Commit mysql56, mysql57 and mysql80 to 2021Q1.
https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL Security: 31344707-5d87-11eb-929d-d4c9ef517024 Sponsored by: Netzkommune GmbH
This commit is contained in:
parent
6ee3ed3f93
commit
9a6f14eb15
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/branches/2021Q1/; revision=564147
|
@ -5,9 +5,10 @@
|
|||
)
|
||||
ENDIF()
|
||||
- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
|
||||
- ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
|
||||
+ IF(HAVE_TLS1_3_VERSION)
|
||||
ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
+ #ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
ENDIF()
|
||||
IF(OPENSSL_INCLUDE_DIR AND
|
||||
OPENSSL_LIBRARY AND
|
||||
|
|
|
@ -1,5 +1,14 @@
|
|||
--- vio/viossl.c.orig 2019-11-26 16:53:45 UTC
|
||||
+++ vio/viossl.c
|
||||
@@ -385,7 +385,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
|
||||
DBUG_PRINT("info", ("ssl: 0x%lx timeout: %ld", (long) ssl, timeout));
|
||||
SSL_clear(ssl);
|
||||
SSL_set_fd(ssl, sd);
|
||||
-#if defined(SSL_OP_NO_COMPRESSION)
|
||||
+#if defined(SSL_OP_NO_COMPRESSION) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
SSL_set_options(ssl, SSL_OP_NO_COMPRESSION); /* OpenSSL >= 1.0 only */
|
||||
#elif OPENSSL_VERSION_NUMBER >= 0x00908000L /* workaround for OpenSSL 0.9.8 */
|
||||
sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
|
||||
@@ -403,7 +403,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
|
||||
for (j = 0; j < n; j++)
|
||||
{
|
||||
|
|
|
@ -9,6 +9,15 @@
|
|||
dh->p= p;
|
||||
dh->g= g;
|
||||
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
|
||||
@@ -226,7 +226,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
||||
struct st_VioSSLFd *ssl_fd;
|
||||
/* MySQL 5.6 supports TLS up to v1.2, explicitly disable TLSv1.3. */
|
||||
long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
SSL_OP_NO_TLSv1_3 |
|
||||
#endif /* HAVE_TLSv13 */
|
||||
SSL_OP_NO_TICKET;
|
||||
@@ -250,7 +250,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
||||
DBUG_RETURN(0);
|
||||
|
||||
|
@ -18,3 +27,12 @@
|
|||
SSLv23_client_method() :
|
||||
SSLv23_server_method()
|
||||
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
|
||||
@@ -268,7 +268,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
||||
|
||||
SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
|
||||
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
/*
|
||||
MySQL 5.6 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
|
||||
*/
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
# $FreeBSD$
|
||||
|
||||
PORTNAME?= mysql
|
||||
PORTVERSION= 5.6.50
|
||||
PORTVERSION= 5.6.51
|
||||
PORTREVISION?= 0
|
||||
CATEGORIES= databases
|
||||
MASTER_SITES= MYSQL/MySQL-5.6
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
TIMESTAMP = 1603108497
|
||||
SHA256 (mysql-5.6.50.tar.gz) = efc48d8160a66b50fc498bb42ea730c3b6f30f036b709a7070d356edd645923e
|
||||
SIZE (mysql-5.6.50.tar.gz) = 32409084
|
||||
TIMESTAMP = 1611992804
|
||||
SHA256 (mysql-5.6.51.tar.gz) = 262ccaf2930fca1f33787505dd125a7a04844f40d3421289a51974b5935d9abc
|
||||
SIZE (mysql-5.6.51.tar.gz) = 32411131
|
||||
|
|
|
@ -5,9 +5,10 @@
|
|||
)
|
||||
ENDIF()
|
||||
- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
|
||||
- ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
|
||||
+ IF(HAVE_TLS1_3_VERSION)
|
||||
ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
+ #ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
ENDIF()
|
||||
IF(OPENSSL_INCLUDE_DIR AND
|
||||
OPENSSL_LIBRARY AND
|
||||
|
|
|
@ -1,5 +1,14 @@
|
|||
--- vio/viossl.c.orig 2019-11-26 16:53:45 UTC
|
||||
+++ vio/viossl.c
|
||||
@@ -385,7 +385,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
|
||||
DBUG_PRINT("info", ("ssl: 0x%lx timeout: %ld", (long) ssl, timeout));
|
||||
SSL_clear(ssl);
|
||||
SSL_set_fd(ssl, sd);
|
||||
-#if defined(SSL_OP_NO_COMPRESSION)
|
||||
+#if defined(SSL_OP_NO_COMPRESSION) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
SSL_set_options(ssl, SSL_OP_NO_COMPRESSION); /* OpenSSL >= 1.0 only */
|
||||
#elif OPENSSL_VERSION_NUMBER >= 0x00908000L /* workaround for OpenSSL 0.9.8 */
|
||||
sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
|
||||
@@ -403,7 +403,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
|
||||
for (j = 0; j < n; j++)
|
||||
{
|
||||
|
|
|
@ -9,6 +9,15 @@
|
|||
dh->p= p;
|
||||
dh->g= g;
|
||||
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
|
||||
@@ -226,7 +226,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
||||
struct st_VioSSLFd *ssl_fd;
|
||||
/* MySQL 5.6 supports TLS up to v1.2, explicitly disable TLSv1.3. */
|
||||
long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
SSL_OP_NO_TLSv1_3 |
|
||||
#endif /* HAVE_TLSv13 */
|
||||
SSL_OP_NO_TICKET;
|
||||
@@ -250,7 +250,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
||||
DBUG_RETURN(0);
|
||||
|
||||
|
@ -18,3 +27,12 @@
|
|||
SSLv23_client_method() :
|
||||
SSLv23_server_method()
|
||||
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
|
||||
@@ -268,7 +268,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
||||
|
||||
SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
|
||||
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
/*
|
||||
MySQL 5.6 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
|
||||
*/
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
--- cmake/ssl.cmake.orig 2020-07-08 22:29:14.999896000 +0200
|
||||
+++ cmake/ssl.cmake 2020-07-08 22:44:05.251931000 +0200
|
||||
--- cmake/ssl.cmake.orig 2019-12-06 10:41:47 UTC
|
||||
+++ cmake/ssl.cmake
|
||||
@@ -150,22 +150,12 @@ MACRO (MYSQL_CHECK_SSL)
|
||||
MESSAGE(STATUS "OPENSSL_APPLINK_C ${OPENSSL_APPLINK_C}")
|
||||
ENDIF()
|
||||
|
@ -23,26 +23,32 @@
|
|||
|
||||
IF(OPENSSL_INCLUDE_DIR)
|
||||
# Verify version number. Version information looks like:
|
||||
@@ -193,7 +183,8 @@ MACRO (MYSQL_CHECK_SSL)
|
||||
@@ -193,9 +183,10 @@ MACRO (MYSQL_CHECK_SSL)
|
||||
)
|
||||
SET(OPENSSL_VERSION ${OPENSSL_VERSION} CACHE INTERNAL "")
|
||||
|
||||
- IF("${OPENSSL_VERSION}" VERSION_GREATER "1.1.0")
|
||||
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
|
||||
+ IF(HAVE_TLS1_3_VERSION)
|
||||
ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
SET(HAVE_TLSv13 1)
|
||||
- ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
- SET(HAVE_TLSv13 1)
|
||||
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
|
||||
+ IF(HAVE_TLS1_3_VERSION)
|
||||
+ #ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
+ #SET(HAVE_TLSv13 1)
|
||||
IF(SOLARIS)
|
||||
@@ -204,6 +195,12 @@ MACRO (MYSQL_CHECK_SSL)
|
||||
SET(FORCE_SSL_SOLARIS "-Wl,--undefined,address_of_sk_new_null")
|
||||
ENDIF()
|
||||
@@ -203,7 +204,13 @@ MACRO (MYSQL_CHECK_SSL)
|
||||
IF(OPENSSL_INCLUDE_DIR AND
|
||||
OPENSSL_LIBRARY AND
|
||||
CRYPTO_LIBRARY AND
|
||||
OPENSSL_MAJOR_VERSION STREQUAL "1"
|
||||
+ )
|
||||
+ SET(OPENSSL_FOUND TRUE)
|
||||
+ ELSEIF(OPENSSL_INCLUDE_DIR AND
|
||||
+ OPENSSL_LIBRARY AND
|
||||
+ CRYPTO_LIBRARY AND
|
||||
+ OPENSSL_MAJOR_VERSION STREQUAL "2"
|
||||
- OPENSSL_MAJOR_VERSION STREQUAL "1"
|
||||
+ OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1"
|
||||
+ )
|
||||
+ SET(OPENSSL_FOUND TRUE)
|
||||
+ ELSEIF(OPENSSL_INCLUDE_DIR AND
|
||||
+ OPENSSL_LIBRARY AND
|
||||
+ CRYPTO_LIBRARY AND
|
||||
+ OPENSSL_MAJOR_VERSION STREQUAL "2"
|
||||
)
|
||||
SET(OPENSSL_FOUND TRUE)
|
||||
ELSE()
|
||||
|
|
|
@ -33,3 +33,30 @@
|
|||
}
|
||||
return(dh);
|
||||
}
|
||||
@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
||||
struct st_VioSSLFd *ssl_fd;
|
||||
/* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */
|
||||
long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
| SSL_OP_NO_TLSv1_3
|
||||
#endif /* HAVE_TLSv13 */
|
||||
;
|
||||
@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
||||
SSL_OP_NO_TLSv1 |
|
||||
SSL_OP_NO_TLSv1_1
|
||||
| SSL_OP_NO_TLSv1_2
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
| SSL_OP_NO_TLSv1_3
|
||||
#endif /* HAVE_TLSv13 */
|
||||
| SSL_OP_NO_TICKET
|
||||
@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
||||
|
||||
SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
|
||||
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
/*
|
||||
MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
|
||||
*/
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
# $FreeBSD$
|
||||
|
||||
PORTNAME?= mysql
|
||||
PORTVERSION= 5.7.32
|
||||
PORTVERSION= 5.7.33
|
||||
PORTREVISION?= 0
|
||||
CATEGORIES= databases
|
||||
MASTER_SITES= MYSQL/MySQL-5.7
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
TIMESTAMP = 1603133127
|
||||
SHA256 (mysql-boost-5.7.32.tar.gz) = 9a8a04a2b0116ccff9a8d8aace07aaeaacf47329b701c5dfa9fa4351d3f1933b
|
||||
SIZE (mysql-boost-5.7.32.tar.gz) = 52882168
|
||||
TIMESTAMP = 1612332815
|
||||
SHA256 (mysql-boost-5.7.33.tar.gz) = cfcaf6f37a055d808fe1472eb0359864e2227aa0206c55c4e1961bab2ecc304b
|
||||
SIZE (mysql-boost-5.7.33.tar.gz) = 52912380
|
||||
|
|
|
@ -1,15 +1,42 @@
|
|||
--- cmake/ssl.cmake.orig 2019-12-06 10:41:47 UTC
|
||||
+++ cmake/ssl.cmake
|
||||
@@ -193,7 +193,8 @@ MACRO (MYSQL_CHECK_SSL)
|
||||
@@ -150,22 +150,12 @@ MACRO (MYSQL_CHECK_SSL)
|
||||
MESSAGE(STATUS "OPENSSL_APPLINK_C ${OPENSSL_APPLINK_C}")
|
||||
ENDIF()
|
||||
|
||||
- # On mac this list is <.dylib;.so;.a>
|
||||
- # We prefer static libraries, so we reverse it here.
|
||||
- IF (WITH_SSL_PATH)
|
||||
- LIST(REVERSE CMAKE_FIND_LIBRARY_SUFFIXES)
|
||||
- MESSAGE(STATUS "suffixes <${CMAKE_FIND_LIBRARY_SUFFIXES}>")
|
||||
- ENDIF()
|
||||
-
|
||||
FIND_LIBRARY(OPENSSL_LIBRARY
|
||||
NAMES ssl libssl ssleay32 ssleay32MD
|
||||
HINTS ${OPENSSL_ROOT_DIR}/lib)
|
||||
FIND_LIBRARY(CRYPTO_LIBRARY
|
||||
NAMES crypto libcrypto libeay32
|
||||
HINTS ${OPENSSL_ROOT_DIR}/lib)
|
||||
- IF (WITH_SSL_PATH)
|
||||
- LIST(REVERSE CMAKE_FIND_LIBRARY_SUFFIXES)
|
||||
- ENDIF()
|
||||
|
||||
IF(OPENSSL_INCLUDE_DIR)
|
||||
# Verify version number. Version information looks like:
|
||||
@@ -193,9 +183,10 @@ MACRO (MYSQL_CHECK_SSL)
|
||||
)
|
||||
SET(OPENSSL_VERSION ${OPENSSL_VERSION} CACHE INTERNAL "")
|
||||
|
||||
- IF("${OPENSSL_VERSION}" VERSION_GREATER "1.1.0")
|
||||
- ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
- SET(HAVE_TLSv13 1)
|
||||
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
|
||||
+ IF(HAVE_TLS1_3_VERSION)
|
||||
ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
SET(HAVE_TLSv13 1)
|
||||
+ #ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
+ #SET(HAVE_TLSv13 1)
|
||||
IF(SOLARIS)
|
||||
SET(FORCE_SSL_SOLARIS "-Wl,--undefined,address_of_sk_new_null")
|
||||
ENDIF()
|
||||
@@ -203,7 +204,13 @@ MACRO (MYSQL_CHECK_SSL)
|
||||
IF(OPENSSL_INCLUDE_DIR AND
|
||||
OPENSSL_LIBRARY AND
|
||||
|
|
|
@ -1,5 +1,31 @@
|
|||
--- rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c.orig 2020-03-23 17:35:17 UTC
|
||||
+++ rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
|
||||
@@ -232,7 +232,7 @@ static int configure_ssl_algorithms(SSL_CTX* ssl_ctx,
|
||||
const char* tls_version)
|
||||
{
|
||||
DH *dh= NULL;
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
/* We support TLS up to 1.2, so explicitly disable TLS 1.3. */
|
||||
long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1_3;
|
||||
#else
|
||||
@@ -257,14 +257,14 @@ static int configure_ssl_algorithms(SSL_CTX* ssl_ctx,
|
||||
SSL_OP_NO_TLSv1 |
|
||||
SSL_OP_NO_TLSv1_1
|
||||
| SSL_OP_NO_TLSv1_2
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
| SSL_OP_NO_TLSv1_3
|
||||
#endif /* HAVE_TLSv13 */
|
||||
);
|
||||
|
||||
SSL_CTX_set_options(ssl_ctx, ssl_ctx_options);
|
||||
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
/* We do not support TLS 1.3.
|
||||
Setting empty TLS 1.3 ciphersuites disables them. */
|
||||
if (SSL_CTX_set_ciphersuites(ssl_ctx, "") == 0)
|
||||
@@ -529,7 +529,7 @@ int xcom_init_ssl(const char *server_key_file, const c
|
||||
break e.g. ODBC clients (if the client also uses SSL).
|
||||
*/
|
||||
|
|
|
@ -0,0 +1,11 @@
|
|||
--- sql/locks/shared_spin_lock.cc.orig 2020-12-10 03:01:55 UTC
|
||||
+++ sql/locks/shared_spin_lock.cc
|
||||
@@ -239,7 +239,7 @@ lock::Shared_spin_lock &lock::Shared_spin_lock::try_or
|
||||
{
|
||||
this->spin_exclusive_lock();
|
||||
}
|
||||
- my_atomic_store64(&this->m_exclusive_owner, self);
|
||||
+ my_atomic_store64(&this->m_exclusive_owner, reinterpret_cast<int64>(self));
|
||||
return (*this);
|
||||
}
|
||||
|
|
@ -33,3 +33,30 @@
|
|||
}
|
||||
return(dh);
|
||||
}
|
||||
@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
||||
struct st_VioSSLFd *ssl_fd;
|
||||
/* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */
|
||||
long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
| SSL_OP_NO_TLSv1_3
|
||||
#endif /* HAVE_TLSv13 */
|
||||
;
|
||||
@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
||||
SSL_OP_NO_TLSv1 |
|
||||
SSL_OP_NO_TLSv1_1
|
||||
| SSL_OP_NO_TLSv1_2
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
| SSL_OP_NO_TLSv1_3
|
||||
#endif /* HAVE_TLSv13 */
|
||||
| SSL_OP_NO_TICKET
|
||||
@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
|
||||
|
||||
SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
|
||||
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
/*
|
||||
MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
|
||||
*/
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
# $FreeBSD$
|
||||
|
||||
PORTNAME= mysql
|
||||
PORTREVISION= 1
|
||||
PORTREVISION= 0
|
||||
PKGNAMESUFFIX= 80-client
|
||||
|
||||
COMMENT= Multithreaded SQL database (client)
|
||||
|
|
|
@ -2,8 +2,8 @@
|
|||
# $FreeBSD$
|
||||
|
||||
PORTNAME?= mysql
|
||||
PORTVERSION= 8.0.22
|
||||
PORTREVISION?= 1
|
||||
PORTVERSION= 8.0.23
|
||||
PORTREVISION?= 0
|
||||
CATEGORIES= databases
|
||||
MASTER_SITES= MYSQL/MySQL-8.0
|
||||
PKGNAMESUFFIX?= 80-server
|
||||
|
@ -17,7 +17,7 @@ LICENSE= GPLv2
|
|||
WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}${DISTVERSIONSUFFIX}
|
||||
|
||||
SLAVEDIRS= databases/mysql80-client
|
||||
USES= bison:build cmake:noninja compiler:c++14-lang cpe \
|
||||
USES= bison:build cmake:noninja compiler:c++17-lang cpe \
|
||||
groff:run libedit localbase ncurses perl5 pkgconfig shebangfix ssl
|
||||
|
||||
USE_CXXSTD= c++14
|
||||
|
@ -185,12 +185,21 @@ SUB_LIST+= LEGACY_LIMITS="" MODERN_LIMITS="@comment "
|
|||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if ${CHOSEN_COMPILER_TYPE} == clang && ${OPSYS} == FreeBSD && ${OSVERSION} >= 1300109
|
||||
BUILD_DEPENDS+= clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT}
|
||||
CC= ${LOCALBASE}/bin/clang${LLVM_DEFAULT}
|
||||
.if ${CHOSEN_COMPILER_TYPE} == clang && ${OPSYS} == FreeBSD && ${OSVERSION} >= 1300109 || ${ARCH} == "i386"
|
||||
BUILD_DEPENDS+= clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT}
|
||||
CC= ${LOCALBASE}/bin/clang${LLVM_DEFAULT}
|
||||
CPP= ${LOCALBASE}/bin/clang${LLVM_DEFAULT}
|
||||
CXX= ${LOCALBASE}/bin/clang++${LLVM_DEFAULT}
|
||||
.endif
|
||||
|
||||
.if ${ARCH} == "i386" && ${OSVERSION} < 1200000
|
||||
# clang 7.x and 8.x do not build properly on 11i386
|
||||
CPP= clang-cpp${LLVM_DEFAULT}
|
||||
CC= clang${LLVM_DEFAULT}
|
||||
CXX= clang++${LLVM_DEFAULT}
|
||||
BUILD_DEPENDS+= clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT}
|
||||
.endif
|
||||
|
||||
post-extract:
|
||||
@${RM} -rv ${WRKSRC}/sql/sql_hints.yy.cc ${WRKSRC}/sql/sql_hints.yy.h
|
||||
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
TIMESTAMP = 1603183848
|
||||
SHA256 (mysql-boost-8.0.22.tar.gz) = ba765f74367c638d7cd1c546c05c14382fd997669bcd9680278e907f8d7eb484
|
||||
SIZE (mysql-boost-8.0.22.tar.gz) = 285934450
|
||||
TIMESTAMP = 1611995725
|
||||
SHA256 (mysql-boost-8.0.23.tar.gz) = 1c7a424303c134758e59607a0b3172e43a21a27ff08e8c88c2439ffd4fc724a5
|
||||
SIZE (mysql-boost-8.0.23.tar.gz) = 291039175
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
--- client/CMakeLists.txt.orig 2019-09-20 08:30:51 UTC
|
||||
+++ client/CMakeLists.txt
|
||||
@@ -23,8 +23,11 @@
|
||||
@@ -28,8 +28,11 @@ DISABLE_MISSING_PROFILE_WARNING()
|
||||
## Subdirectory with common client code.
|
||||
ADD_SUBDIRECTORY(base)
|
||||
## Subdirectory for mysqlpump code.
|
||||
|
@ -12,15 +12,15 @@
|
|||
MYSQL_ADD_EXECUTABLE(mysql
|
||||
${CMAKE_SOURCE_DIR}/sql-common/net_ns.cc
|
||||
completion_hash.cc
|
||||
@@ -33,6 +36,7 @@ MYSQL_ADD_EXECUTABLE(mysql
|
||||
readline.cc
|
||||
@@ -39,6 +42,7 @@ MYSQL_ADD_EXECUTABLE(mysql
|
||||
client_query_attributes.cc
|
||||
LINK_LIBRARIES mysqlclient client_base ${EDITLINE_LIBRARY}
|
||||
)
|
||||
+ENDIF()
|
||||
|
||||
IF(NOT WITHOUT_SERVER)
|
||||
MYSQL_ADD_EXECUTABLE(mysql_upgrade
|
||||
@@ -48,6 +52,7 @@ IF(SOLARIS_SPARC AND CMAKE_BUILD_TYPE_UPPER STREQUAL "
|
||||
@@ -55,6 +59,7 @@ IF(SOLARIS_SPARC AND MY_COMPILER_IS_SUNPRO AND
|
||||
)
|
||||
ENDIF()
|
||||
|
||||
|
@ -28,7 +28,7 @@
|
|||
MYSQL_ADD_EXECUTABLE(mysqltest
|
||||
mysqltest.cc
|
||||
mysqltest/error_names.cc
|
||||
@@ -63,6 +68,9 @@ MYSQL_ADD_EXECUTABLE(mysqltest
|
||||
@@ -71,6 +76,9 @@ MYSQL_ADD_EXECUTABLE(mysqltest
|
||||
ENABLE_EXPORTS
|
||||
LINK_LIBRARIES mysqlclient
|
||||
)
|
||||
|
@ -38,15 +38,7 @@
|
|||
MYSQL_ADD_EXECUTABLE(mysqlcheck
|
||||
check/mysqlcheck.cc
|
||||
check/mysqlcheck_core.cc
|
||||
@@ -80,6 +88,7 @@ MYSQL_ADD_EXECUTABLE(mysqlshow
|
||||
mysqlshow.cc
|
||||
LINK_LIBRARIES mysqlclient
|
||||
)
|
||||
+
|
||||
MYSQL_ADD_EXECUTABLE(mysqlbinlog
|
||||
mysqlbinlog.cc
|
||||
${CMAKE_SOURCE_DIR}/sql/json_binary.cc
|
||||
@@ -104,7 +113,9 @@ MYSQL_ADD_EXECUTABLE(mysqlbinlog
|
||||
@@ -246,7 +254,9 @@ ENDIF()
|
||||
|
||||
TARGET_COMPILE_DEFINITIONS(mysqlbinlog PRIVATE DISABLE_PSI_MUTEX)
|
||||
TARGET_INCLUDE_DIRECTORIES(mysqlbinlog PRIVATE ${CMAKE_SOURCE_DIR}/sql)
|
||||
|
@ -56,7 +48,7 @@
|
|||
MYSQL_ADD_EXECUTABLE(mysqladmin
|
||||
mysqladmin.cc
|
||||
LINK_LIBRARIES mysqlclient
|
||||
@@ -117,6 +128,9 @@ MYSQL_ADD_EXECUTABLE(mysql_config_editor
|
||||
@@ -259,6 +269,9 @@ MYSQL_ADD_EXECUTABLE(mysql_config_editor
|
||||
mysql_config_editor.cc
|
||||
LINK_LIBRARIES mysqlclient
|
||||
)
|
||||
|
@ -66,7 +58,7 @@
|
|||
MYSQL_ADD_EXECUTABLE(mysql_secure_installation
|
||||
mysql_secure_installation.cc
|
||||
LINK_LIBRARIES mysqlclient
|
||||
@@ -127,6 +141,7 @@ MYSQL_ADD_EXECUTABLE(mysql_ssl_rsa_setup
|
||||
@@ -269,6 +282,7 @@ MYSQL_ADD_EXECUTABLE(mysql_ssl_rsa_setup
|
||||
path.cc
|
||||
LINK_LIBRARIES mysys
|
||||
)
|
||||
|
|
|
@ -9,14 +9,15 @@
|
|||
)
|
||||
STRING(REGEX REPLACE
|
||||
"^.*OPENSSL_VERSION_NUMBER[\t ]+0x([0-9]).*$" "\\1"
|
||||
@@ -214,13 +214,14 @@ MACRO (MYSQL_CHECK_SSL)
|
||||
@@ -222,13 +222,14 @@ MACRO (MYSQL_CHECK_SSL)
|
||||
OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
|
||||
)
|
||||
ENDIF()
|
||||
- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
|
||||
- ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
|
||||
+ IF(HAVE_TLS1_3_VERSION)
|
||||
ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
+ #ADD_DEFINITIONS(-DHAVE_TLSv13)
|
||||
ENDIF()
|
||||
IF(OPENSSL_INCLUDE_DIR AND
|
||||
OPENSSL_LIBRARY AND
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
--- man/CMakeLists.txt.orig 2020-10-20 11:47:42.675974000 +0200
|
||||
+++ man/CMakeLists.txt 2020-10-20 13:53:03.993879000 +0200
|
||||
@@ -23,21 +23,10 @@
|
||||
@@ -23,26 +23,14 @@
|
||||
# Copy man pages
|
||||
SET(MAN1
|
||||
comp_err.1
|
||||
|
@ -22,6 +22,11 @@
|
|||
mysqladmin.1
|
||||
mysqlbinlog.1
|
||||
mysqlcheck.1
|
||||
mysqldump.1
|
||||
- mysqldumpslow.1
|
||||
mysqlimport.1
|
||||
mysqlman.1
|
||||
mysqlpump.1
|
||||
@@ -52,13 +41,23 @@ SET(MAN1
|
||||
zlib_decompress.1
|
||||
)
|
||||
|
|
|
@ -1,6 +1,51 @@
|
|||
--- plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.cc.orig 2019-09-20 08:30:51 UTC
|
||||
+++ plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.cc
|
||||
@@ -329,6 +329,7 @@ error:
|
||||
@@ -175,7 +175,7 @@ SSL_CTX *client_ctx = NULL;
|
||||
static long process_tls_version(const char *tls_version) {
|
||||
const char *separator = ", ";
|
||||
char *token = NULL;
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
const char *tls_version_name_list[] = {"TLSv1", "TLSv1.1", "TLSv1.2",
|
||||
"TLSv1.3"};
|
||||
#else
|
||||
@@ -184,7 +184,7 @@ static long process_tls_version(const char *tls_versio
|
||||
#define TLS_VERSIONS_COUNTS \
|
||||
(sizeof(tls_version_name_list) / sizeof(*tls_version_name_list))
|
||||
unsigned int tls_versions_count = TLS_VERSIONS_COUNTS;
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
const long tls_ctx_list[TLS_VERSIONS_COUNTS] = {
|
||||
SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3};
|
||||
const char *ctx_flag_default = "TLSv1,TLSv1.1,TLSv1.2,TLSv1.3";
|
||||
@@ -240,7 +240,7 @@ static int configure_ssl_algorithms(
|
||||
long ssl_ctx_options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
|
||||
char cipher_list[SSL_CIPHER_LIST_SIZE] = {0};
|
||||
long ssl_ctx_flags = -1;
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
int tlsv1_3_enabled = 0;
|
||||
#endif /* HAVE_TLSv13 */
|
||||
|
||||
@@ -253,7 +253,7 @@ static int configure_ssl_algorithms(
|
||||
goto error;
|
||||
}
|
||||
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
ssl_ctx_options = (ssl_ctx_options | ssl_ctx_flags) &
|
||||
(SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
|
||||
SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
|
||||
@@ -265,7 +265,7 @@ static int configure_ssl_algorithms(
|
||||
|
||||
SSL_CTX_set_options(ssl_ctx, ssl_ctx_options);
|
||||
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
tlsv1_3_enabled = ((ssl_ctx_options & SSL_OP_NO_TLSv1_3) == 0);
|
||||
if (tlsv1_3_enabled) {
|
||||
/* Set OpenSSL TLS v1.3 ciphersuites.
|
||||
@@ -325,6 +325,7 @@ error:
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -8,7 +53,7 @@
|
|||
#define OPENSSL_ERROR_LENGTH 512
|
||||
static int configure_ssl_fips_mode(const uint fips_mode) {
|
||||
int rc = -1;
|
||||
@@ -352,6 +353,7 @@ static int configure_ssl_fips_mode(const uint fips_mod
|
||||
@@ -348,6 +349,7 @@ static int configure_ssl_fips_mode(const uint fips_mod
|
||||
EXIT:
|
||||
return rc;
|
||||
}
|
||||
|
@ -16,7 +61,7 @@
|
|||
|
||||
static int configure_ssl_ca(SSL_CTX *ssl_ctx, const char *ca_file,
|
||||
const char *ca_path) {
|
||||
@@ -555,10 +557,12 @@ int xcom_init_ssl(const char *server_key_file, const c
|
||||
@@ -544,10 +546,12 @@ int xcom_init_ssl(const char *server_key_file, const c
|
||||
int verify_server = SSL_VERIFY_NONE;
|
||||
int verify_client = SSL_VERIFY_NONE;
|
||||
|
||||
|
@ -29,3 +74,21 @@
|
|||
|
||||
SSL_library_init();
|
||||
SSL_load_error_strings();
|
||||
@@ -563,7 +567,7 @@ int xcom_init_ssl(const char *server_key_file, const c
|
||||
}
|
||||
|
||||
G_DEBUG("Configuring SSL for the server")
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
server_ctx = SSL_CTX_new(TLS_server_method());
|
||||
#else
|
||||
server_ctx = SSL_CTX_new(SSLv23_server_method());
|
||||
@@ -582,7 +586,7 @@ int xcom_init_ssl(const char *server_key_file, const c
|
||||
SSL_CTX_set_verify(server_ctx, verify_server, NULL);
|
||||
|
||||
G_DEBUG("Configuring SSL for the client")
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
client_ctx = SSL_CTX_new(TLS_client_method());
|
||||
#else
|
||||
client_ctx = SSL_CTX_new(SSLv23_client_method());
|
||||
|
|
|
@ -8,7 +8,15 @@
|
|||
)
|
||||
ELSE()
|
||||
INSTALL(TARGETS harness-library
|
||||
@@ -240,5 +239,4 @@ INSTALL(TARGETS harness_stdx
|
||||
@@ -240,7 +239,6 @@ INSTALL(TARGETS harness_stdx
|
||||
RUNTIME DESTINATION ${ROUTER_INSTALL_BINDIR} COMPONENT Router
|
||||
ARCHIVE DESTINATION ${ROUTER_INSTALL_LIBDIR} COMPONENT Router
|
||||
LIBRARY DESTINATION ${ROUTER_INSTALL_LIBDIR} COMPONENT Router
|
||||
- NAMELINK_SKIP
|
||||
)
|
||||
|
||||
## harness_tls
|
||||
@@ -277,5 +275,4 @@ INSTALL(TARGETS harness_tls
|
||||
RUNTIME DESTINATION ${ROUTER_INSTALL_BINDIR} COMPONENT Router
|
||||
ARCHIVE DESTINATION ${ROUTER_INSTALL_LIBDIR} COMPONENT Router
|
||||
LIBRARY DESTINATION ${ROUTER_INSTALL_LIBDIR} COMPONENT Router
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
--- router/src/http/src/tls_client_context.cc.orig 2019-09-20 08:30:51 UTC
|
||||
+++ router/src/http/src/tls_client_context.cc
|
||||
--- router/src/harness/src/tls_client_context.cc.orig 2019-09-20 08:30:51 UTC
|
||||
+++ router/src/harness/src/tls_client_context.cc
|
||||
@@ -54,7 +54,7 @@ void TlsClientContext::verify(TlsVerify verify) {
|
||||
|
||||
void TlsClientContext::cipher_suites(const std::string &ciphers) {
|
|
@ -1,5 +1,5 @@
|
|||
--- router/src/http/src/tls_context.cc.orig 2019-09-20 08:30:51 UTC
|
||||
+++ router/src/http/src/tls_context.cc
|
||||
--- router/src/harness/src/tls_context.cc.orig 2019-09-20 08:30:51 UTC
|
||||
+++ router/src/harness/src/tls_context.cc
|
||||
@@ -91,7 +91,7 @@ static constexpr int o11x_version(TlsVersion version)
|
||||
return TLS1_1_VERSION;
|
||||
case TlsVersion::TLS_1_2:
|
|
@ -1,5 +1,5 @@
|
|||
--- router/src/http/src/tls_server_context.cc.orig 2019-09-20 08:30:51 UTC
|
||||
+++ router/src/http/src/tls_server_context.cc
|
||||
--- router/src/harness/src/tls_server_context.cc.orig 2019-09-20 08:30:51 UTC
|
||||
+++ router/src/harness/src/tls_server_context.cc
|
||||
@@ -166,7 +166,8 @@ void TlsServerContext::init_tmp_dh(const std::string &
|
||||
}
|
||||
|
18
databases/mysql80-server/files/patch-sql_item.h
Normal file
18
databases/mysql80-server/files/patch-sql_item.h
Normal file
|
@ -0,0 +1,18 @@
|
|||
--- sql/item.h.orig 2020-12-11 07:42:20 UTC
|
||||
+++ sql/item.h
|
||||
@@ -3380,13 +3380,13 @@ class Item_sp_variable : public Item {
|
||||
Name_string m_name;
|
||||
|
||||
public:
|
||||
-#ifndef DBUG_OFF
|
||||
+//#ifndef DBUG_OFF
|
||||
/*
|
||||
Routine to which this Item_splocal belongs. Used for checking if correct
|
||||
runtime context is used for variable handling.
|
||||
*/
|
||||
sp_head *m_sp{nullptr};
|
||||
-#endif
|
||||
+//#endif
|
||||
|
||||
public:
|
||||
Item_sp_variable(const Name_string sp_var_name);
|
20
databases/mysql80-server/files/patch-ssl__init__callback.cc
Normal file
20
databases/mysql80-server/files/patch-ssl__init__callback.cc
Normal file
|
@ -0,0 +1,20 @@
|
|||
--- sql/ssl_init_callback.cc.orig 2020-12-11 07:42:20 UTC
|
||||
+++ sql/ssl_init_callback.cc
|
||||
@@ -88,7 +88,7 @@ static Sys_var_charptr Sys_tls_version(
|
||||
"TLS version, permitted values are TLSv1, TLSv1.1, TLSv1.2, TLSv1.3",
|
||||
PERSIST_AS_READONLY GLOBAL_VAR(opt_tls_version),
|
||||
CMD_LINE(REQUIRED_ARG, OPT_TLS_VERSION), IN_FS_CHARSET,
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
"TLSv1,TLSv1.1,TLSv1.2,TLSv1.3",
|
||||
#else
|
||||
"TLSv1,TLSv1.1,TLSv1.2",
|
||||
@@ -154,7 +154,7 @@ static Sys_var_charptr Sys_admin_tls_version(
|
||||
"TLSv1.2, TLSv1.3",
|
||||
PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_tls_version),
|
||||
CMD_LINE(REQUIRED_ARG, OPT_TLS_VERSION), IN_FS_CHARSET,
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
"TLSv1,TLSv1.1,TLSv1.2,TLSv1.3",
|
||||
#else
|
||||
"TLSv1,TLSv1.1,TLSv1.2",
|
|
@ -1,14 +1,14 @@
|
|||
--- vio/viosslfactories.cc.orig 2019-09-20 08:30:51 UTC
|
||||
+++ vio/viosslfactories.cc
|
||||
@@ -38,6 +38,7 @@
|
||||
@@ -40,6 +40,7 @@
|
||||
#include "vio/vio_priv.h"
|
||||
|
||||
#ifdef HAVE_OPENSSL
|
||||
#include <openssl/dh.h>
|
||||
+#include <openssl/crypto.h>
|
||||
|
||||
#define TLS_VERSION_OPTION_SIZE 256
|
||||
#define SSL_CIPHER_LIST_SIZE 4096
|
||||
@@ -420,6 +421,7 @@ void ssl_start() {
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10002000L
|
||||
#include <openssl/ec.h>
|
||||
@@ -472,6 +473,7 @@ void ssl_start() {
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -16,7 +16,7 @@
|
|||
/**
|
||||
Set fips mode in openssl library,
|
||||
When we set fips mode ON/STRICT, it will perform following operations:
|
||||
@@ -473,6 +475,7 @@ EXIT:
|
||||
@@ -525,12 +527,13 @@ EXIT:
|
||||
@returns openssl current fips mode
|
||||
*/
|
||||
uint get_fips_mode() { return FIPS_mode(); }
|
||||
|
@ -24,3 +24,37 @@
|
|||
|
||||
long process_tls_version(const char *tls_version) {
|
||||
const char *separator = ",";
|
||||
char *token, *lasts = nullptr;
|
||||
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
const char *tls_version_name_list[] = {"TLSv1", "TLSv1.1", "TLSv1.2",
|
||||
"TLSv1.3"};
|
||||
const char ctx_flag_default[] = "TLSv1,TLSv1.1,TLSv1.2,TLSv1.3";
|
||||
@@ -609,7 +612,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
|
||||
ssl_ctx_options = (ssl_ctx_options | ssl_ctx_flags) &
|
||||
(SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
|
||||
SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
| SSL_OP_NO_TLSv1_3
|
||||
#endif /* HAVE_TLSv13 */
|
||||
| SSL_OP_NO_TICKET);
|
||||
@@ -618,7 +621,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
|
||||
return nullptr;
|
||||
|
||||
if (!(ssl_fd->ssl_context = SSL_CTX_new(is_client ?
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
TLS_client_method()
|
||||
: TLS_server_method()
|
||||
#else /* HAVE_TLSv13 */
|
||||
@@ -633,7 +636,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
-#ifdef HAVE_TLSv13
|
||||
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
/*
|
||||
Set OpenSSL TLS v1.3 ciphersuites.
|
||||
Note that an empty list is permissible.
|
||||
|
|
|
@ -26,6 +26,8 @@ lib/mysql/libmysqlharness.so
|
|||
lib/mysql/libmysqlharness.so.1
|
||||
lib/mysql/libmysqlharness_stdx.so
|
||||
lib/mysql/libmysqlharness_stdx.so.1
|
||||
lib/mysql/libmysqlharness_tls.so
|
||||
lib/mysql/libmysqlharness_tls.so.1
|
||||
lib/mysql/libmysqlrouter.so
|
||||
lib/mysql/libmysqlrouter.so.1
|
||||
lib/mysql/libmysqlrouter_http.so
|
||||
|
@ -42,12 +44,12 @@ lib/mysql/mysqlrouter/http_server.so
|
|||
lib/mysql/mysqlrouter/io.so
|
||||
lib/mysql/mysqlrouter/keepalive.so
|
||||
lib/mysql/mysqlrouter/metadata_cache.so
|
||||
lib/mysql/mysqlrouter/mysql_protocol.so
|
||||
lib/mysql/mysqlrouter/rest_api.so
|
||||
lib/mysql/mysqlrouter/rest_metadata_cache.so
|
||||
lib/mysql/mysqlrouter/rest_router.so
|
||||
lib/mysql/mysqlrouter/rest_routing.so
|
||||
lib/mysql/mysqlrouter/router_protobuf.so
|
||||
lib/mysql/mysqlrouter/router_openssl.so
|
||||
lib/mysql/mysqlrouter/routing.so
|
||||
lib/mysql/plugin/adt_null.so
|
||||
lib/mysql/plugin/auth.so
|
||||
|
@ -64,6 +66,8 @@ lib/mysql/plugin/component_mysqlbackup.so
|
|||
lib/mysql/plugin/component_mysqlx_global_reset.so
|
||||
lib/mysql/plugin/component_pfs_example.so
|
||||
lib/mysql/plugin/component_pfs_example_component_population.so
|
||||
lib/mysql/plugin/component_query_attributes.so
|
||||
lib/mysql/plugin/component_reference_cache.so
|
||||
lib/mysql/plugin/component_test_audit_api_message.so
|
||||
lib/mysql/plugin/component_test_backup_lock_service.so
|
||||
lib/mysql/plugin/component_test_component_deinit.so
|
||||
|
@ -124,6 +128,7 @@ lib/mysql/plugin/libtest_sql_processlist.so
|
|||
lib/mysql/plugin/libtest_sql_replication.so
|
||||
lib/mysql/plugin/libtest_sql_reset_connection.so
|
||||
lib/mysql/plugin/libtest_sql_shutdown.so
|
||||
lib/mysql/plugin/libtest_sql_sleep_is_connected.so
|
||||
lib/mysql/plugin/libtest_sql_sqlmode.so
|
||||
lib/mysql/plugin/libtest_sql_stmt.so
|
||||
lib/mysql/plugin/libtest_sql_stored_procedures_functions.so
|
||||
|
|
Loading…
Reference in New Issue
Block a user