svn commit: r564147 - in branches/2021Q1/databases: mysql56-client/files mysql56-server mysql56-server/files mysql57-client/files mysql57-server mysql57-server/files mysql80-client mysql80-server m...
Jochen Neumeister
joneum at FreeBSD.org
Fri Feb 5 18:45:10 UTC 2021
Author: joneum
Date: Fri Feb 5 18:45:03 2021
New Revision: 564147
URL: https://svnweb.freebsd.org/changeset/ports/564147
Log:
Commit mysql56, mysql57 and mysql80 to 2021Q1.
https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL
Security: 31344707-5d87-11eb-929d-d4c9ef517024
Sponsored by: Netzkommune GmbH
Added:
branches/2021Q1/databases/mysql57-server/files/patch-sql_locks_shared__spin__lock.cc (contents, props changed)
branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_tls__client__context.cc (contents, props changed)
branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_tls__context.cc (contents, props changed)
branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_tls__server__context.cc (contents, props changed)
branches/2021Q1/databases/mysql80-server/files/patch-sql_item.h (contents, props changed)
branches/2021Q1/databases/mysql80-server/files/patch-ssl__init__callback.cc (contents, props changed)
Deleted:
branches/2021Q1/databases/mysql80-server/files/patch-router_src_http_src_tls__client__context.cc
branches/2021Q1/databases/mysql80-server/files/patch-router_src_http_src_tls__context.cc
branches/2021Q1/databases/mysql80-server/files/patch-router_src_http_src_tls__server__context.cc
Modified:
branches/2021Q1/databases/mysql56-client/files/patch-cmake_ssl.cmake
branches/2021Q1/databases/mysql56-client/files/patch-vio_viossl.c
branches/2021Q1/databases/mysql56-client/files/patch-vio_viosslfactories.c
branches/2021Q1/databases/mysql56-server/Makefile
branches/2021Q1/databases/mysql56-server/distinfo
branches/2021Q1/databases/mysql56-server/files/patch-cmake_ssl.cmake
branches/2021Q1/databases/mysql56-server/files/patch-vio_viossl.c
branches/2021Q1/databases/mysql56-server/files/patch-vio_viosslfactories.c
branches/2021Q1/databases/mysql57-client/files/patch-cmake_ssl.cmake
branches/2021Q1/databases/mysql57-client/files/patch-vio_viosslfactories.c
branches/2021Q1/databases/mysql57-server/Makefile
branches/2021Q1/databases/mysql57-server/distinfo
branches/2021Q1/databases/mysql57-server/files/patch-cmake_ssl.cmake
branches/2021Q1/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c
branches/2021Q1/databases/mysql57-server/files/patch-vio_viosslfactories.c
branches/2021Q1/databases/mysql80-client/Makefile
branches/2021Q1/databases/mysql80-server/Makefile
branches/2021Q1/databases/mysql80-server/distinfo
branches/2021Q1/databases/mysql80-server/files/patch-client_CMakeLists.txt
branches/2021Q1/databases/mysql80-server/files/patch-cmake_ssl.cmake
branches/2021Q1/databases/mysql80-server/files/patch-man_CMakeLists.txt
branches/2021Q1/databases/mysql80-server/files/patch-plugin_group__replication_libmysqlgcs_src_bindings_xcom_xcom_xcom__ssl__transport.c
branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_CMakeLists.txt
branches/2021Q1/databases/mysql80-server/files/patch-vio_viosslfactories.cc
branches/2021Q1/databases/mysql80-server/pkg-plist
Modified: branches/2021Q1/databases/mysql56-client/files/patch-cmake_ssl.cmake
==============================================================================
--- branches/2021Q1/databases/mysql56-client/files/patch-cmake_ssl.cmake Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql56-client/files/patch-cmake_ssl.cmake Fri Feb 5 18:45:03 2021 (r564147)
@@ -5,9 +5,10 @@
)
ENDIF()
- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
+- ADD_DEFINITIONS(-DHAVE_TLSv13)
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+ IF(HAVE_TLS1_3_VERSION)
- ADD_DEFINITIONS(-DHAVE_TLSv13)
++ #ADD_DEFINITIONS(-DHAVE_TLSv13)
ENDIF()
IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND
Modified: branches/2021Q1/databases/mysql56-client/files/patch-vio_viossl.c
==============================================================================
--- branches/2021Q1/databases/mysql56-client/files/patch-vio_viossl.c Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql56-client/files/patch-vio_viossl.c Fri Feb 5 18:45:03 2021 (r564147)
@@ -1,5 +1,14 @@
--- vio/viossl.c.orig 2019-11-26 16:53:45 UTC
+++ vio/viossl.c
+@@ -385,7 +385,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
+ DBUG_PRINT("info", ("ssl: 0x%lx timeout: %ld", (long) ssl, timeout));
+ SSL_clear(ssl);
+ SSL_set_fd(ssl, sd);
+-#if defined(SSL_OP_NO_COMPRESSION)
++#if defined(SSL_OP_NO_COMPRESSION) && !defined(LIBRESSL_VERSION_NUMBER)
+ SSL_set_options(ssl, SSL_OP_NO_COMPRESSION); /* OpenSSL >= 1.0 only */
+ #elif OPENSSL_VERSION_NUMBER >= 0x00908000L /* workaround for OpenSSL 0.9.8 */
+ sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
@@ -403,7 +403,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
for (j = 0; j < n; j++)
{
Modified: branches/2021Q1/databases/mysql56-client/files/patch-vio_viosslfactories.c
==============================================================================
--- branches/2021Q1/databases/mysql56-client/files/patch-vio_viosslfactories.c Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql56-client/files/patch-vio_viosslfactories.c Fri Feb 5 18:45:03 2021 (r564147)
@@ -9,6 +9,15 @@
dh->p= p;
dh->g= g;
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+@@ -226,7 +226,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+ struct st_VioSSLFd *ssl_fd;
+ /* MySQL 5.6 supports TLS up to v1.2, explicitly disable TLSv1.3. */
+ long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ SSL_OP_NO_TLSv1_3 |
+ #endif /* HAVE_TLSv13 */
+ SSL_OP_NO_TICKET;
@@ -250,7 +250,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
DBUG_RETURN(0);
@@ -18,3 +27,12 @@
SSLv23_client_method() :
SSLv23_server_method()
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+@@ -268,7 +268,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+
+ SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
+
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ /*
+ MySQL 5.6 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
+ */
Modified: branches/2021Q1/databases/mysql56-server/Makefile
==============================================================================
--- branches/2021Q1/databases/mysql56-server/Makefile Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql56-server/Makefile Fri Feb 5 18:45:03 2021 (r564147)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME?= mysql
-PORTVERSION= 5.6.50
+PORTVERSION= 5.6.51
PORTREVISION?= 0
CATEGORIES= databases
MASTER_SITES= MYSQL/MySQL-5.6
Modified: branches/2021Q1/databases/mysql56-server/distinfo
==============================================================================
--- branches/2021Q1/databases/mysql56-server/distinfo Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql56-server/distinfo Fri Feb 5 18:45:03 2021 (r564147)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1603108497
-SHA256 (mysql-5.6.50.tar.gz) = efc48d8160a66b50fc498bb42ea730c3b6f30f036b709a7070d356edd645923e
-SIZE (mysql-5.6.50.tar.gz) = 32409084
+TIMESTAMP = 1611992804
+SHA256 (mysql-5.6.51.tar.gz) = 262ccaf2930fca1f33787505dd125a7a04844f40d3421289a51974b5935d9abc
+SIZE (mysql-5.6.51.tar.gz) = 32411131
Modified: branches/2021Q1/databases/mysql56-server/files/patch-cmake_ssl.cmake
==============================================================================
--- branches/2021Q1/databases/mysql56-server/files/patch-cmake_ssl.cmake Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql56-server/files/patch-cmake_ssl.cmake Fri Feb 5 18:45:03 2021 (r564147)
@@ -5,9 +5,10 @@
)
ENDIF()
- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
+- ADD_DEFINITIONS(-DHAVE_TLSv13)
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+ IF(HAVE_TLS1_3_VERSION)
- ADD_DEFINITIONS(-DHAVE_TLSv13)
++ #ADD_DEFINITIONS(-DHAVE_TLSv13)
ENDIF()
IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND
Modified: branches/2021Q1/databases/mysql56-server/files/patch-vio_viossl.c
==============================================================================
--- branches/2021Q1/databases/mysql56-server/files/patch-vio_viossl.c Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql56-server/files/patch-vio_viossl.c Fri Feb 5 18:45:03 2021 (r564147)
@@ -1,5 +1,14 @@
--- vio/viossl.c.orig 2019-11-26 16:53:45 UTC
+++ vio/viossl.c
+@@ -385,7 +385,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
+ DBUG_PRINT("info", ("ssl: 0x%lx timeout: %ld", (long) ssl, timeout));
+ SSL_clear(ssl);
+ SSL_set_fd(ssl, sd);
+-#if defined(SSL_OP_NO_COMPRESSION)
++#if defined(SSL_OP_NO_COMPRESSION) && !defined(LIBRESSL_VERSION_NUMBER)
+ SSL_set_options(ssl, SSL_OP_NO_COMPRESSION); /* OpenSSL >= 1.0 only */
+ #elif OPENSSL_VERSION_NUMBER >= 0x00908000L /* workaround for OpenSSL 0.9.8 */
+ sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
@@ -403,7 +403,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
for (j = 0; j < n; j++)
{
Modified: branches/2021Q1/databases/mysql56-server/files/patch-vio_viosslfactories.c
==============================================================================
--- branches/2021Q1/databases/mysql56-server/files/patch-vio_viosslfactories.c Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql56-server/files/patch-vio_viosslfactories.c Fri Feb 5 18:45:03 2021 (r564147)
@@ -9,6 +9,15 @@
dh->p= p;
dh->g= g;
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+@@ -226,7 +226,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+ struct st_VioSSLFd *ssl_fd;
+ /* MySQL 5.6 supports TLS up to v1.2, explicitly disable TLSv1.3. */
+ long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ SSL_OP_NO_TLSv1_3 |
+ #endif /* HAVE_TLSv13 */
+ SSL_OP_NO_TICKET;
@@ -250,7 +250,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
DBUG_RETURN(0);
@@ -18,3 +27,12 @@
SSLv23_client_method() :
SSLv23_server_method()
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+@@ -268,7 +268,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+
+ SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
+
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ /*
+ MySQL 5.6 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
+ */
Modified: branches/2021Q1/databases/mysql57-client/files/patch-cmake_ssl.cmake
==============================================================================
--- branches/2021Q1/databases/mysql57-client/files/patch-cmake_ssl.cmake Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql57-client/files/patch-cmake_ssl.cmake Fri Feb 5 18:45:03 2021 (r564147)
@@ -1,5 +1,5 @@
---- cmake/ssl.cmake.orig 2020-07-08 22:29:14.999896000 +0200
-+++ cmake/ssl.cmake 2020-07-08 22:44:05.251931000 +0200
+--- cmake/ssl.cmake.orig 2019-12-06 10:41:47 UTC
++++ cmake/ssl.cmake
@@ -150,22 +150,12 @@ MACRO (MYSQL_CHECK_SSL)
MESSAGE(STATUS "OPENSSL_APPLINK_C ${OPENSSL_APPLINK_C}")
ENDIF()
@@ -23,26 +23,32 @@
IF(OPENSSL_INCLUDE_DIR)
# Verify version number. Version information looks like:
-@@ -193,7 +183,8 @@ MACRO (MYSQL_CHECK_SSL)
+@@ -193,9 +183,10 @@ MACRO (MYSQL_CHECK_SSL)
)
SET(OPENSSL_VERSION ${OPENSSL_VERSION} CACHE INTERNAL "")
- IF("${OPENSSL_VERSION}" VERSION_GREATER "1.1.0")
-+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
-+ IF(HAVE_TLS1_3_VERSION)
- ADD_DEFINITIONS(-DHAVE_TLSv13)
- SET(HAVE_TLSv13 1)
+- ADD_DEFINITIONS(-DHAVE_TLSv13)
+- SET(HAVE_TLSv13 1)
++ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
++ IF(HAVE_TLS1_3_VERSION)
++ #ADD_DEFINITIONS(-DHAVE_TLSv13)
++ #SET(HAVE_TLSv13 1)
IF(SOLARIS)
-@@ -204,6 +195,12 @@ MACRO (MYSQL_CHECK_SSL)
+ SET(FORCE_SSL_SOLARIS "-Wl,--undefined,address_of_sk_new_null")
+ ENDIF()
+@@ -203,7 +204,13 @@ MACRO (MYSQL_CHECK_SSL)
+ IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND
CRYPTO_LIBRARY AND
- OPENSSL_MAJOR_VERSION STREQUAL "1"
-+ )
-+ SET(OPENSSL_FOUND TRUE)
-+ ELSEIF(OPENSSL_INCLUDE_DIR AND
-+ OPENSSL_LIBRARY AND
-+ CRYPTO_LIBRARY AND
-+ OPENSSL_MAJOR_VERSION STREQUAL "2"
+- OPENSSL_MAJOR_VERSION STREQUAL "1"
++ OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1"
++ )
++ SET(OPENSSL_FOUND TRUE)
++ ELSEIF(OPENSSL_INCLUDE_DIR AND
++ OPENSSL_LIBRARY AND
++ CRYPTO_LIBRARY AND
++ OPENSSL_MAJOR_VERSION STREQUAL "2"
)
SET(OPENSSL_FOUND TRUE)
ELSE()
Modified: branches/2021Q1/databases/mysql57-client/files/patch-vio_viosslfactories.c
==============================================================================
--- branches/2021Q1/databases/mysql57-client/files/patch-vio_viosslfactories.c Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql57-client/files/patch-vio_viosslfactories.c Fri Feb 5 18:45:03 2021 (r564147)
@@ -33,3 +33,30 @@
}
return(dh);
}
+@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+ struct st_VioSSLFd *ssl_fd;
+ /* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */
+ long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+ ;
+@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+ SSL_OP_NO_TLSv1 |
+ SSL_OP_NO_TLSv1_1
+ | SSL_OP_NO_TLSv1_2
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+ | SSL_OP_NO_TICKET
+@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+
+ SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
+
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ /*
+ MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
+ */
Modified: branches/2021Q1/databases/mysql57-server/Makefile
==============================================================================
--- branches/2021Q1/databases/mysql57-server/Makefile Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql57-server/Makefile Fri Feb 5 18:45:03 2021 (r564147)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME?= mysql
-PORTVERSION= 5.7.32
+PORTVERSION= 5.7.33
PORTREVISION?= 0
CATEGORIES= databases
MASTER_SITES= MYSQL/MySQL-5.7
Modified: branches/2021Q1/databases/mysql57-server/distinfo
==============================================================================
--- branches/2021Q1/databases/mysql57-server/distinfo Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql57-server/distinfo Fri Feb 5 18:45:03 2021 (r564147)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1603133127
-SHA256 (mysql-boost-5.7.32.tar.gz) = 9a8a04a2b0116ccff9a8d8aace07aaeaacf47329b701c5dfa9fa4351d3f1933b
-SIZE (mysql-boost-5.7.32.tar.gz) = 52882168
+TIMESTAMP = 1612332815
+SHA256 (mysql-boost-5.7.33.tar.gz) = cfcaf6f37a055d808fe1472eb0359864e2227aa0206c55c4e1961bab2ecc304b
+SIZE (mysql-boost-5.7.33.tar.gz) = 52912380
Modified: branches/2021Q1/databases/mysql57-server/files/patch-cmake_ssl.cmake
==============================================================================
--- branches/2021Q1/databases/mysql57-server/files/patch-cmake_ssl.cmake Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql57-server/files/patch-cmake_ssl.cmake Fri Feb 5 18:45:03 2021 (r564147)
@@ -1,15 +1,42 @@
--- cmake/ssl.cmake.orig 2019-12-06 10:41:47 UTC
+++ cmake/ssl.cmake
-@@ -193,7 +193,8 @@ MACRO (MYSQL_CHECK_SSL)
+@@ -150,22 +150,12 @@ MACRO (MYSQL_CHECK_SSL)
+ MESSAGE(STATUS "OPENSSL_APPLINK_C ${OPENSSL_APPLINK_C}")
+ ENDIF()
+
+- # On mac this list is <.dylib;.so;.a>
+- # We prefer static libraries, so we reverse it here.
+- IF (WITH_SSL_PATH)
+- LIST(REVERSE CMAKE_FIND_LIBRARY_SUFFIXES)
+- MESSAGE(STATUS "suffixes <${CMAKE_FIND_LIBRARY_SUFFIXES}>")
+- ENDIF()
+-
+ FIND_LIBRARY(OPENSSL_LIBRARY
+ NAMES ssl libssl ssleay32 ssleay32MD
+ HINTS ${OPENSSL_ROOT_DIR}/lib)
+ FIND_LIBRARY(CRYPTO_LIBRARY
+ NAMES crypto libcrypto libeay32
+ HINTS ${OPENSSL_ROOT_DIR}/lib)
+- IF (WITH_SSL_PATH)
+- LIST(REVERSE CMAKE_FIND_LIBRARY_SUFFIXES)
+- ENDIF()
+
+ IF(OPENSSL_INCLUDE_DIR)
+ # Verify version number. Version information looks like:
+@@ -193,9 +183,10 @@ MACRO (MYSQL_CHECK_SSL)
)
SET(OPENSSL_VERSION ${OPENSSL_VERSION} CACHE INTERNAL "")
- IF("${OPENSSL_VERSION}" VERSION_GREATER "1.1.0")
+- ADD_DEFINITIONS(-DHAVE_TLSv13)
+- SET(HAVE_TLSv13 1)
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+ IF(HAVE_TLS1_3_VERSION)
- ADD_DEFINITIONS(-DHAVE_TLSv13)
- SET(HAVE_TLSv13 1)
++ #ADD_DEFINITIONS(-DHAVE_TLSv13)
++ #SET(HAVE_TLSv13 1)
IF(SOLARIS)
+ SET(FORCE_SSL_SOLARIS "-Wl,--undefined,address_of_sk_new_null")
+ ENDIF()
@@ -203,7 +204,13 @@ MACRO (MYSQL_CHECK_SSL)
IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND
Modified: branches/2021Q1/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c
==============================================================================
--- branches/2021Q1/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c Fri Feb 5 18:45:03 2021 (r564147)
@@ -1,5 +1,31 @@
--- rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c.orig 2020-03-23 17:35:17 UTC
+++ rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
+@@ -232,7 +232,7 @@ static int configure_ssl_algorithms(SSL_CTX* ssl_ctx,
+ const char* tls_version)
+ {
+ DH *dh= NULL;
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ /* We support TLS up to 1.2, so explicitly disable TLS 1.3. */
+ long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1_3;
+ #else
+@@ -257,14 +257,14 @@ static int configure_ssl_algorithms(SSL_CTX* ssl_ctx,
+ SSL_OP_NO_TLSv1 |
+ SSL_OP_NO_TLSv1_1
+ | SSL_OP_NO_TLSv1_2
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+ );
+
+ SSL_CTX_set_options(ssl_ctx, ssl_ctx_options);
+
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ /* We do not support TLS 1.3.
+ Setting empty TLS 1.3 ciphersuites disables them. */
+ if (SSL_CTX_set_ciphersuites(ssl_ctx, "") == 0)
@@ -529,7 +529,7 @@ int xcom_init_ssl(const char *server_key_file, const c
break e.g. ODBC clients (if the client also uses SSL).
*/
Added: branches/2021Q1/databases/mysql57-server/files/patch-sql_locks_shared__spin__lock.cc
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2021Q1/databases/mysql57-server/files/patch-sql_locks_shared__spin__lock.cc Fri Feb 5 18:45:03 2021 (r564147)
@@ -0,0 +1,11 @@
+--- sql/locks/shared_spin_lock.cc.orig 2020-12-10 03:01:55 UTC
++++ sql/locks/shared_spin_lock.cc
+@@ -239,7 +239,7 @@ lock::Shared_spin_lock &lock::Shared_spin_lock::try_or
+ {
+ this->spin_exclusive_lock();
+ }
+- my_atomic_store64(&this->m_exclusive_owner, self);
++ my_atomic_store64(&this->m_exclusive_owner, reinterpret_cast<int64>(self));
+ return (*this);
+ }
+
Modified: branches/2021Q1/databases/mysql57-server/files/patch-vio_viosslfactories.c
==============================================================================
--- branches/2021Q1/databases/mysql57-server/files/patch-vio_viosslfactories.c Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql57-server/files/patch-vio_viosslfactories.c Fri Feb 5 18:45:03 2021 (r564147)
@@ -33,3 +33,30 @@
}
return(dh);
}
+@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+ struct st_VioSSLFd *ssl_fd;
+ /* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */
+ long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+ ;
+@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+ SSL_OP_NO_TLSv1 |
+ SSL_OP_NO_TLSv1_1
+ | SSL_OP_NO_TLSv1_2
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+ | SSL_OP_NO_TICKET
+@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+
+ SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
+
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ /*
+ MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
+ */
Modified: branches/2021Q1/databases/mysql80-client/Makefile
==============================================================================
--- branches/2021Q1/databases/mysql80-client/Makefile Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql80-client/Makefile Fri Feb 5 18:45:03 2021 (r564147)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= mysql
-PORTREVISION= 1
+PORTREVISION= 0
PKGNAMESUFFIX= 80-client
COMMENT= Multithreaded SQL database (client)
Modified: branches/2021Q1/databases/mysql80-server/Makefile
==============================================================================
--- branches/2021Q1/databases/mysql80-server/Makefile Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql80-server/Makefile Fri Feb 5 18:45:03 2021 (r564147)
@@ -2,8 +2,8 @@
# $FreeBSD$
PORTNAME?= mysql
-PORTVERSION= 8.0.22
-PORTREVISION?= 1
+PORTVERSION= 8.0.23
+PORTREVISION?= 0
CATEGORIES= databases
MASTER_SITES= MYSQL/MySQL-8.0
PKGNAMESUFFIX?= 80-server
@@ -17,7 +17,7 @@ LICENSE= GPLv2
WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}${DISTVERSIONSUFFIX}
SLAVEDIRS= databases/mysql80-client
-USES= bison:build cmake:noninja compiler:c++14-lang cpe \
+USES= bison:build cmake:noninja compiler:c++17-lang cpe \
groff:run libedit localbase ncurses perl5 pkgconfig shebangfix ssl
USE_CXXSTD= c++14
@@ -185,10 +185,19 @@ SUB_LIST+= LEGACY_LIMITS="" MODERN_LIMITS="@comment "
.include <bsd.port.pre.mk>
-.if ${CHOSEN_COMPILER_TYPE} == clang && ${OPSYS} == FreeBSD && ${OSVERSION} >= 1300109
-BUILD_DEPENDS+= clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT}
-CC= ${LOCALBASE}/bin/clang${LLVM_DEFAULT}
+.if ${CHOSEN_COMPILER_TYPE} == clang && ${OPSYS} == FreeBSD && ${OSVERSION} >= 1300109 || ${ARCH} == "i386"
+BUILD_DEPENDS+= clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT}
+CC= ${LOCALBASE}/bin/clang${LLVM_DEFAULT}
+CPP= ${LOCALBASE}/bin/clang${LLVM_DEFAULT}
CXX= ${LOCALBASE}/bin/clang++${LLVM_DEFAULT}
+.endif
+
+.if ${ARCH} == "i386" && ${OSVERSION} < 1200000
+# clang 7.x and 8.x do not build properly on 11i386
+CPP= clang-cpp${LLVM_DEFAULT}
+CC= clang${LLVM_DEFAULT}
+CXX= clang++${LLVM_DEFAULT}
+BUILD_DEPENDS+= clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT}
.endif
post-extract:
Modified: branches/2021Q1/databases/mysql80-server/distinfo
==============================================================================
--- branches/2021Q1/databases/mysql80-server/distinfo Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql80-server/distinfo Fri Feb 5 18:45:03 2021 (r564147)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1603183848
-SHA256 (mysql-boost-8.0.22.tar.gz) = ba765f74367c638d7cd1c546c05c14382fd997669bcd9680278e907f8d7eb484
-SIZE (mysql-boost-8.0.22.tar.gz) = 285934450
+TIMESTAMP = 1611995725
+SHA256 (mysql-boost-8.0.23.tar.gz) = 1c7a424303c134758e59607a0b3172e43a21a27ff08e8c88c2439ffd4fc724a5
+SIZE (mysql-boost-8.0.23.tar.gz) = 291039175
Modified: branches/2021Q1/databases/mysql80-server/files/patch-client_CMakeLists.txt
==============================================================================
--- branches/2021Q1/databases/mysql80-server/files/patch-client_CMakeLists.txt Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql80-server/files/patch-client_CMakeLists.txt Fri Feb 5 18:45:03 2021 (r564147)
@@ -1,6 +1,6 @@
--- client/CMakeLists.txt.orig 2019-09-20 08:30:51 UTC
+++ client/CMakeLists.txt
-@@ -23,8 +23,11 @@
+@@ -28,8 +28,11 @@ DISABLE_MISSING_PROFILE_WARNING()
## Subdirectory with common client code.
ADD_SUBDIRECTORY(base)
## Subdirectory for mysqlpump code.
@@ -12,15 +12,15 @@
MYSQL_ADD_EXECUTABLE(mysql
${CMAKE_SOURCE_DIR}/sql-common/net_ns.cc
completion_hash.cc
-@@ -33,6 +36,7 @@ MYSQL_ADD_EXECUTABLE(mysql
- readline.cc
+@@ -39,6 +42,7 @@ MYSQL_ADD_EXECUTABLE(mysql
+ client_query_attributes.cc
LINK_LIBRARIES mysqlclient client_base ${EDITLINE_LIBRARY}
)
+ENDIF()
IF(NOT WITHOUT_SERVER)
MYSQL_ADD_EXECUTABLE(mysql_upgrade
-@@ -48,6 +52,7 @@ IF(SOLARIS_SPARC AND CMAKE_BUILD_TYPE_UPPER STREQUAL "
+@@ -55,6 +59,7 @@ IF(SOLARIS_SPARC AND MY_COMPILER_IS_SUNPRO AND
)
ENDIF()
@@ -28,7 +28,7 @@
MYSQL_ADD_EXECUTABLE(mysqltest
mysqltest.cc
mysqltest/error_names.cc
-@@ -63,6 +68,9 @@ MYSQL_ADD_EXECUTABLE(mysqltest
+@@ -71,6 +76,9 @@ MYSQL_ADD_EXECUTABLE(mysqltest
ENABLE_EXPORTS
LINK_LIBRARIES mysqlclient
)
@@ -38,15 +38,7 @@
MYSQL_ADD_EXECUTABLE(mysqlcheck
check/mysqlcheck.cc
check/mysqlcheck_core.cc
-@@ -80,6 +88,7 @@ MYSQL_ADD_EXECUTABLE(mysqlshow
- mysqlshow.cc
- LINK_LIBRARIES mysqlclient
- )
-+
- MYSQL_ADD_EXECUTABLE(mysqlbinlog
- mysqlbinlog.cc
- ${CMAKE_SOURCE_DIR}/sql/json_binary.cc
-@@ -104,7 +113,9 @@ MYSQL_ADD_EXECUTABLE(mysqlbinlog
+@@ -246,7 +254,9 @@ ENDIF()
TARGET_COMPILE_DEFINITIONS(mysqlbinlog PRIVATE DISABLE_PSI_MUTEX)
TARGET_INCLUDE_DIRECTORIES(mysqlbinlog PRIVATE ${CMAKE_SOURCE_DIR}/sql)
@@ -56,7 +48,7 @@
MYSQL_ADD_EXECUTABLE(mysqladmin
mysqladmin.cc
LINK_LIBRARIES mysqlclient
-@@ -117,6 +128,9 @@ MYSQL_ADD_EXECUTABLE(mysql_config_editor
+@@ -259,6 +269,9 @@ MYSQL_ADD_EXECUTABLE(mysql_config_editor
mysql_config_editor.cc
LINK_LIBRARIES mysqlclient
)
@@ -66,7 +58,7 @@
MYSQL_ADD_EXECUTABLE(mysql_secure_installation
mysql_secure_installation.cc
LINK_LIBRARIES mysqlclient
-@@ -127,6 +141,7 @@ MYSQL_ADD_EXECUTABLE(mysql_ssl_rsa_setup
+@@ -269,6 +282,7 @@ MYSQL_ADD_EXECUTABLE(mysql_ssl_rsa_setup
path.cc
LINK_LIBRARIES mysys
)
Modified: branches/2021Q1/databases/mysql80-server/files/patch-cmake_ssl.cmake
==============================================================================
--- branches/2021Q1/databases/mysql80-server/files/patch-cmake_ssl.cmake Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql80-server/files/patch-cmake_ssl.cmake Fri Feb 5 18:45:03 2021 (r564147)
@@ -9,14 +9,15 @@
)
STRING(REGEX REPLACE
"^.*OPENSSL_VERSION_NUMBER[\t ]+0x([0-9]).*$" "\\1"
-@@ -214,13 +214,14 @@ MACRO (MYSQL_CHECK_SSL)
+@@ -222,13 +222,14 @@ MACRO (MYSQL_CHECK_SSL)
OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
)
ENDIF()
- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
+- ADD_DEFINITIONS(-DHAVE_TLSv13)
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+ IF(HAVE_TLS1_3_VERSION)
- ADD_DEFINITIONS(-DHAVE_TLSv13)
++ #ADD_DEFINITIONS(-DHAVE_TLSv13)
ENDIF()
IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND
Modified: branches/2021Q1/databases/mysql80-server/files/patch-man_CMakeLists.txt
==============================================================================
--- branches/2021Q1/databases/mysql80-server/files/patch-man_CMakeLists.txt Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql80-server/files/patch-man_CMakeLists.txt Fri Feb 5 18:45:03 2021 (r564147)
@@ -1,6 +1,6 @@
--- man/CMakeLists.txt.orig 2020-10-20 11:47:42.675974000 +0200
+++ man/CMakeLists.txt 2020-10-20 13:53:03.993879000 +0200
-@@ -23,21 +23,10 @@
+@@ -23,26 +23,14 @@
# Copy man pages
SET(MAN1
comp_err.1
@@ -22,6 +22,11 @@
mysqladmin.1
mysqlbinlog.1
mysqlcheck.1
+ mysqldump.1
+- mysqldumpslow.1
+ mysqlimport.1
+ mysqlman.1
+ mysqlpump.1
@@ -52,13 +41,23 @@ SET(MAN1
zlib_decompress.1
)
Modified: branches/2021Q1/databases/mysql80-server/files/patch-plugin_group__replication_libmysqlgcs_src_bindings_xcom_xcom_xcom__ssl__transport.c
==============================================================================
--- branches/2021Q1/databases/mysql80-server/files/patch-plugin_group__replication_libmysqlgcs_src_bindings_xcom_xcom_xcom__ssl__transport.c Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql80-server/files/patch-plugin_group__replication_libmysqlgcs_src_bindings_xcom_xcom_xcom__ssl__transport.c Fri Feb 5 18:45:03 2021 (r564147)
@@ -1,6 +1,51 @@
--- plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.cc.orig 2019-09-20 08:30:51 UTC
+++ plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.cc
-@@ -329,6 +329,7 @@ error:
+@@ -175,7 +175,7 @@ SSL_CTX *client_ctx = NULL;
+ static long process_tls_version(const char *tls_version) {
+ const char *separator = ", ";
+ char *token = NULL;
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ const char *tls_version_name_list[] = {"TLSv1", "TLSv1.1", "TLSv1.2",
+ "TLSv1.3"};
+ #else
+@@ -184,7 +184,7 @@ static long process_tls_version(const char *tls_versio
+ #define TLS_VERSIONS_COUNTS \
+ (sizeof(tls_version_name_list) / sizeof(*tls_version_name_list))
+ unsigned int tls_versions_count = TLS_VERSIONS_COUNTS;
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ const long tls_ctx_list[TLS_VERSIONS_COUNTS] = {
+ SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3};
+ const char *ctx_flag_default = "TLSv1,TLSv1.1,TLSv1.2,TLSv1.3";
+@@ -240,7 +240,7 @@ static int configure_ssl_algorithms(
+ long ssl_ctx_options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
+ char cipher_list[SSL_CIPHER_LIST_SIZE] = {0};
+ long ssl_ctx_flags = -1;
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ int tlsv1_3_enabled = 0;
+ #endif /* HAVE_TLSv13 */
+
+@@ -253,7 +253,7 @@ static int configure_ssl_algorithms(
+ goto error;
+ }
+
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ ssl_ctx_options = (ssl_ctx_options | ssl_ctx_flags) &
+ (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
+ SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
+@@ -265,7 +265,7 @@ static int configure_ssl_algorithms(
+
+ SSL_CTX_set_options(ssl_ctx, ssl_ctx_options);
+
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ tlsv1_3_enabled = ((ssl_ctx_options & SSL_OP_NO_TLSv1_3) == 0);
+ if (tlsv1_3_enabled) {
+ /* Set OpenSSL TLS v1.3 ciphersuites.
+@@ -325,6 +325,7 @@ error:
return 1;
}
@@ -8,7 +53,7 @@
#define OPENSSL_ERROR_LENGTH 512
static int configure_ssl_fips_mode(const uint fips_mode) {
int rc = -1;
-@@ -352,6 +353,7 @@ static int configure_ssl_fips_mode(const uint fips_mod
+@@ -348,6 +349,7 @@ static int configure_ssl_fips_mode(const uint fips_mod
EXIT:
return rc;
}
@@ -16,7 +61,7 @@
static int configure_ssl_ca(SSL_CTX *ssl_ctx, const char *ca_file,
const char *ca_path) {
-@@ -555,10 +557,12 @@ int xcom_init_ssl(const char *server_key_file, const c
+@@ -544,10 +546,12 @@ int xcom_init_ssl(const char *server_key_file, const c
int verify_server = SSL_VERIFY_NONE;
int verify_client = SSL_VERIFY_NONE;
@@ -29,3 +74,21 @@
SSL_library_init();
SSL_load_error_strings();
+@@ -563,7 +567,7 @@ int xcom_init_ssl(const char *server_key_file, const c
+ }
+
+ G_DEBUG("Configuring SSL for the server")
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ server_ctx = SSL_CTX_new(TLS_server_method());
+ #else
+ server_ctx = SSL_CTX_new(SSLv23_server_method());
+@@ -582,7 +586,7 @@ int xcom_init_ssl(const char *server_key_file, const c
+ SSL_CTX_set_verify(server_ctx, verify_server, NULL);
+
+ G_DEBUG("Configuring SSL for the client")
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ client_ctx = SSL_CTX_new(TLS_client_method());
+ #else
+ client_ctx = SSL_CTX_new(SSLv23_client_method());
Modified: branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_CMakeLists.txt
==============================================================================
--- branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_CMakeLists.txt Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_CMakeLists.txt Fri Feb 5 18:45:03 2021 (r564147)
@@ -8,7 +8,15 @@
)
ELSE()
INSTALL(TARGETS harness-library
-@@ -240,5 +239,4 @@ INSTALL(TARGETS harness_stdx
+@@ -240,7 +239,6 @@ INSTALL(TARGETS harness_stdx
+ RUNTIME DESTINATION ${ROUTER_INSTALL_BINDIR} COMPONENT Router
+ ARCHIVE DESTINATION ${ROUTER_INSTALL_LIBDIR} COMPONENT Router
+ LIBRARY DESTINATION ${ROUTER_INSTALL_LIBDIR} COMPONENT Router
+- NAMELINK_SKIP
+ )
+
+ ## harness_tls
+@@ -277,5 +275,4 @@ INSTALL(TARGETS harness_tls
RUNTIME DESTINATION ${ROUTER_INSTALL_BINDIR} COMPONENT Router
ARCHIVE DESTINATION ${ROUTER_INSTALL_LIBDIR} COMPONENT Router
LIBRARY DESTINATION ${ROUTER_INSTALL_LIBDIR} COMPONENT Router
Added: branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_tls__client__context.cc
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_tls__client__context.cc Fri Feb 5 18:45:03 2021 (r564147)
@@ -0,0 +1,11 @@
+--- router/src/harness/src/tls_client_context.cc.orig 2019-09-20 08:30:51 UTC
++++ router/src/harness/src/tls_client_context.cc
+@@ -54,7 +54,7 @@ void TlsClientContext::verify(TlsVerify verify) {
+
+ void TlsClientContext::cipher_suites(const std::string &ciphers) {
+ // TLSv1.3 ciphers are controlled via SSL_CTX_set_ciphersuites()
+-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 1)
++#ifdef TLS1_3_VERSION
+ if (1 != SSL_CTX_set_ciphersuites(ssl_ctx_.get(), ciphers.c_str())) {
+ throw TlsError("set-cipher-suites");
+ }
Added: branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_tls__context.cc
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_tls__context.cc Fri Feb 5 18:45:03 2021 (r564147)
@@ -0,0 +1,44 @@
+--- router/src/harness/src/tls_context.cc.orig 2019-09-20 08:30:51 UTC
++++ router/src/harness/src/tls_context.cc
+@@ -91,7 +91,7 @@ static constexpr int o11x_version(TlsVersion version)
+ return TLS1_1_VERSION;
+ case TlsVersion::TLS_1_2:
+ return TLS1_2_VERSION;
+-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 1)
++#ifdef TLS1_3_VERSION
+ case TlsVersion::TLS_1_3:
+ return TLS1_3_VERSION;
+ #endif
+@@ -121,9 +121,11 @@ void TlsContext::version_range(TlsVersion min_version,
+ default:
+ // unknown, leave all disabled
+ // fallthrough
++#ifdef TLS1_3_VERSION
+ case TlsVersion::TLS_1_3:
+ opts |= SSL_OP_NO_TLSv1_2;
+ // fallthrough
++#endif
+ case TlsVersion::TLS_1_2:
+ opts |= SSL_OP_NO_TLSv1_1;
+ // fallthrough
+@@ -170,8 +172,10 @@ TlsVersion TlsContext::min_version() const {
+ return TlsVersion::TLS_1_1;
+ case TLS1_2_VERSION:
+ return TlsVersion::TLS_1_2;
++#ifdef TLS1_3_VERSION
+ case TLS1_3_VERSION:
+ return TlsVersion::TLS_1_3;
++#endif
+ case 0:
+ return TlsVersion::AUTO;
+ default:
+@@ -230,7 +234,8 @@ TlsContext::InfoCallback TlsContext::info_callback() c
+ }
+
+ int TlsContext::security_level() const {
+-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0)
++#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0) && \
++ !defined(LIBRESSL_VERSION_NUMBER)
+ return SSL_CTX_get_security_level(ssl_ctx_.get());
+ #else
+ return 0;
Added: branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_tls__server__context.cc
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2021Q1/databases/mysql80-server/files/patch-router_src_harness_src_tls__server__context.cc Fri Feb 5 18:45:03 2021 (r564147)
@@ -0,0 +1,12 @@
+--- router/src/harness/src/tls_server_context.cc.orig 2019-09-20 08:30:51 UTC
++++ router/src/harness/src/tls_server_context.cc
+@@ -166,7 +166,8 @@ void TlsServerContext::init_tmp_dh(const std::string &
+ }
+
+ } else {
+-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0)
++#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0) && \
++ !defined(LIBRESSL_VERSION_NUMBER)
+ dh2048.reset(DH_get_2048_256());
+ #else
+ /*
Added: branches/2021Q1/databases/mysql80-server/files/patch-sql_item.h
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2021Q1/databases/mysql80-server/files/patch-sql_item.h Fri Feb 5 18:45:03 2021 (r564147)
@@ -0,0 +1,18 @@
+--- sql/item.h.orig 2020-12-11 07:42:20 UTC
++++ sql/item.h
+@@ -3380,13 +3380,13 @@ class Item_sp_variable : public Item {
+ Name_string m_name;
+
+ public:
+-#ifndef DBUG_OFF
++//#ifndef DBUG_OFF
+ /*
+ Routine to which this Item_splocal belongs. Used for checking if correct
+ runtime context is used for variable handling.
+ */
+ sp_head *m_sp{nullptr};
+-#endif
++//#endif
+
+ public:
+ Item_sp_variable(const Name_string sp_var_name);
Added: branches/2021Q1/databases/mysql80-server/files/patch-ssl__init__callback.cc
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2021Q1/databases/mysql80-server/files/patch-ssl__init__callback.cc Fri Feb 5 18:45:03 2021 (r564147)
@@ -0,0 +1,20 @@
+--- sql/ssl_init_callback.cc.orig 2020-12-11 07:42:20 UTC
++++ sql/ssl_init_callback.cc
+@@ -88,7 +88,7 @@ static Sys_var_charptr Sys_tls_version(
+ "TLS version, permitted values are TLSv1, TLSv1.1, TLSv1.2, TLSv1.3",
+ PERSIST_AS_READONLY GLOBAL_VAR(opt_tls_version),
+ CMD_LINE(REQUIRED_ARG, OPT_TLS_VERSION), IN_FS_CHARSET,
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ "TLSv1,TLSv1.1,TLSv1.2,TLSv1.3",
+ #else
+ "TLSv1,TLSv1.1,TLSv1.2",
+@@ -154,7 +154,7 @@ static Sys_var_charptr Sys_admin_tls_version(
+ "TLSv1.2, TLSv1.3",
+ PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_tls_version),
+ CMD_LINE(REQUIRED_ARG, OPT_TLS_VERSION), IN_FS_CHARSET,
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ "TLSv1,TLSv1.1,TLSv1.2,TLSv1.3",
+ #else
+ "TLSv1,TLSv1.1,TLSv1.2",
Modified: branches/2021Q1/databases/mysql80-server/files/patch-vio_viosslfactories.cc
==============================================================================
--- branches/2021Q1/databases/mysql80-server/files/patch-vio_viosslfactories.cc Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql80-server/files/patch-vio_viosslfactories.cc Fri Feb 5 18:45:03 2021 (r564147)
@@ -1,14 +1,14 @@
--- vio/viosslfactories.cc.orig 2019-09-20 08:30:51 UTC
+++ vio/viosslfactories.cc
-@@ -38,6 +38,7 @@
+@@ -40,6 +40,7 @@
+ #include "vio/vio_priv.h"
- #ifdef HAVE_OPENSSL
#include <openssl/dh.h>
+#include <openssl/crypto.h>
- #define TLS_VERSION_OPTION_SIZE 256
- #define SSL_CIPHER_LIST_SIZE 4096
-@@ -420,6 +421,7 @@ void ssl_start() {
+ #if OPENSSL_VERSION_NUMBER < 0x10002000L
+ #include <openssl/ec.h>
+@@ -472,6 +473,7 @@ void ssl_start() {
}
}
@@ -16,7 +16,7 @@
/**
Set fips mode in openssl library,
When we set fips mode ON/STRICT, it will perform following operations:
-@@ -473,6 +475,7 @@ EXIT:
+@@ -525,12 +527,13 @@ EXIT:
@returns openssl current fips mode
*/
uint get_fips_mode() { return FIPS_mode(); }
@@ -24,3 +24,37 @@
long process_tls_version(const char *tls_version) {
const char *separator = ",";
+ char *token, *lasts = nullptr;
+
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ const char *tls_version_name_list[] = {"TLSv1", "TLSv1.1", "TLSv1.2",
+ "TLSv1.3"};
+ const char ctx_flag_default[] = "TLSv1,TLSv1.1,TLSv1.2,TLSv1.3";
+@@ -609,7 +612,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
+ ssl_ctx_options = (ssl_ctx_options | ssl_ctx_flags) &
+ (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
+ SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+ | SSL_OP_NO_TICKET);
+@@ -618,7 +621,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
+ return nullptr;
+
+ if (!(ssl_fd->ssl_context = SSL_CTX_new(is_client ?
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ TLS_client_method()
+ : TLS_server_method()
+ #else /* HAVE_TLSv13 */
+@@ -633,7 +636,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
+ return nullptr;
+ }
+
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+ /*
+ Set OpenSSL TLS v1.3 ciphersuites.
+ Note that an empty list is permissible.
Modified: branches/2021Q1/databases/mysql80-server/pkg-plist
==============================================================================
--- branches/2021Q1/databases/mysql80-server/pkg-plist Fri Feb 5 18:38:50 2021 (r564146)
+++ branches/2021Q1/databases/mysql80-server/pkg-plist Fri Feb 5 18:45:03 2021 (r564147)
@@ -26,6 +26,8 @@ lib/mysql/libmysqlharness.so
lib/mysql/libmysqlharness.so.1
lib/mysql/libmysqlharness_stdx.so
lib/mysql/libmysqlharness_stdx.so.1
+lib/mysql/libmysqlharness_tls.so
+lib/mysql/libmysqlharness_tls.so.1
lib/mysql/libmysqlrouter.so
lib/mysql/libmysqlrouter.so.1
lib/mysql/libmysqlrouter_http.so
@@ -42,12 +44,12 @@ lib/mysql/mysqlrouter/http_server.so
lib/mysql/mysqlrouter/io.so
lib/mysql/mysqlrouter/keepalive.so
lib/mysql/mysqlrouter/metadata_cache.so
-lib/mysql/mysqlrouter/mysql_protocol.so
lib/mysql/mysqlrouter/rest_api.so
lib/mysql/mysqlrouter/rest_metadata_cache.so
lib/mysql/mysqlrouter/rest_router.so
lib/mysql/mysqlrouter/rest_routing.so
lib/mysql/mysqlrouter/router_protobuf.so
+lib/mysql/mysqlrouter/router_openssl.so
lib/mysql/mysqlrouter/routing.so
lib/mysql/plugin/adt_null.so
lib/mysql/plugin/auth.so
@@ -64,6 +66,8 @@ lib/mysql/plugin/component_mysqlbackup.so
lib/mysql/plugin/component_mysqlx_global_reset.so
lib/mysql/plugin/component_pfs_example.so
lib/mysql/plugin/component_pfs_example_component_population.so
+lib/mysql/plugin/component_query_attributes.so
+lib/mysql/plugin/component_reference_cache.so
lib/mysql/plugin/component_test_audit_api_message.so
lib/mysql/plugin/component_test_backup_lock_service.so
lib/mysql/plugin/component_test_component_deinit.so
@@ -124,6 +128,7 @@ lib/mysql/plugin/libtest_sql_processlist.so
lib/mysql/plugin/libtest_sql_replication.so
lib/mysql/plugin/libtest_sql_reset_connection.so
lib/mysql/plugin/libtest_sql_shutdown.so
+lib/mysql/plugin/libtest_sql_sleep_is_connected.so
lib/mysql/plugin/libtest_sql_sqlmode.so
lib/mysql/plugin/libtest_sql_stmt.so
lib/mysql/plugin/libtest_sql_stored_procedures_functions.so
More information about the svn-ports-all
mailing list