Date: Wed, 3 Feb 2021 02:02:59 +0000 (UTC) From: Dima Panov <fluffy@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r563858 - in head/databases: mysql57-client mysql57-client/files mysql57-server mysql57-server/files Message-ID: <202102030202.11322x79048404@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: fluffy Date: Wed Feb 3 02:02:58 2021 New Revision: 563858 URL: https://svnweb.freebsd.org/changeset/ports/563858 Log: databases/mysql56*: update to 5.7.33 release Disable detect of TLSv1.3 functions - it's broken with LibreSSL Release Notes: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-33.html Requested by: joneum Added: head/databases/mysql57-server/files/patch-sql_locks_shared__spin__lock.cc (contents, props changed) Modified: head/databases/mysql57-client/Makefile head/databases/mysql57-client/files/patch-cmake_ssl.cmake head/databases/mysql57-client/files/patch-vio_viosslfactories.c head/databases/mysql57-server/Makefile head/databases/mysql57-server/files/patch-cmake_ssl.cmake head/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c head/databases/mysql57-server/files/patch-vio_viosslfactories.c Modified: head/databases/mysql57-client/Makefile ============================================================================== --- head/databases/mysql57-client/Makefile Wed Feb 3 01:58:48 2021 (r563857) +++ head/databases/mysql57-client/Makefile Wed Feb 3 02:02:58 2021 (r563858) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= mysql -PORTREVISION= 1 +PORTREVISION= 0 PKGNAMESUFFIX= 57-client COMMENT= Multithreaded SQL database (client) Modified: head/databases/mysql57-client/files/patch-cmake_ssl.cmake ============================================================================== --- head/databases/mysql57-client/files/patch-cmake_ssl.cmake Wed Feb 3 01:58:48 2021 (r563857) +++ head/databases/mysql57-client/files/patch-cmake_ssl.cmake Wed Feb 3 02:02:58 2021 (r563858) @@ -1,5 +1,5 @@ ---- cmake/ssl.cmake.orig 2020-07-08 22:29:14.999896000 +0200 -+++ cmake/ssl.cmake 2020-07-08 22:44:05.251931000 +0200 +--- cmake/ssl.cmake.orig 2019-12-06 10:41:47 UTC ++++ cmake/ssl.cmake @@ -150,22 +150,12 @@ MACRO (MYSQL_CHECK_SSL) MESSAGE(STATUS "OPENSSL_APPLINK_C ${OPENSSL_APPLINK_C}") ENDIF() @@ -23,26 +23,32 @@ IF(OPENSSL_INCLUDE_DIR) # Verify version number. Version information looks like: -@@ -193,7 +183,8 @@ MACRO (MYSQL_CHECK_SSL) +@@ -193,9 +183,10 @@ MACRO (MYSQL_CHECK_SSL) ) SET(OPENSSL_VERSION ${OPENSSL_VERSION} CACHE INTERNAL "") - IF("${OPENSSL_VERSION}" VERSION_GREATER "1.1.0") -+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION) -+ IF(HAVE_TLS1_3_VERSION) - ADD_DEFINITIONS(-DHAVE_TLSv13) - SET(HAVE_TLSv13 1) +- ADD_DEFINITIONS(-DHAVE_TLSv13) +- SET(HAVE_TLSv13 1) ++ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION) ++ IF(HAVE_TLS1_3_VERSION) ++ #ADD_DEFINITIONS(-DHAVE_TLSv13) ++ #SET(HAVE_TLSv13 1) IF(SOLARIS) -@@ -204,6 +195,12 @@ MACRO (MYSQL_CHECK_SSL) + SET(FORCE_SSL_SOLARIS "-Wl,--undefined,address_of_sk_new_null") + ENDIF() +@@ -203,7 +204,13 @@ MACRO (MYSQL_CHECK_SSL) + IF(OPENSSL_INCLUDE_DIR AND OPENSSL_LIBRARY AND CRYPTO_LIBRARY AND - OPENSSL_MAJOR_VERSION STREQUAL "1" -+ ) -+ SET(OPENSSL_FOUND TRUE) -+ ELSEIF(OPENSSL_INCLUDE_DIR AND -+ OPENSSL_LIBRARY AND -+ CRYPTO_LIBRARY AND -+ OPENSSL_MAJOR_VERSION STREQUAL "2" +- OPENSSL_MAJOR_VERSION STREQUAL "1" ++ OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1" ++ ) ++ SET(OPENSSL_FOUND TRUE) ++ ELSEIF(OPENSSL_INCLUDE_DIR AND ++ OPENSSL_LIBRARY AND ++ CRYPTO_LIBRARY AND ++ OPENSSL_MAJOR_VERSION STREQUAL "2" ) SET(OPENSSL_FOUND TRUE) ELSE() Modified: head/databases/mysql57-client/files/patch-vio_viosslfactories.c ============================================================================== --- head/databases/mysql57-client/files/patch-vio_viosslfactories.c Wed Feb 3 01:58:48 2021 (r563857) +++ head/databases/mysql57-client/files/patch-vio_viosslfactories.c Wed Feb 3 02:02:58 2021 (r563858) @@ -33,3 +33,30 @@ } return(dh); } +@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi + struct st_VioSSLFd *ssl_fd; + /* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */ + long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 +-#ifdef HAVE_TLSv13 ++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER) + | SSL_OP_NO_TLSv1_3 + #endif /* HAVE_TLSv13 */ + ; +@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi + SSL_OP_NO_TLSv1 | + SSL_OP_NO_TLSv1_1 + | SSL_OP_NO_TLSv1_2 +-#ifdef HAVE_TLSv13 ++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER) + | SSL_OP_NO_TLSv1_3 + #endif /* HAVE_TLSv13 */ + | SSL_OP_NO_TICKET +@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi + + SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options); + +-#ifdef HAVE_TLSv13 ++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER) + /* + MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites. + */ Modified: head/databases/mysql57-server/Makefile ============================================================================== --- head/databases/mysql57-server/Makefile Wed Feb 3 01:58:48 2021 (r563857) +++ head/databases/mysql57-server/Makefile Wed Feb 3 02:02:58 2021 (r563858) @@ -2,8 +2,8 @@ # $FreeBSD$ PORTNAME?= mysql -PORTVERSION= 5.7.32 -PORTREVISION?= 1 +PORTVERSION= 5.7.33 +PORTREVISION?= 0 CATEGORIES= databases MASTER_SITES= MYSQL/MySQL-5.7 PKGNAMESUFFIX?= 57-server Modified: head/databases/mysql57-server/files/patch-cmake_ssl.cmake ============================================================================== --- head/databases/mysql57-server/files/patch-cmake_ssl.cmake Wed Feb 3 01:58:48 2021 (r563857) +++ head/databases/mysql57-server/files/patch-cmake_ssl.cmake Wed Feb 3 02:02:58 2021 (r563858) @@ -1,15 +1,42 @@ --- cmake/ssl.cmake.orig 2019-12-06 10:41:47 UTC +++ cmake/ssl.cmake -@@ -193,7 +193,8 @@ MACRO (MYSQL_CHECK_SSL) +@@ -150,22 +150,12 @@ MACRO (MYSQL_CHECK_SSL) + MESSAGE(STATUS "OPENSSL_APPLINK_C ${OPENSSL_APPLINK_C}") + ENDIF() + +- # On mac this list is <.dylib;.so;.a> +- # We prefer static libraries, so we reverse it here. +- IF (WITH_SSL_PATH) +- LIST(REVERSE CMAKE_FIND_LIBRARY_SUFFIXES) +- MESSAGE(STATUS "suffixes <${CMAKE_FIND_LIBRARY_SUFFIXES}>") +- ENDIF() +- + FIND_LIBRARY(OPENSSL_LIBRARY + NAMES ssl libssl ssleay32 ssleay32MD + HINTS ${OPENSSL_ROOT_DIR}/lib) + FIND_LIBRARY(CRYPTO_LIBRARY + NAMES crypto libcrypto libeay32 + HINTS ${OPENSSL_ROOT_DIR}/lib) +- IF (WITH_SSL_PATH) +- LIST(REVERSE CMAKE_FIND_LIBRARY_SUFFIXES) +- ENDIF() + + IF(OPENSSL_INCLUDE_DIR) + # Verify version number. Version information looks like: +@@ -193,9 +183,10 @@ MACRO (MYSQL_CHECK_SSL) ) SET(OPENSSL_VERSION ${OPENSSL_VERSION} CACHE INTERNAL "") - IF("${OPENSSL_VERSION}" VERSION_GREATER "1.1.0") +- ADD_DEFINITIONS(-DHAVE_TLSv13) +- SET(HAVE_TLSv13 1) + CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION) + IF(HAVE_TLS1_3_VERSION) - ADD_DEFINITIONS(-DHAVE_TLSv13) - SET(HAVE_TLSv13 1) ++ #ADD_DEFINITIONS(-DHAVE_TLSv13) ++ #SET(HAVE_TLSv13 1) IF(SOLARIS) + SET(FORCE_SSL_SOLARIS "-Wl,--undefined,address_of_sk_new_null") + ENDIF() @@ -203,7 +204,13 @@ MACRO (MYSQL_CHECK_SSL) IF(OPENSSL_INCLUDE_DIR AND OPENSSL_LIBRARY AND Modified: head/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c ============================================================================== --- head/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c Wed Feb 3 01:58:48 2021 (r563857) +++ head/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c Wed Feb 3 02:02:58 2021 (r563858) @@ -1,5 +1,31 @@ --- rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c.orig 2020-03-23 17:35:17 UTC +++ rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c +@@ -232,7 +232,7 @@ static int configure_ssl_algorithms(SSL_CTX* ssl_ctx, + const char* tls_version) + { + DH *dh= NULL; +-#ifdef HAVE_TLSv13 ++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER) + /* We support TLS up to 1.2, so explicitly disable TLS 1.3. */ + long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1_3; + #else +@@ -257,14 +257,14 @@ static int configure_ssl_algorithms(SSL_CTX* ssl_ctx, + SSL_OP_NO_TLSv1 | + SSL_OP_NO_TLSv1_1 + | SSL_OP_NO_TLSv1_2 +-#ifdef HAVE_TLSv13 ++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER) + | SSL_OP_NO_TLSv1_3 + #endif /* HAVE_TLSv13 */ + ); + + SSL_CTX_set_options(ssl_ctx, ssl_ctx_options); + +-#ifdef HAVE_TLSv13 ++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER) + /* We do not support TLS 1.3. + Setting empty TLS 1.3 ciphersuites disables them. */ + if (SSL_CTX_set_ciphersuites(ssl_ctx, "") == 0) @@ -529,7 +529,7 @@ int xcom_init_ssl(const char *server_key_file, const c break e.g. ODBC clients (if the client also uses SSL). */ Added: head/databases/mysql57-server/files/patch-sql_locks_shared__spin__lock.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/databases/mysql57-server/files/patch-sql_locks_shared__spin__lock.cc Wed Feb 3 02:02:58 2021 (r563858) @@ -0,0 +1,11 @@ +--- sql/locks/shared_spin_lock.cc.orig 2020-12-10 03:01:55 UTC ++++ sql/locks/shared_spin_lock.cc +@@ -239,7 +239,7 @@ lock::Shared_spin_lock &lock::Shared_spin_lock::try_or + { + this->spin_exclusive_lock(); + } +- my_atomic_store64(&this->m_exclusive_owner, self); ++ my_atomic_store64(&this->m_exclusive_owner, reinterpret_cast<int64>(self)); + return (*this); + } + Modified: head/databases/mysql57-server/files/patch-vio_viosslfactories.c ============================================================================== --- head/databases/mysql57-server/files/patch-vio_viosslfactories.c Wed Feb 3 01:58:48 2021 (r563857) +++ head/databases/mysql57-server/files/patch-vio_viosslfactories.c Wed Feb 3 02:02:58 2021 (r563858) @@ -33,3 +33,30 @@ } return(dh); } +@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi + struct st_VioSSLFd *ssl_fd; + /* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */ + long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 +-#ifdef HAVE_TLSv13 ++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER) + | SSL_OP_NO_TLSv1_3 + #endif /* HAVE_TLSv13 */ + ; +@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi + SSL_OP_NO_TLSv1 | + SSL_OP_NO_TLSv1_1 + | SSL_OP_NO_TLSv1_2 +-#ifdef HAVE_TLSv13 ++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER) + | SSL_OP_NO_TLSv1_3 + #endif /* HAVE_TLSv13 */ + | SSL_OP_NO_TICKET +@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi + + SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options); + +-#ifdef HAVE_TLSv13 ++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER) + /* + MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites. + */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202102030202.11322x79048404>