- Update Percona Server/Client to 5.7.28-31 release [1]

* When using skip-innodb_doublewrite in my.cnf, a parallel doublewrite buffer is still created. Bugs fixed #3411. * During a binlogging replication event, if the master crashes after the multi-threaded slave has begun copying to the slave’s relay log and before the process has completed, a STOP SLAVE on the slave takes longer than expected. Bug fixed #5824. * If pam_krb5 is configured to allow the user to change their password, and the password expired, the server crashed after receiving the new password. Bug fixed #6023. - Provide LibreSSL support [2] - Take maintainership. feld@ didn't pet the ports for almost two years, all updates was committed with maintainer timeout PR: 242649 Submitted by: Igor Zabelin [1]. fluffy@ [2] Approved by: maintainer (feld@, timeout >2 weeks)
svn path=/head/; revision=521589
2019-12-31 04:42:42 +00:00 · 2019-12-31 04:42:42 +00:00 · 841ac9b302 · 2021-03-31 03:12:20 +00:00
commit 841ac9b302
parent f81a965c61
10 changed files with 108 additions and 20 deletions
--- a/databases/percona57-client/files/patch-cmake_ssl.cmake
+++ b/databases/percona57-client/files/patch-cmake_ssl.cmake
@ -0,0 +1,22 @@
+--- cmake/ssl.cmake.orig	2019-11-09 00:33:40.000000000 +1000
+++ cmake/ssl.cmake	2019-12-13 23:08:53.686402000 +1000
+@@ -189,7 +189,8 @@ MACRO (MYSQL_CHECK_SSL)
+         OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
+         )
+     ENDIF()
+-    IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
+    CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+    IF(HAVE_TLS1_3_VERSION)
+        ADD_DEFINITIONS(-DHAVE_TLSv13)
+        SET(HAVE_TLSv13 1)
+        IF(SOLARIS)
+@@ -198,8 +199,7 @@ MACRO (MYSQL_CHECK_SSL)
+     ENDIF()
+     IF(OPENSSL_INCLUDE_DIR AND
+        OPENSSL_LIBRARY   AND
+-       CRYPTO_LIBRARY      AND
+-       OPENSSL_MAJOR_VERSION STREQUAL "1"
+       CRYPTO_LIBRARY
+       )
+       SET(OPENSSL_FOUND TRUE)
+     ELSE()
--- a/databases/percona57-client/files/patch-mysys__ssl_my__crypt.cc
+++ b/databases/percona57-client/files/patch-mysys__ssl_my__crypt.cc
@ -0,0 +1,21 @@
+--- mysys_ssl/my_crypt.cc.orig	2019-05-16 05:06:00 UTC
+++ mysys_ssl/my_crypt.cc
+@@ -30,7 +30,7 @@
+ #include <boost/move/unique_ptr.hpp>
+ #include <boost/core/noncopyable.hpp>
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf)
+ #define RAND_OpenSSL() RAND_SSLeay()
+ #endif
+@@ -95,7 +95,8 @@ MyEncryptionCTX::MyEncryptionCTX()
+ MyEncryptionCTX::~MyEncryptionCTX()
+ {
+   
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
+    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02090000fL)
+   EVP_CIPHER_CTX_cleanup(ctx);
+   delete ctx;
+   ERR_remove_thread_state(0);
--- a/databases/percona57-client/files/patch-sql_auth_sha2passwordcommon.cc
+++ b/databases/percona57-client/files/patch-sql_auth_sha2passwordcommon.cc
@ -0,0 +1,12 @@
+--- sql/auth/sha2_password_common.cc.orig	2019-05-16 05:06:00 UTC
+++ sql/auth/sha2_password_common.cc
+@@ -146,7 +146,8 @@ bool SHA256_digest::retrieve_digest(unsigned char *dig
+     DBUG_RETURN(true);
+   }
+   m_ok= EVP_DigestFinal_ex(md_context, m_digest, NULL);
+-#if defined(HAVE_WOLFSSL) || OPENSSL_VERSION_NUMBER < 0x10100000L
+#if defined(HAVE_WOLFSSL) || OPENSSL_VERSION_NUMBER < 0x10100000L || \
+    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL)
+   EVP_MD_CTX_cleanup(md_context);
+ #else  /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   EVP_MD_CTX_reset(md_context);
--- a/databases/percona57-client/files/patch-vio_viosslfactories.c
+++ b/databases/percona57-client/files/patch-vio_viosslfactories.c
@ -0,0 +1,11 @@
+--- vio/viosslfactories.c.orig	2019-05-16 05:06:00 UTC
+++ vio/viosslfactories.c
+@@ -123,7 +123,7 @@ static DH *get_dh2048(void)
+   {
+     BIGNUM* p= BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
+     BIGNUM* g= BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+     dh->p= p;
+     dh->g= g;
+     if (! dh->p || ! dh->g)
--- a/databases/percona57-server/Makefile
+++ b/databases/percona57-server/Makefile
@ -2,7 +2,7 @@
 # $FreeBSD$

 PORTNAME?=	percona
-DISTVERSION=	5.7.27-30
+DISTVERSION=	5.7.28-31
 PORTREVISION?=	0
 CATEGORIES=	databases
 MASTER_SITES=	http://www.percona.com/downloads/Percona-Server-5.7/Percona-Server-${DISTVERSION}/source/tarball/:percona \
@ -12,7 +12,7 @@ DISTNAME=	percona-server-${DISTVERSION}
 DISTFILES=	percona-server-${DISTVERSION}${EXTRACT_SUFX}:percona \
 		boost_1_59_0${EXTRACT_SUFX}:boost

-MAINTAINER=	feld@FreeBSD.org
+MAINTAINER=	fluffy@FreeBSD.org
 COMMENT?=	Multithreaded SQL database (server)

 LICENSE?=	GPLv2+
@ -24,7 +24,7 @@ LIB_DEPENDS=	libevent.so:devel/libevent \
 SLAVEDIRS=	databases/percona57-client \
 		databases/percona57-pam-for-mysql
 USES=		bison:build cmake:insource,noninja compiler:c11 \
-		cpe libedit localbase perl5 shebangfix
+		cpe libedit localbase perl5 shebangfix ssl

 MY_DBDIR=	/var/db/mysql
 MY_SECDIR=	/var/db/mysql_secure
@ -45,7 +45,7 @@ CMAKE_ARGS+=	-DINSTALL_LAYOUT=FREEBSD \
 		-DINSTALL_MYSQLDATADIR="/var/db/mysql" \
 		-DINSTALL_SECURE_FILE_PRIVDIR="${MY_SECDIR}" \
 		-DINSTALL_MYSQLSHAREDIR="share/mysql" \
-		-DINSTALL_MYSQLTESTDIR="${MY_TESTDIR}" \
+		-DINSTALL_MYSQLTESTDIR=0 \
 		-DINSTALL_PLUGINDIR="lib/mysql/plugin" \
 		-DINSTALL_SBINDIR="libexec" \
 		-DINSTALL_SCRIPTDIR="bin" \
@ -131,11 +131,11 @@ CMAKE_ARGS+=	-DWITH_AUTHENTICATION_LDAP=0

 .include <bsd.port.options.mk>

-.if !${SSL_DEFAULT:Mlibressl*}
-MY_TESTDIR=	"share/mysql/tests"
-.else
-MY_TESTDIR=	""
-.endif
+#.if !${SSL_DEFAULT:Mlibressl*}
+#MY_TESTDIR=	"share/mysql/tests"
+#.else
+#MY_TESTDIR=	""
+#.endif

 .if ${OPSYS} == FreeBSD && ${OSVERSION} >= 1200057
 SUB_LIST+=	LEGACY_LIMITS="@comment " MODERN_LIMITS=""
--- a/databases/percona57-server/distinfo
+++ b/databases/percona57-server/distinfo
@ -1,5 +1,5 @@
-TIMESTAMP = 1567963686
-SHA256 (percona-server-5.7.27-30.tar.gz) = b50dff3d222c6444468ff328c652df24a81103627c9da2fa98ee878b8f65a226
-SIZE (percona-server-5.7.27-30.tar.gz) = 84672298
+TIMESTAMP = 1576055476
+SHA256 (percona-server-5.7.28-31.tar.gz) = 8a55a37b494086850ff3699d4f1ef39b2cfe9aa4d35662505dc372ccb9cb283f
+SIZE (percona-server-5.7.28-31.tar.gz) = 84704254
 SHA256 (boost_1_59_0.tar.gz) = 47f11c8844e579d02691a607fbd32540104a9ac7a2534a8ddaef50daf502baac
 SIZE (boost_1_59_0.tar.gz) = 83709983
--- a/databases/percona57-server/files/patch-client_CMakeLists.txt
+++ b/databases/percona57-server/files/patch-client_CMakeLists.txt
@ -47,7 +47,7 @@
@@ -97,9 +100,12 @@ TARGET_LINK_LIBRARIES(mysqlslap perconas
 
 MYSQL_ADD_EXECUTABLE(mysql_config_editor mysql_config_editor.cc)
- TARGET_LINK_LIBRARIES(mysql_config_editor perconaserverclient)
+ TARGET_LINK_LIBRARIES(mysql_config_editor ${FORCE_SSL_SOLARIS} perconaserverclient)
 +ENDIF()
 
 +IF(FALSE)
--- a/databases/percona57-server/files/patch-cmake_ssl.cmake
+++ b/databases/percona57-server/files/patch-cmake_ssl.cmake
@ -0,0 +1,22 @@
+--- cmake/ssl.cmake.orig	2019-11-09 00:33:40.000000000 +1000
+++ cmake/ssl.cmake	2019-12-13 23:08:53.686402000 +1000
+@@ -189,7 +189,8 @@ MACRO (MYSQL_CHECK_SSL)
+         OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
+         )
+     ENDIF()
+-    IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
+    CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+    IF(HAVE_TLS1_3_VERSION)
+        ADD_DEFINITIONS(-DHAVE_TLSv13)
+        SET(HAVE_TLSv13 1)
+        IF(SOLARIS)
+@@ -198,8 +199,7 @@ MACRO (MYSQL_CHECK_SSL)
+     ENDIF()
+     IF(OPENSSL_INCLUDE_DIR AND
+        OPENSSL_LIBRARY   AND
+-       CRYPTO_LIBRARY      AND
+-       OPENSSL_MAJOR_VERSION STREQUAL "1"
+       CRYPTO_LIBRARY
+       )
+       SET(OPENSSL_FOUND TRUE)
+     ELSE()
--- a/databases/percona57-server/files/patch-libmysql_CMakeLists.txt
+++ b/databases/percona57-server/files/patch-libmysql_CMakeLists.txt
@ -4,21 +4,21 @@
 ADD_SUBDIRECTORY(authentication_ldap)
   
 # Merge several convenience libraries into one big perconaserverclient
-MERGE_CONVENIENCE_LIBRARIES(perconaserverclient ${LIBS} COMPONENT Development)
-+MERGE_CONVENIENCE_LIBRARIES(perconaserverclient ${LIBS} COMPONENT Development SKIP_INSTALL)
- 
+-MERGE_CONVENIENCE_LIBRARIES(perconaserverclient ${LIBS_TO_MERGE} COMPONENT Development)
+MERGE_CONVENIENCE_LIBRARIES(perconaserverclient ${LIBS_TO_MERGE} COMPONENT Development SKIP_INSTALL)
+ TARGET_LINK_LIBRARIES(perconaserverclient ${LIBS_TO_LINK})
+
 # Visual Studio users need debug  static library for debug projects
- IF(MSVC)
@@ -271,7 +271,8 @@
   # and link them together into shared library.
-   MERGE_LIBRARIES_SHARED(libmysql ${LIBS}
+   MERGE_LIBRARIES_SHARED(libmysql ${LIBS_TO_MERGE}
     EXPORTS ${CLIENT_API_FUNCTIONS} ${CLIENT_API_FUNCTIONS_UNDOCUMENTED}
 -    COMPONENT SharedLibraries)
 +    COMPONENT SharedLibraries SKIP_INSTALL)
+   TARGET_LINK_LIBRARIES(libmysql ${LIBS_TO_LINK})
 +IF(FALSE)
   IF(UNIX)
     # libtool compatability
-     IF(CMAKE_SYSTEM_NAME MATCHES "FreeBSD" OR APPLE)
@@ -327,6 +328,7 @@
 # to initialize api_calls[] array in api_test.c
 #
--- a/databases/percona57-server/files/patch-sql_mysqld.cc
+++ b/databases/percona57-server/files/patch-sql_mysqld.cc
@ -20,11 +20,11 @@
@@ -3678,6 +3688,7 @@ static int init_ssl()
 {
 #ifdef HAVE_OPENSSL
- #ifndef HAVE_YASSL
 +#ifndef LIBRESSL_VERSION_NUMBER
   int fips_mode= FIPS_mode();
   if (fips_mode != 0)
   {
+     /* FIPS is enabled, Log warning and Disable it now */
@@ -3687,7 +3698,9 @@ static int init_ssl()
         " Disabling FIPS.");
     FIPS_mode_set(0);