using openssl from ports with database/mysql56-server

Tue Sep 15 05:49:05 UTC 2015

Alex,

There are advantages to using openssl with mysql (such as newer crypto
algorithms which perform better relative to strength) rather than the
default yassl.

To do so I made a patch to the Makefile in mysql56-server and added a
patch file as files/patch-cmake_ssl.cmake to fix a bug in the file
cmake/ssl.cmake.

The Makefile changes allows four options, SSL_NONE, SSL_BUILTIN,
SSL_OPENSSL_BASE, and SSL_OPENSSL_PORT.  SSL_OPENSSL_BASE does not
work at the moment so maybe it could be left out for now or included
with a BROKEN statement added until it works.  SSL_OPENSSL_PORT works
fine.  The default is SSL_BUILTIN, which keeps things as they were,
using the builtin yassl instead of openssl.

btw- Maybe change the literal /usr/local to ${LOCALBASE} in the first
file.  The change to ssl.cmake should be passed upstream as a mysql
bug.  The bug is ssl.cmake always picks /usr/* rather than
/usr/local/* even if you specify -DWITH_SSL=/usr/local if openssl is
installed in both placed (FreeBSD base and ports both installed).

There are two files below separate with lines that start with "-----"
(at least 5 dashes) so this should email fine and split fine.  There
is one long line in the first patch file that might suffer a hostile
line break by some RFC822 pedantic mail agent.

Would you please as the maintainer of database/mysql56-server (or
someone) consider taking this change.  TIA.

Curtis


---------- patch for database/mysql56-server/Makefile ----------

--- Makefile.orig	2015-09-14 02:12:36.000000000 -0400
+++ Makefile	2015-09-14 23:26:30.361375000 -0400
@@ -14,6 +14,18 @@
 SLAVEDIRS=	databases/mysql56-client
 USES=		cmake shebangfix
 
+NO_OPTIONS_SORT=yes
+
+OPTIONS_SINGLE=			SSL_TYPE
+OPTIONS_SINGLE_SSL_TYPE=	SSL_NONE SSL_BUILTIN \
+				SSL_OPENSSL_BASE SSL_OPENSSL_PORT
+OPTIONS_DEFAULT=		SSL_BUILTIN
+
+SSL_NONE_DESC=			No SSL (not recommended)
+SSL_BUILTIN_DESC=		Built in SSL (uses yassl)
+SSL_OPENSSL_BASE_DESC=		OpenSSL from FreeBSD base
+SSL_OPENSSL_PORT_DESC=		OpenSSL from ports
+
 CMAKE_ARGS+=	-DINSTALL_DOCDIR="share/doc/mysql" \
 		-DINSTALL_DOCREADMEDIR="share/doc/mysql" \
 		-DINSTALL_INCLUDEDIR="include/mysql" \
@@ -34,6 +46,23 @@
 
 SHEBANG_FILES=	scripts/*.pl* scripts/*.sh
 
+.include <bsd.port.options.mk>
+
+# as of 5.6 the cmake default is "bundled"
+.if ${PORT_OPTIONS:MSSL_NONE}
+CMAKE_ARGS+=	-DWITH_SSL=none
+.endif
+.if ${PORT_OPTIONS:MSSL_OPENSSL_BASE}
+CMAKE_ARGS+=	-DWITH_SSL=/usr
+WITH_OPENSSL_BASE=	yes
+USE_OPENSSL=		yes
+.endif
+.if ${PORT_OPTIONS:MSSL_OPENSSL_PORT}
+CMAKE_ARGS+=	-DWITH_SSL=${LOCALBASE}
+WITH_OPENSSL_PORT=	yes
+USE_OPENSSL=		yes
+.endif
+
 .ifdef USE_MYSQL
 .error You have `USE_MYSQL' variable defined either in environment or in make(1) arguments. Please undefine and try again.
 .endif
----- database/mysql56-server/files/patch-cmake_ssl.cmake -----
--- cmake/ssl.cmake.orig	2015-07-14 17:34:24.000000000 -0400
+++ cmake/ssl.cmake	2015-09-15 01:17:07.433582000 -0400
@@ -123,15 +123,24 @@
     # First search in WITH_SSL_PATH.
     FIND_PATH(OPENSSL_ROOT_DIR
       NAMES include/openssl/ssl.h
-      NO_CMAKE_PATH
-      NO_CMAKE_ENVIRONMENT_PATH
       HINTS ${WITH_SSL_PATH}
+      NO_CMAKE_PATH NO_CMAKE_ENVIRONMENT_PATH
+      NO_SYSTEM_ENVIRONMENT_PATH NO_CMAKE_SYSTEM_PATH
     )
     # Then search in standard places (if not found above).
     FIND_PATH(OPENSSL_ROOT_DIR
       NAMES include/openssl/ssl.h
     )
 
+    MESSAGE(STATUS "WITH_SSL_PATH = ${WITH_SSL_PATH}")
+    MESSAGE(STATUS "OPENSSL_ROOT_DIR = ${OPENSSL_ROOT_DIR}")
+
+    FIND_PATH(OPENSSL_INCLUDE_DIR
+      NAMES openssl/ssl.h
+      HINTS ${OPENSSL_ROOT_DIR}/include
+      NO_CMAKE_PATH NO_CMAKE_ENVIRONMENT_PATH
+      NO_SYSTEM_ENVIRONMENT_PATH NO_CMAKE_SYSTEM_PATH
+    )
     FIND_PATH(OPENSSL_INCLUDE_DIR
       NAMES openssl/ssl.h
       HINTS ${OPENSSL_ROOT_DIR}/include
@@ -153,6 +162,18 @@
     ENDIF()
     FIND_LIBRARY(OPENSSL_LIBRARY
                  NAMES ssl ssleay32 ssleay32MD
+                 HINTS ${OPENSSL_ROOT_DIR}/lib
+		 NO_CMAKE_PATH NO_CMAKE_ENVIRONMENT_PATH
+      		 NO_SYSTEM_ENVIRONMENT_PATH NO_CMAKE_SYSTEM_PATH
+		 )
+    FIND_LIBRARY(CRYPTO_LIBRARY
+                 NAMES crypto libeay32
+                 HINTS ${OPENSSL_ROOT_DIR}/lib
+      		 NO_CMAKE_PATH NO_CMAKE_ENVIRONMENT_PATH
+      		 NO_SYSTEM_ENVIRONMENT_PATH NO_CMAKE_SYSTEM_PATH
+		 )
+    FIND_LIBRARY(OPENSSL_LIBRARY
+                 NAMES ssl ssleay32 ssleay32MD
                  HINTS ${OPENSSL_ROOT_DIR}/lib)
     FIND_LIBRARY(CRYPTO_LIBRARY
                  NAMES crypto libeay32
------------------------- END -------------------------
