NOT_INSTRUMENTED; @@ -219,7 +237,7 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> #define FILE_LINE_ARGS #else #define FILE_LINE_ARGS , const char *, int -@@ -4891,12 +4891,14 @@ static void init_ssl() { +@@ -5143,12 +5143,14 @@ static void init_ssl() { } static int init_ssl_communication() { @@ -231,12 +249,14 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> return 1; } +#endif - if (SslAcceptorContext::singleton_init(opt_use_ssl)) return 1; - - #if OPENSSL_VERSION_NUMBER < 0x10100000L + if (TLS_channel::singleton_init(&mysql_main, mysql_main_channel, opt_use_ssl, + &server_main_callback, opt_initialize)) + return 1; +diff --git a/sql/sys_vars.cc b/sql/sys_vars.cc +index 5b1a82d2f..4e2dff865 100644 --- a/sql/sys_vars.cc +++ b/sql/sys_vars.cc -@@ -4459,6 +4459,7 @@ static Sys_var_ulong Sys_max_execution_time( +@@ -4474,6 +4474,7 @@ static Sys_var_ulong Sys_max_execution_time( HINT_UPDATEABLE SESSION_VAR(max_execution_time), CMD_LINE(REQUIRED_ARG), VALID_RANGE(0, ULONG_MAX), DEFAULT(0), BLOCK_SIZE(1)); @@ -244,7 +264,7 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> static bool update_fips_mode(sys_var *, THD *, enum_var_type) { char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'}; if (set_fips_mode(opt_ssl_fips_mode, ssl_err_string) != 1) { -@@ -4469,15 +4470,31 @@ static bool update_fips_mode(sys_var *, THD *, enum_var_type) { +@@ -4484,15 +4485,31 @@ static bool update_fips_mode(sys_var *, THD *, enum_var_type) { return false; } } @@ -278,6 +298,8 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> static Sys_var_bool Sys_auto_generate_certs( "auto_generate_certs", +diff --git a/vio/viossl.cc b/vio/viossl.cc +index 0e9594741..3a589c64b 100644 --- a/vio/viossl.cc +++ b/vio/viossl.cc @@ -45,7 +45,7 @@ @@ -309,9 +331,11 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> DBUG_PRINT("info", (" %d: %s\n", c->id, c->name)); #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ DBUG_PRINT("info", +diff --git a/vio/viosslfactories.cc b/vio/viosslfactories.cc +index 6c04029cc..f27221463 100644 --- a/vio/viosslfactories.cc +++ b/vio/viosslfactories.cc -@@ -472,6 +472,7 @@ void ssl_start() { +@@ -473,6 +473,7 @@ void ssl_start() { } } @@ -319,7 +343,7 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> /** Set fips mode in openssl library, When we set fips mode ON/STRICT, it will perform following operations: -@@ -525,6 +526,7 @@ EXIT: +@@ -526,6 +527,7 @@ EXIT: @returns openssl current fips mode */ uint get_fips_mode() { return FIPS_mode(); } @@ -328,5 +352,5 @@ Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> long process_tls_version(const char *tls_version) { const char *separator = ","; -- -2.26.2 +2.27.0 diff --git a/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.21-survive-malformed-charset-files.patch b/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.21-survive-malformed-charset-files.patch new file mode 100644 index 000000000000..72799f009c89 --- /dev/null +++ b/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.21-survive-malformed-charset-files.patch @@ -0,0 +1,18 @@ +Description: don't crash on malformed charset files +Origin: https://bugs.launchpad.net/ubuntu/+source/mysql-8.0/+bug/1877504/comments/19 +Bug: https://bugs.launchpad.net/ubuntu/+source/mysql-8.0/+bug/1884809 +Bug: https://bugs.gentoo.org/737002 +Forwarded: workaround, not needed + +--- a/mysys/charset.cc ++++ b/mysys/charset.cc +@@ -922,7 +922,7 @@ size_t escape_quotes_for_mysql(CHARSET_I + + void charset_uninit() { + for (CHARSET_INFO *cs : all_charsets) { +- if (cs && cs->coll->uninit) { ++ if (cs && cs->coll && cs->coll->uninit) { + cs->coll->uninit(cs); + } + } + diff --git a/dev-db/mysql-connector-c/files/mysql_com.patch b/dev-db/mysql-connector-c/files/mysql_com.patch deleted file mode 100644 index 36a7d5a23791..000000000000 --- a/dev-db/mysql-connector-c/files/mysql_com.patch +++ /dev/null @@ -1,31 +0,0 @@ ---- a/include/mysql_com.h 2014-06-10 23:10:43.000000000 -0400 -+++ b/include/mysql_com.h 2015-08-11 15:20:54.487091000 -0400 -@@ -179,7 +171,7 @@ - #define CLIENT_IGNORE_SIGPIPE 4096 /* IGNORE sigpipes */ - #define CLIENT_TRANSACTIONS 8192 /* Client knows about transactions */ - #define CLIENT_RESERVED 16384 /* Old flag for 4.1 protocol */ --#define CLIENT_RESERVED2 32768 /* Old flag for 4.1 authentication */ -+#define CLIENT_SECURE_CONNECTION 32768 /* New 4.1 authentication */ - #define CLIENT_MULTI_STATEMENTS (1UL << 16) /* Enable/disable multi-stmt support */ - #define CLIENT_MULTI_RESULTS (1UL << 17) /* Enable/disable multi-results */ - #define CLIENT_PS_MULTI_RESULTS (1UL << 18) /* Multi-results in PS-protocol */ -@@ -226,7 +216,7 @@ - | CLIENT_IGNORE_SIGPIPE \ - | CLIENT_TRANSACTIONS \ - | CLIENT_RESERVED \ -- | CLIENT_RESERVED2 \ -+ | CLIENT_SECURE_CONNECTION \ - | CLIENT_MULTI_STATEMENTS \ - | CLIENT_MULTI_RESULTS \ - | CLIENT_PS_MULTI_RESULTS \ ---- a/libmysql/client_settings.h 2015-02-25 16:09:49.000000000 -0500 -+++ b/libmysql/client_settings.h 2015-08-11 15:44:10.804091000 -0400 -@@ -31,7 +31,7 @@ - CLIENT_LONG_FLAG | \ - CLIENT_TRANSACTIONS | \ - CLIENT_PROTOCOL_41 | \ -- CLIENT_RESERVED2 | \ -+ CLIENT_SECURE_CONNECTION | \ - CLIENT_MULTI_RESULTS | \ - CLIENT_PS_MULTI_RESULTS | \ - CLIENT_PLUGIN_AUTH | \ diff --git a/dev-db/mysql-connector-c/mysql-connector-c-6.1.11-r2.ebuild b/dev-db/mysql-connector-c/mysql-connector-c-6.1.11-r2.ebuild deleted file mode 100644 index 90eb839cd3e1..000000000000 --- a/dev-db/mysql-connector-c/mysql-connector-c-6.1.11-r2.ebuild +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit cmake-multilib - -MULTILIB_WRAPPED_HEADERS+=( - /usr/include/mysql/my_config.h -) - -# wrap the config script -MULTILIB_CHOST_TOOLS=( /usr/bin/mysql_config ) - -DESCRIPTION="C client library for MariaDB/MySQL" -HOMEPAGE="https://dev.mysql.com/downloads/connector/c/" -LICENSE="GPL-2" - -SRC_URI="https://dev.mysql.com/get/Downloads/Connector-C/${P}-src.tar.gz" -S="${WORKDIR}/${P}-src" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 s390 sparc x86" - -SUBSLOT="18" -SLOT="0/${SUBSLOT}" -IUSE="libressl static-libs" - -CDEPEND=" - sys-libs/zlib:=[${MULTILIB_USEDEP}] - libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] ) - !libressl? ( dev-libs/openssl:0=[${MULTILIB_USEDEP}] ) - " -RDEPEND="${CDEPEND} - !dev-db/mariadb-connector-c[mysqlcompat] - " -DEPEND="${CDEPEND}" - -DOCS=( README ) -PATCHES=( - "${FILESDIR}/mysql_com.patch" - "${FILESDIR}/20028_all_mysql-5.6-gcc7.patch" - "${FILESDIR}/6.1.11-openssl-1.1.patch" -) - -src_prepare() { - sed -i -e 's/CLIENT_LIBS/CONFIG_CLIENT_LIBS/' "${S}/scripts/CMakeLists.txt" || die - if use libressl ; then - sed -i 's/OPENSSL_MAJOR_VERSION STREQUAL "1"/OPENSSL_MAJOR_VERSION STREQUAL "2"/' \ - "${S}/cmake/ssl.cmake" || die - fi - cmake-utils_src_prepare -} - -multilib_src_configure() { - local mycmakeargs=( - -DINSTALL_LAYOUT=RPM - -DINSTALL_LIBDIR=$(get_libdir) - -DWITH_DEFAULT_COMPILER_OPTIONS=OFF - -DWITH_DEFAULT_FEATURE_SET=OFF - -DENABLED_LOCAL_INFILE=ON - -DMYSQL_UNIX_ADDR="${EPREFIX}/var/run/mysqld/mysqld.sock" - -DWITH_ZLIB=system - -DENABLE_DTRACE=OFF - -DWITH_SSL=system - -DLIBMYSQL_OS_OUTPUT_NAME=mysqlclient - -DSHARED_LIB_PATCH_VERSION="0" - ) - cmake-utils_src_configure -} - -multilib_src_install_all() { - if ! use static-libs ; then - find "${ED}" -name "*.a" -delete || die - fi -} - -pkg_preinst() { - if [[ -z ${REPLACING_VERSIONS} && -e "${EROOT}/usr/$(get_libdir)/libmysqlclient.so" ]] ; then - elog "Due to ABI changes when switching between different client libraries," - elog "revdep-rebuild must find and rebuild all packages linking to libmysqlclient." - elog "Please run: revdep-rebuild --library libmysqlclient.so.${SUBSLOT}" - ewarn "Failure to run revdep-rebuild may cause issues with other programs or libraries" - fi -} diff --git a/dev-db/mysql-connector-c/mysql-connector-c-8.0.20.ebuild b/dev-db/mysql-connector-c/mysql-connector-c-8.0.20.ebuild deleted file mode 100644 index db0c6dcd3c15..000000000000 --- a/dev-db/mysql-connector-c/mysql-connector-c-8.0.20.ebuild +++ /dev/null @@ -1,111 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit cmake-multilib - -# wrap the config script -MULTILIB_CHOST_TOOLS=( /usr/bin/mysql_config ) - -DESCRIPTION="C client library for MariaDB/MySQL" -HOMEPAGE="https://dev.mysql.com/downloads/" -LICENSE="GPL-2" - -SRC_URI="https://dev.mysql.com/get/Downloads/MySQL-8.0/mysql-boost-${PV}.tar.gz" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" - -SLOT="0/21" -IUSE="ldap libressl static-libs" - -RDEPEND=" - >=app-arch/lz4-0_p131:= - sys-libs/zlib:=[${MULTILIB_USEDEP}] - ldap? ( dev-libs/cyrus-sasl:=[${MULTILIB_USEDEP}] ) - libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] ) - !libressl? ( dev-libs/openssl:0=[${MULTILIB_USEDEP}] ) - " -DEPEND="${RDEPEND}" - -# Avoid file collisions, #692580 -RDEPEND+=" !<dev-db/mysql-5.6.45-r1" -RDEPEND+=" !=dev-db/mysql-5.7.23*" -RDEPEND+=" !=dev-db/mysql-5.7.24*" -RDEPEND+=" !=dev-db/mysql-5.7.25*" -RDEPEND+=" !=dev-db/mysql-5.7.26-r0" -RDEPEND+=" !=dev-db/mysql-5.7.27-r0" -RDEPEND+=" !<dev-db/percona-server-5.7.26.29-r1" - -DOCS=( README ) - -S="${WORKDIR}/mysql-${PV}" - -PATCHES=( - "${FILESDIR}"/${PN}-8.0.18-always-build-decompress-utilities.patch - "${FILESDIR}"/${PN}-8.0.17-use-relative-include-path-for-udf_registration_types-h.patch - "${FILESDIR}"/${PN}-8.0.19-do-not-install-comp_err.patch - "${FILESDIR}"/${PN}-8.0.20-libressl.patch -) - -src_prepare() { - sed -i -e 's/CLIENT_LIBS/CONFIG_CLIENT_LIBS/' "${S}/scripts/CMakeLists.txt" || die - - # All these are for the server only. - # Disable rpm call which would trigger sandbox, #692368 - sed -i \ - -e '/MYSQL_CHECK_LIBEVENT/d' \ - -e '/MYSQL_CHECK_RAPIDJSON/d' \ - -e '/MYSQL_CHECK_ICU/d' \ - -e '/MYSQL_CHECK_EDITLINE/d' \ - -e '/MYSQL_CHECK_CURL/d' \ - -e '/ADD_SUBDIRECTORY(man)/d' \ - -e '/ADD_SUBDIRECTORY(share)/d' \ - -e '/INCLUDE(cmake\/boost/d' \ - -e 's/MY_RPM rpm/MY_RPM rpmNOTEXISTENT/' \ - CMakeLists.txt || die - - # Skip building clients - echo > client/CMakeLists.txt || die - - # Forcefully disable auth plugin - if ! use ldap ; then - sed -i -e '/MYSQL_CHECK_SASL/d' CMakeLists.txt || die - echo > libmysql/authentication_ldap/CMakeLists.txt || die - fi - - cmake-utils_src_prepare -} - -multilib_src_configure() { - local mycmakeargs=( - -DINSTALL_LAYOUT=RPM - -DINSTALL_LIBDIR=$(get_libdir) - -DWITH_DEFAULT_COMPILER_OPTIONS=OFF - -DWITH_DEFAULT_FEATURE_SET=OFF - -DENABLED_LOCAL_INFILE=ON - -DMYSQL_UNIX_ADDR="${EPREFIX}/run/mysqld/mysqld.sock" - -DWITH_ZLIB=system - -DWITH_SSL=system - -DWITH_NUMA=OFF - -DLIBMYSQL_OS_OUTPUT_NAME=mysqlclient - -DSHARED_LIB_PATCH_VERSION="0" - -DCMAKE_POSITION_INDEPENDENT_CODE=ON - -DWITHOUT_SERVER=ON - ) - cmake-utils_src_configure -} - -multilib_src_install() { - cmake-utils_src_install -} - -multilib_src_install_all() { - doman \ - man/my_print_defaults.1 \ - man/perror.1 \ - man/zlib_decompress.1 - - if ! use static-libs ; then - find "${ED}" -name "*.a" -delete || die - fi -} diff --git a/dev-db/mysql-connector-c/mysql-connector-c-8.0.19.ebuild b/dev-db/mysql-connector-c/mysql-connector-c-8.0.21-r2.ebuild index b48adece2a67..c79b084636c2 100644 --- a/dev-db/mysql-connector-c/mysql-connector-c-8.0.19.ebuild +++ b/dev-db/mysql-connector-c/mysql-connector-c-8.0.21-r2.ebuild @@ -19,7 +19,8 @@ SLOT="0/21" IUSE="ldap libressl static-libs" RDEPEND=" - >=app-arch/lz4-0_p131:= + >=app-arch/lz4-0_p131:=[${MULTILIB_USEDEP}] + app-arch/zstd:=[${MULTILIB_USEDEP}] sys-libs/zlib:=[${MULTILIB_USEDEP}] ldap? ( dev-libs/cyrus-sasl:=[${MULTILIB_USEDEP}] ) libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] ) @@ -42,9 +43,9 @@ S="${WORKDIR}/mysql-${PV}" PATCHES=( "${FILESDIR}"/${PN}-8.0.18-always-build-decompress-utilities.patch - "${FILESDIR}"/${PN}-8.0.17-use-relative-include-path-for-udf_registration_types-h.patch "${FILESDIR}"/${PN}-8.0.19-do-not-install-comp_err.patch - "${FILESDIR}"/${PN}-8.0.19-libressl.patch + "${FILESDIR}"/${PN}-8.0.21-libressl.patch + "${FILESDIR}"/${PN}-8.0.21-survive-malformed-charset-files.patch ) src_prepare() { @@ -84,9 +85,11 @@ multilib_src_configure() { -DWITH_DEFAULT_FEATURE_SET=OFF -DENABLED_LOCAL_INFILE=ON -DMYSQL_UNIX_ADDR="${EPREFIX}/run/mysqld/mysqld.sock" - -DWITH_ZLIB=system - -DWITH_SSL=system + -DWITH_LZ4=system -DWITH_NUMA=OFF + -DWITH_SSL=system + -DWITH_ZLIB=system + -DWITH_ZSTD=system -DLIBMYSQL_OS_OUTPUT_NAME=mysqlclient -DSHARED_LIB_PATCH_VERSION="0" -DCMAKE_POSITION_INDEPENDENT_CODE=ON |