cpet/freebsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Commit mysql56, mysql57 and mysql80 to 2021Q1.

Browse Source 
https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL

Security:	31344707-5d87-11eb-929d-d4c9ef517024
Sponsored by:	Netzkommune GmbH
This commit is contained in:
Jochen Neumeister 2021-02-05 18:45:03 +00:00
parent 6ee3ed3f93
commit 9a6f14eb15
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/branches/2021Q1/; revision=564147
31 changed files with 409 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
databases/mysql56-client/files/patch-cmake_ssl.cmake
View File

@ -5,9 +5,10 @@
)
ENDIF()
- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
- ADD_DEFINITIONS(-DHAVE_TLSv13)
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+ IF(HAVE_TLS1_3_VERSION)
ADD_DEFINITIONS(-DHAVE_TLSv13)
+ #ADD_DEFINITIONS(-DHAVE_TLSv13)
ENDIF()
IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND

9
databases/mysql56-client/files/patch-vio_viossl.c
View File

@ -1,5 +1,14 @@
--- vio/viossl.c.orig 2019-11-26 16:53:45 UTC
+++ vio/viossl.c
@@ -385,7 +385,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
DBUG_PRINT("info", ("ssl: 0x%lx timeout: %ld", (long) ssl, timeout));
SSL_clear(ssl);
SSL_set_fd(ssl, sd);
-#if defined(SSL_OP_NO_COMPRESSION)
+#if defined(SSL_OP_NO_COMPRESSION) && !defined(LIBRESSL_VERSION_NUMBER)
SSL_set_options(ssl, SSL_OP_NO_COMPRESSION); /* OpenSSL >= 1.0 only */
#elif OPENSSL_VERSION_NUMBER >= 0x00908000L /* workaround for OpenSSL 0.9.8 */
sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
@@ -403,7 +403,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
for (j = 0; j < n; j++)
{

18
databases/mysql56-client/files/patch-vio_viosslfactories.c
View File

@ -9,6 +9,15 @@
dh->p= p;
dh->g= g;
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -226,7 +226,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
struct st_VioSSLFd *ssl_fd;
/* MySQL 5.6 supports TLS up to v1.2, explicitly disable TLSv1.3. */
long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
SSL_OP_NO_TLSv1_3 |
#endif /* HAVE_TLSv13 */
SSL_OP_NO_TICKET;
@@ -250,7 +250,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
DBUG_RETURN(0);
@ -18,3 +27,12 @@
SSLv23_client_method() :
SSLv23_server_method()
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -268,7 +268,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
/*
MySQL 5.6 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
*/

2
databases/mysql56-server/Makefile
View File

@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME?= mysql
PORTVERSION= 5.6.50
PORTVERSION= 5.6.51
PORTREVISION?= 0
CATEGORIES= databases
MASTER_SITES= MYSQL/MySQL-5.6

6
databases/mysql56-server/distinfo
View File

@ -1,3 +1,3 @@
TIMESTAMP = 1603108497
SHA256 (mysql-5.6.50.tar.gz) = efc48d8160a66b50fc498bb42ea730c3b6f30f036b709a7070d356edd645923e
SIZE (mysql-5.6.50.tar.gz) = 32409084
TIMESTAMP = 1611992804
SHA256 (mysql-5.6.51.tar.gz) = 262ccaf2930fca1f33787505dd125a7a04844f40d3421289a51974b5935d9abc
SIZE (mysql-5.6.51.tar.gz) = 32411131

3
databases/mysql56-server/files/patch-cmake_ssl.cmake
View File

@ -5,9 +5,10 @@
)
ENDIF()
- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
- ADD_DEFINITIONS(-DHAVE_TLSv13)
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+ IF(HAVE_TLS1_3_VERSION)
ADD_DEFINITIONS(-DHAVE_TLSv13)
+ #ADD_DEFINITIONS(-DHAVE_TLSv13)
ENDIF()
IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND

9
databases/mysql56-server/files/patch-vio_viossl.c
View File

@ -1,5 +1,14 @@
--- vio/viossl.c.orig 2019-11-26 16:53:45 UTC
+++ vio/viossl.c
@@ -385,7 +385,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
DBUG_PRINT("info", ("ssl: 0x%lx timeout: %ld", (long) ssl, timeout));
SSL_clear(ssl);
SSL_set_fd(ssl, sd);
-#if defined(SSL_OP_NO_COMPRESSION)
+#if defined(SSL_OP_NO_COMPRESSION) && !defined(LIBRESSL_VERSION_NUMBER)
SSL_set_options(ssl, SSL_OP_NO_COMPRESSION); /* OpenSSL >= 1.0 only */
#elif OPENSSL_VERSION_NUMBER >= 0x00908000L /* workaround for OpenSSL 0.9.8 */
sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
@@ -403,7 +403,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio,
for (j = 0; j < n; j++)
{

18
databases/mysql56-server/files/patch-vio_viosslfactories.c
View File

@ -9,6 +9,15 @@
dh->p= p;
dh->g= g;
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -226,7 +226,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
struct st_VioSSLFd *ssl_fd;
/* MySQL 5.6 supports TLS up to v1.2, explicitly disable TLSv1.3. */
long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
SSL_OP_NO_TLSv1_3 |
#endif /* HAVE_TLSv13 */
SSL_OP_NO_TICKET;
@@ -250,7 +250,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
DBUG_RETURN(0);
@ -18,3 +27,12 @@
SSLv23_client_method() :
SSLv23_server_method()
#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
@@ -268,7 +268,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
/*
MySQL 5.6 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
*/

36
databases/mysql57-client/files/patch-cmake_ssl.cmake
View File

@ -1,5 +1,5 @@
--- cmake/ssl.cmake.orig 2020-07-08 22:29:14.999896000 +0200
+++ cmake/ssl.cmake 2020-07-08 22:44:05.251931000 +0200
--- cmake/ssl.cmake.orig 2019-12-06 10:41:47 UTC
+++ cmake/ssl.cmake
@@ -150,22 +150,12 @@ MACRO (MYSQL_CHECK_SSL)
MESSAGE(STATUS "OPENSSL_APPLINK_C ${OPENSSL_APPLINK_C}")
ENDIF()
@ -23,26 +23,32 @@
IF(OPENSSL_INCLUDE_DIR)
# Verify version number. Version information looks like:
@@ -193,7 +183,8 @@ MACRO (MYSQL_CHECK_SSL)
@@ -193,9 +183,10 @@ MACRO (MYSQL_CHECK_SSL)
)
SET(OPENSSL_VERSION ${OPENSSL_VERSION} CACHE INTERNAL "")
- IF("${OPENSSL_VERSION}" VERSION_GREATER "1.1.0")
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+ IF(HAVE_TLS1_3_VERSION)
ADD_DEFINITIONS(-DHAVE_TLSv13)
SET(HAVE_TLSv13 1)
- ADD_DEFINITIONS(-DHAVE_TLSv13)
- SET(HAVE_TLSv13 1)
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+ IF(HAVE_TLS1_3_VERSION)
+ #ADD_DEFINITIONS(-DHAVE_TLSv13)
+ #SET(HAVE_TLSv13 1)
IF(SOLARIS)
@@ -204,6 +195,12 @@ MACRO (MYSQL_CHECK_SSL)
SET(FORCE_SSL_SOLARIS "-Wl,--undefined,address_of_sk_new_null")
ENDIF()
@@ -203,7 +204,13 @@ MACRO (MYSQL_CHECK_SSL)
IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND
CRYPTO_LIBRARY AND
OPENSSL_MAJOR_VERSION STREQUAL "1"
+ )
+ SET(OPENSSL_FOUND TRUE)
+ ELSEIF(OPENSSL_INCLUDE_DIR AND
+ OPENSSL_LIBRARY AND
+ CRYPTO_LIBRARY AND
+ OPENSSL_MAJOR_VERSION STREQUAL "2"
- OPENSSL_MAJOR_VERSION STREQUAL "1"
+ OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1"
+ )
+ SET(OPENSSL_FOUND TRUE)
+ ELSEIF(OPENSSL_INCLUDE_DIR AND
+ OPENSSL_LIBRARY AND
+ CRYPTO_LIBRARY AND
+ OPENSSL_MAJOR_VERSION STREQUAL "2"
)
SET(OPENSSL_FOUND TRUE)
ELSE()

27
databases/mysql57-client/files/patch-vio_viosslfactories.c
View File

@ -33,3 +33,30 @@
}
return(dh);
}
@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
struct st_VioSSLFd *ssl_fd;
/* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */
long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
| SSL_OP_NO_TLSv1_3
#endif /* HAVE_TLSv13 */
;
@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
SSL_OP_NO_TLSv1 |
SSL_OP_NO_TLSv1_1
| SSL_OP_NO_TLSv1_2
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
| SSL_OP_NO_TLSv1_3
#endif /* HAVE_TLSv13 */
| SSL_OP_NO_TICKET
@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
/*
MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
*/

2
databases/mysql57-server/Makefile
View File

@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME?= mysql
PORTVERSION= 5.7.32
PORTVERSION= 5.7.33
PORTREVISION?= 0
CATEGORIES= databases
MASTER_SITES= MYSQL/MySQL-5.7

6
databases/mysql57-server/distinfo
View File

@ -1,3 +1,3 @@
TIMESTAMP = 1603133127
SHA256 (mysql-boost-5.7.32.tar.gz) = 9a8a04a2b0116ccff9a8d8aace07aaeaacf47329b701c5dfa9fa4351d3f1933b
SIZE (mysql-boost-5.7.32.tar.gz) = 52882168
TIMESTAMP = 1612332815
SHA256 (mysql-boost-5.7.33.tar.gz) = cfcaf6f37a055d808fe1472eb0359864e2227aa0206c55c4e1961bab2ecc304b
SIZE (mysql-boost-5.7.33.tar.gz) = 52912380

33
databases/mysql57-server/files/patch-cmake_ssl.cmake
View File

@ -1,15 +1,42 @@
--- cmake/ssl.cmake.orig 2019-12-06 10:41:47 UTC
+++ cmake/ssl.cmake
@@ -193,7 +193,8 @@ MACRO (MYSQL_CHECK_SSL)
@@ -150,22 +150,12 @@ MACRO (MYSQL_CHECK_SSL)
MESSAGE(STATUS "OPENSSL_APPLINK_C ${OPENSSL_APPLINK_C}")
ENDIF()
- # On mac this list is <.dylib;.so;.a>
- # We prefer static libraries, so we reverse it here.
- IF (WITH_SSL_PATH)
- LIST(REVERSE CMAKE_FIND_LIBRARY_SUFFIXES)
- MESSAGE(STATUS "suffixes <${CMAKE_FIND_LIBRARY_SUFFIXES}>")
- ENDIF()
-
FIND_LIBRARY(OPENSSL_LIBRARY
NAMES ssl libssl ssleay32 ssleay32MD
HINTS ${OPENSSL_ROOT_DIR}/lib)
FIND_LIBRARY(CRYPTO_LIBRARY
NAMES crypto libcrypto libeay32
HINTS ${OPENSSL_ROOT_DIR}/lib)
- IF (WITH_SSL_PATH)
- LIST(REVERSE CMAKE_FIND_LIBRARY_SUFFIXES)
- ENDIF()
IF(OPENSSL_INCLUDE_DIR)
# Verify version number. Version information looks like:
@@ -193,9 +183,10 @@ MACRO (MYSQL_CHECK_SSL)
)
SET(OPENSSL_VERSION ${OPENSSL_VERSION} CACHE INTERNAL "")
- IF("${OPENSSL_VERSION}" VERSION_GREATER "1.1.0")
- ADD_DEFINITIONS(-DHAVE_TLSv13)
- SET(HAVE_TLSv13 1)
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+ IF(HAVE_TLS1_3_VERSION)
ADD_DEFINITIONS(-DHAVE_TLSv13)
SET(HAVE_TLSv13 1)
+ #ADD_DEFINITIONS(-DHAVE_TLSv13)
+ #SET(HAVE_TLSv13 1)
IF(SOLARIS)
SET(FORCE_SSL_SOLARIS "-Wl,--undefined,address_of_sk_new_null")
ENDIF()
@@ -203,7 +204,13 @@ MACRO (MYSQL_CHECK_SSL)
IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND

26
databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c
View File

@ -1,5 +1,31 @@
--- rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c.orig 2020-03-23 17:35:17 UTC
+++ rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
@@ -232,7 +232,7 @@ static int configure_ssl_algorithms(SSL_CTX* ssl_ctx,
const char* tls_version)
{
DH *dh= NULL;
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
/* We support TLS up to 1.2, so explicitly disable TLS 1.3. */
long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1_3;
#else
@@ -257,14 +257,14 @@ static int configure_ssl_algorithms(SSL_CTX* ssl_ctx,
SSL_OP_NO_TLSv1 |
SSL_OP_NO_TLSv1_1
| SSL_OP_NO_TLSv1_2
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
| SSL_OP_NO_TLSv1_3
#endif /* HAVE_TLSv13 */
);
SSL_CTX_set_options(ssl_ctx, ssl_ctx_options);
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
/* We do not support TLS 1.3.
Setting empty TLS 1.3 ciphersuites disables them. */
if (SSL_CTX_set_ciphersuites(ssl_ctx, "") == 0)
@@ -529,7 +529,7 @@ int xcom_init_ssl(const char *server_key_file, const c
break e.g. ODBC clients (if the client also uses SSL).
*/

11
databases/mysql57-server/files/patch-sql_locks_shared__spin__lock.cc Normal file
View File

@ -0,0 +1,11 @@
--- sql/locks/shared_spin_lock.cc.orig 2020-12-10 03:01:55 UTC
+++ sql/locks/shared_spin_lock.cc
@@ -239,7 +239,7 @@ lock::Shared_spin_lock &lock::Shared_spin_lock::try_or
{
this->spin_exclusive_lock();
}
- my_atomic_store64(&this->m_exclusive_owner, self);
+ my_atomic_store64(&this->m_exclusive_owner, reinterpret_cast<int64>(self));
return (*this);
}

27
databases/mysql57-server/files/patch-vio_viosslfactories.c
View File

@ -33,3 +33,30 @@
}
return(dh);
}
@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
struct st_VioSSLFd *ssl_fd;
/* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */
long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
| SSL_OP_NO_TLSv1_3
#endif /* HAVE_TLSv13 */
;
@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
SSL_OP_NO_TLSv1 |
SSL_OP_NO_TLSv1_1
| SSL_OP_NO_TLSv1_2
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
| SSL_OP_NO_TLSv1_3
#endif /* HAVE_TLSv13 */
| SSL_OP_NO_TICKET
@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
/*
MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
*/

2
databases/mysql80-client/Makefile
View File

@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= mysql
PORTREVISION= 1
PORTREVISION= 0
PKGNAMESUFFIX= 80-client
COMMENT= Multithreaded SQL database (client)

21
databases/mysql80-server/Makefile
View File

@ -2,8 +2,8 @@
# $FreeBSD$
PORTNAME?= mysql
PORTVERSION= 8.0.22
PORTREVISION?= 1
PORTVERSION= 8.0.23
PORTREVISION?= 0
CATEGORIES= databases
MASTER_SITES= MYSQL/MySQL-8.0
PKGNAMESUFFIX?= 80-server
@ -17,7 +17,7 @@ LICENSE= GPLv2
WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}${DISTVERSIONSUFFIX}
SLAVEDIRS= databases/mysql80-client
USES= bison:build cmake:noninja compiler:c++14-lang cpe \
USES= bison:build cmake:noninja compiler:c++17-lang cpe \
groff:run libedit localbase ncurses perl5 pkgconfig shebangfix ssl
USE_CXXSTD= c++14
@ -185,12 +185,21 @@ SUB_LIST+= LEGACY_LIMITS="" MODERN_LIMITS="@comment "
.include <bsd.port.pre.mk>
.if ${CHOSEN_COMPILER_TYPE} == clang && ${OPSYS} == FreeBSD && ${OSVERSION} >= 1300109
BUILD_DEPENDS+= clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT}
CC= ${LOCALBASE}/bin/clang${LLVM_DEFAULT}
.if ${CHOSEN_COMPILER_TYPE} == clang && ${OPSYS} == FreeBSD && ${OSVERSION} >= 1300109 || ${ARCH} == "i386"
BUILD_DEPENDS+= clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT}
CC= ${LOCALBASE}/bin/clang${LLVM_DEFAULT}
CPP= ${LOCALBASE}/bin/clang${LLVM_DEFAULT}
CXX= ${LOCALBASE}/bin/clang++${LLVM_DEFAULT}
.endif
.if ${ARCH} == "i386" && ${OSVERSION} < 1200000
# clang 7.x and 8.x do not build properly on 11i386
CPP= clang-cpp${LLVM_DEFAULT}
CC= clang${LLVM_DEFAULT}
CXX= clang++${LLVM_DEFAULT}
BUILD_DEPENDS+= clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT}
.endif
post-extract:
@${RM} -rv ${WRKSRC}/sql/sql_hints.yy.cc ${WRKSRC}/sql/sql_hints.yy.h

6
databases/mysql80-server/distinfo
View File

@ -1,3 +1,3 @@
TIMESTAMP = 1603183848
SHA256 (mysql-boost-8.0.22.tar.gz) = ba765f74367c638d7cd1c546c05c14382fd997669bcd9680278e907f8d7eb484
SIZE (mysql-boost-8.0.22.tar.gz) = 285934450
TIMESTAMP = 1611995725
SHA256 (mysql-boost-8.0.23.tar.gz) = 1c7a424303c134758e59607a0b3172e43a21a27ff08e8c88c2439ffd4fc724a5
SIZE (mysql-boost-8.0.23.tar.gz) = 291039175

24
databases/mysql80-server/files/patch-client_CMakeLists.txt
View File

@ -1,6 +1,6 @@
--- client/CMakeLists.txt.orig 2019-09-20 08:30:51 UTC
+++ client/CMakeLists.txt
@@ -23,8 +23,11 @@
@@ -28,8 +28,11 @@ DISABLE_MISSING_PROFILE_WARNING()
## Subdirectory with common client code.
ADD_SUBDIRECTORY(base)
## Subdirectory for mysqlpump code.
@ -12,15 +12,15 @@
MYSQL_ADD_EXECUTABLE(mysql
${CMAKE_SOURCE_DIR}/sql-common/net_ns.cc
completion_hash.cc
@@ -33,6 +36,7 @@ MYSQL_ADD_EXECUTABLE(mysql
readline.cc
@@ -39,6 +42,7 @@ MYSQL_ADD_EXECUTABLE(mysql
client_query_attributes.cc
LINK_LIBRARIES mysqlclient client_base ${EDITLINE_LIBRARY}
)
+ENDIF()
IF(NOT WITHOUT_SERVER)
MYSQL_ADD_EXECUTABLE(mysql_upgrade
@@ -48,6 +52,7 @@ IF(SOLARIS_SPARC AND CMAKE_BUILD_TYPE_UPPER STREQUAL "
@@ -55,6 +59,7 @@ IF(SOLARIS_SPARC AND MY_COMPILER_IS_SUNPRO AND
)
ENDIF()
@ -28,7 +28,7 @@
MYSQL_ADD_EXECUTABLE(mysqltest
mysqltest.cc
mysqltest/error_names.cc
@@ -63,6 +68,9 @@ MYSQL_ADD_EXECUTABLE(mysqltest
@@ -71,6 +76,9 @@ MYSQL_ADD_EXECUTABLE(mysqltest
ENABLE_EXPORTS
LINK_LIBRARIES mysqlclient
)
@ -38,15 +38,7 @@
MYSQL_ADD_EXECUTABLE(mysqlcheck
check/mysqlcheck.cc
check/mysqlcheck_core.cc
@@ -80,6 +88,7 @@ MYSQL_ADD_EXECUTABLE(mysqlshow
mysqlshow.cc
LINK_LIBRARIES mysqlclient
)
+
MYSQL_ADD_EXECUTABLE(mysqlbinlog
mysqlbinlog.cc
${CMAKE_SOURCE_DIR}/sql/json_binary.cc
@@ -104,7 +113,9 @@ MYSQL_ADD_EXECUTABLE(mysqlbinlog
@@ -246,7 +254,9 @@ ENDIF()
TARGET_COMPILE_DEFINITIONS(mysqlbinlog PRIVATE DISABLE_PSI_MUTEX)
TARGET_INCLUDE_DIRECTORIES(mysqlbinlog PRIVATE ${CMAKE_SOURCE_DIR}/sql)
@ -56,7 +48,7 @@
MYSQL_ADD_EXECUTABLE(mysqladmin
mysqladmin.cc
LINK_LIBRARIES mysqlclient
@@ -117,6 +128,9 @@ MYSQL_ADD_EXECUTABLE(mysql_config_editor
@@ -259,6 +269,9 @@ MYSQL_ADD_EXECUTABLE(mysql_config_editor
mysql_config_editor.cc
LINK_LIBRARIES mysqlclient
)
@ -66,7 +58,7 @@
MYSQL_ADD_EXECUTABLE(mysql_secure_installation
mysql_secure_installation.cc
LINK_LIBRARIES mysqlclient
@@ -127,6 +141,7 @@ MYSQL_ADD_EXECUTABLE(mysql_ssl_rsa_setup
@@ -269,6 +282,7 @@ MYSQL_ADD_EXECUTABLE(mysql_ssl_rsa_setup
path.cc
LINK_LIBRARIES mysys
)

5
databases/mysql80-server/files/patch-cmake_ssl.cmake
View File

@ -9,14 +9,15 @@
)
STRING(REGEX REPLACE
"^.*OPENSSL_VERSION_NUMBER[\t ]+0x([0-9]).*$" "\\1"
@@ -214,13 +214,14 @@ MACRO (MYSQL_CHECK_SSL)
@@ -222,13 +222,14 @@ MACRO (MYSQL_CHECK_SSL)
OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
)
ENDIF()
- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
- ADD_DEFINITIONS(-DHAVE_TLSv13)
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+ IF(HAVE_TLS1_3_VERSION)
ADD_DEFINITIONS(-DHAVE_TLSv13)
+ #ADD_DEFINITIONS(-DHAVE_TLSv13)
ENDIF()
IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND

7
databases/mysql80-server/files/patch-man_CMakeLists.txt
View File

@ -1,6 +1,6 @@
--- man/CMakeLists.txt.orig 2020-10-20 11:47:42.675974000 +0200
+++ man/CMakeLists.txt 2020-10-20 13:53:03.993879000 +0200
@@ -23,21 +23,10 @@
@@ -23,26 +23,14 @@
# Copy man pages
SET(MAN1
comp_err.1
@ -22,6 +22,11 @@
mysqladmin.1
mysqlbinlog.1
mysqlcheck.1
mysqldump.1
- mysqldumpslow.1
mysqlimport.1
mysqlman.1
mysqlpump.1
@@ -52,13 +41,23 @@ SET(MAN1
zlib_decompress.1
)

69
databases/mysql80-server/files/patch-plugin_group__replication_libmysqlgcs_src_bindings_xcom_xcom_xcom__ssl__transport.c
View File

@ -1,6 +1,51 @@
--- plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.cc.orig 2019-09-20 08:30:51 UTC
+++ plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.cc
@@ -329,6 +329,7 @@ error:
@@ -175,7 +175,7 @@ SSL_CTX *client_ctx = NULL;
static long process_tls_version(const char *tls_version) {
const char *separator = ", ";
char *token = NULL;
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
const char *tls_version_name_list[] = {"TLSv1", "TLSv1.1", "TLSv1.2",
"TLSv1.3"};
#else
@@ -184,7 +184,7 @@ static long process_tls_version(const char *tls_versio
#define TLS_VERSIONS_COUNTS \
(sizeof(tls_version_name_list) / sizeof(*tls_version_name_list))
unsigned int tls_versions_count = TLS_VERSIONS_COUNTS;
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
const long tls_ctx_list[TLS_VERSIONS_COUNTS] = {
SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3};
const char *ctx_flag_default = "TLSv1,TLSv1.1,TLSv1.2,TLSv1.3";
@@ -240,7 +240,7 @@ static int configure_ssl_algorithms(
long ssl_ctx_options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
char cipher_list[SSL_CIPHER_LIST_SIZE] = {0};
long ssl_ctx_flags = -1;
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
int tlsv1_3_enabled = 0;
#endif /* HAVE_TLSv13 */
@@ -253,7 +253,7 @@ static int configure_ssl_algorithms(
goto error;
}
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
ssl_ctx_options = (ssl_ctx_options | ssl_ctx_flags) &
(SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
@@ -265,7 +265,7 @@ static int configure_ssl_algorithms(
SSL_CTX_set_options(ssl_ctx, ssl_ctx_options);
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
tlsv1_3_enabled = ((ssl_ctx_options & SSL_OP_NO_TLSv1_3) == 0);
if (tlsv1_3_enabled) {
/* Set OpenSSL TLS v1.3 ciphersuites.
@@ -325,6 +325,7 @@ error:
return 1;
}
@ -8,7 +53,7 @@
#define OPENSSL_ERROR_LENGTH 512
static int configure_ssl_fips_mode(const uint fips_mode) {
int rc = -1;
@@ -352,6 +353,7 @@ static int configure_ssl_fips_mode(const uint fips_mod
@@ -348,6 +349,7 @@ static int configure_ssl_fips_mode(const uint fips_mod
EXIT:
return rc;
}
@ -16,7 +61,7 @@
static int configure_ssl_ca(SSL_CTX *ssl_ctx, const char *ca_file,
const char *ca_path) {
@@ -555,10 +557,12 @@ int xcom_init_ssl(const char *server_key_file, const c
@@ -544,10 +546,12 @@ int xcom_init_ssl(const char *server_key_file, const c
int verify_server = SSL_VERIFY_NONE;
int verify_client = SSL_VERIFY_NONE;
@ -29,3 +74,21 @@
SSL_library_init();
SSL_load_error_strings();
@@ -563,7 +567,7 @@ int xcom_init_ssl(const char *server_key_file, const c
}
G_DEBUG("Configuring SSL for the server")
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
server_ctx = SSL_CTX_new(TLS_server_method());
#else
server_ctx = SSL_CTX_new(SSLv23_server_method());
@@ -582,7 +586,7 @@ int xcom_init_ssl(const char *server_key_file, const c
SSL_CTX_set_verify(server_ctx, verify_server, NULL);
G_DEBUG("Configuring SSL for the client")
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
client_ctx = SSL_CTX_new(TLS_client_method());
#else
client_ctx = SSL_CTX_new(SSLv23_client_method());

10
databases/mysql80-server/files/patch-router_src_harness_src_CMakeLists.txt
View File

@ -8,7 +8,15 @@
)
ELSE()
INSTALL(TARGETS harness-library
@@ -240,5 +239,4 @@ INSTALL(TARGETS harness_stdx
@@ -240,7 +239,6 @@ INSTALL(TARGETS harness_stdx
RUNTIME DESTINATION ${ROUTER_INSTALL_BINDIR} COMPONENT Router
ARCHIVE DESTINATION ${ROUTER_INSTALL_LIBDIR} COMPONENT Router
LIBRARY DESTINATION ${ROUTER_INSTALL_LIBDIR} COMPONENT Router
- NAMELINK_SKIP
)
## harness_tls
@@ -277,5 +275,4 @@ INSTALL(TARGETS harness_tls
RUNTIME DESTINATION ${ROUTER_INSTALL_BINDIR} COMPONENT Router
ARCHIVE DESTINATION ${ROUTER_INSTALL_LIBDIR} COMPONENT Router
LIBRARY DESTINATION ${ROUTER_INSTALL_LIBDIR} COMPONENT Router

4
databases/mysql80-server/files/patch-router_src_http_src_tls__client__context.cc → databases/mysql80-server/files/patch-router_src_harness_src_tls__client__context.cc
View File

@ -1,5 +1,5 @@
--- router/src/http/src/tls_client_context.cc.orig 2019-09-20 08:30:51 UTC
+++ router/src/http/src/tls_client_context.cc
--- router/src/harness/src/tls_client_context.cc.orig 2019-09-20 08:30:51 UTC
+++ router/src/harness/src/tls_client_context.cc
@@ -54,7 +54,7 @@ void TlsClientContext::verify(TlsVerify verify) {
void TlsClientContext::cipher_suites(const std::string &ciphers) {

4
databases/mysql80-server/files/patch-router_src_http_src_tls__context.cc → databases/mysql80-server/files/patch-router_src_harness_src_tls__context.cc
View File

@ -1,5 +1,5 @@
--- router/src/http/src/tls_context.cc.orig 2019-09-20 08:30:51 UTC
+++ router/src/http/src/tls_context.cc
--- router/src/harness/src/tls_context.cc.orig 2019-09-20 08:30:51 UTC
+++ router/src/harness/src/tls_context.cc
@@ -91,7 +91,7 @@ static constexpr int o11x_version(TlsVersion version)
return TLS1_1_VERSION;
case TlsVersion::TLS_1_2:

4
databases/mysql80-server/files/patch-router_src_http_src_tls__server__context.cc → databases/mysql80-server/files/patch-router_src_harness_src_tls__server__context.cc
View File

@ -1,5 +1,5 @@
--- router/src/http/src/tls_server_context.cc.orig 2019-09-20 08:30:51 UTC
+++ router/src/http/src/tls_server_context.cc
--- router/src/harness/src/tls_server_context.cc.orig 2019-09-20 08:30:51 UTC
+++ router/src/harness/src/tls_server_context.cc
@@ -166,7 +166,8 @@ void TlsServerContext::init_tmp_dh(const std::string &
}

18
databases/mysql80-server/files/patch-sql_item.h Normal file
View File

@ -0,0 +1,18 @@
--- sql/item.h.orig 2020-12-11 07:42:20 UTC
+++ sql/item.h
@@ -3380,13 +3380,13 @@ class Item_sp_variable : public Item {
Name_string m_name;
public:
-#ifndef DBUG_OFF
+//#ifndef DBUG_OFF
/*
Routine to which this Item_splocal belongs. Used for checking if correct
runtime context is used for variable handling.
*/
sp_head *m_sp{nullptr};
-#endif
+//#endif
public:
Item_sp_variable(const Name_string sp_var_name);

20
databases/mysql80-server/files/patch-ssl__init__callback.cc Normal file
View File

@ -0,0 +1,20 @@
--- sql/ssl_init_callback.cc.orig 2020-12-11 07:42:20 UTC
+++ sql/ssl_init_callback.cc
@@ -88,7 +88,7 @@ static Sys_var_charptr Sys_tls_version(
"TLS version, permitted values are TLSv1, TLSv1.1, TLSv1.2, TLSv1.3",
PERSIST_AS_READONLY GLOBAL_VAR(opt_tls_version),
CMD_LINE(REQUIRED_ARG, OPT_TLS_VERSION), IN_FS_CHARSET,
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
"TLSv1,TLSv1.1,TLSv1.2,TLSv1.3",
#else
"TLSv1,TLSv1.1,TLSv1.2",
@@ -154,7 +154,7 @@ static Sys_var_charptr Sys_admin_tls_version(
"TLSv1.2, TLSv1.3",
PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_tls_version),
CMD_LINE(REQUIRED_ARG, OPT_TLS_VERSION), IN_FS_CHARSET,
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
"TLSv1,TLSv1.1,TLSv1.2,TLSv1.3",
#else
"TLSv1,TLSv1.1,TLSv1.2",

46
databases/mysql80-server/files/patch-vio_viosslfactories.cc
View File

@ -1,14 +1,14 @@
--- vio/viosslfactories.cc.orig 2019-09-20 08:30:51 UTC
+++ vio/viosslfactories.cc
@@ -38,6 +38,7 @@
@@ -40,6 +40,7 @@
#include "vio/vio_priv.h"
#ifdef HAVE_OPENSSL
#include <openssl/dh.h>
+#include <openssl/crypto.h>
#define TLS_VERSION_OPTION_SIZE 256
#define SSL_CIPHER_LIST_SIZE 4096
@@ -420,6 +421,7 @@ void ssl_start() {
#if OPENSSL_VERSION_NUMBER < 0x10002000L
#include <openssl/ec.h>
@@ -472,6 +473,7 @@ void ssl_start() {
}
}
@ -16,7 +16,7 @@
/**
Set fips mode in openssl library,
When we set fips mode ON/STRICT, it will perform following operations:
@@ -473,6 +475,7 @@ EXIT:
@@ -525,12 +527,13 @@ EXIT:
@returns openssl current fips mode
*/
uint get_fips_mode() { return FIPS_mode(); }
@ -24,3 +24,37 @@
long process_tls_version(const char *tls_version) {
const char *separator = ",";
char *token, *lasts = nullptr;
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
const char *tls_version_name_list[] = {"TLSv1", "TLSv1.1", "TLSv1.2",
"TLSv1.3"};
const char ctx_flag_default[] = "TLSv1,TLSv1.1,TLSv1.2,TLSv1.3";
@@ -609,7 +612,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
ssl_ctx_options = (ssl_ctx_options | ssl_ctx_flags) &
(SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
| SSL_OP_NO_TLSv1_3
#endif /* HAVE_TLSv13 */
| SSL_OP_NO_TICKET);
@@ -618,7 +621,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
return nullptr;
if (!(ssl_fd->ssl_context = SSL_CTX_new(is_client ?
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
TLS_client_method()
: TLS_server_method()
#else /* HAVE_TLSv13 */
@@ -633,7 +636,7 @@ static struct st_VioSSLFd *new_VioSSLFd(
return nullptr;
}
-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
/*
Set OpenSSL TLS v1.3 ciphersuites.
Note that an empty list is permissible.

7
databases/mysql80-server/pkg-plist
View File

@ -26,6 +26,8 @@ lib/mysql/libmysqlharness.so
lib/mysql/libmysqlharness.so.1
lib/mysql/libmysqlharness_stdx.so
lib/mysql/libmysqlharness_stdx.so.1
lib/mysql/libmysqlharness_tls.so
lib/mysql/libmysqlharness_tls.so.1
lib/mysql/libmysqlrouter.so
lib/mysql/libmysqlrouter.so.1
lib/mysql/libmysqlrouter_http.so
@ -42,12 +44,12 @@ lib/mysql/mysqlrouter/http_server.so
lib/mysql/mysqlrouter/io.so
lib/mysql/mysqlrouter/keepalive.so
lib/mysql/mysqlrouter/metadata_cache.so
lib/mysql/mysqlrouter/mysql_protocol.so
lib/mysql/mysqlrouter/rest_api.so
lib/mysql/mysqlrouter/rest_metadata_cache.so
lib/mysql/mysqlrouter/rest_router.so
lib/mysql/mysqlrouter/rest_routing.so
lib/mysql/mysqlrouter/router_protobuf.so
lib/mysql/mysqlrouter/router_openssl.so
lib/mysql/mysqlrouter/routing.so
lib/mysql/plugin/adt_null.so
lib/mysql/plugin/auth.so
@ -64,6 +66,8 @@ lib/mysql/plugin/component_mysqlbackup.so
lib/mysql/plugin/component_mysqlx_global_reset.so
lib/mysql/plugin/component_pfs_example.so
lib/mysql/plugin/component_pfs_example_component_population.so
lib/mysql/plugin/component_query_attributes.so
lib/mysql/plugin/component_reference_cache.so
lib/mysql/plugin/component_test_audit_api_message.so
lib/mysql/plugin/component_test_backup_lock_service.so
lib/mysql/plugin/component_test_component_deinit.so
@ -124,6 +128,7 @@ lib/mysql/plugin/libtest_sql_processlist.so
lib/mysql/plugin/libtest_sql_replication.so
lib/mysql/plugin/libtest_sql_reset_connection.so
lib/mysql/plugin/libtest_sql_shutdown.so
lib/mysql/plugin/libtest_sql_sleep_is_connected.so
lib/mysql/plugin/libtest_sql_sqlmode.so
lib/mysql/plugin/libtest_sql_stmt.so
lib/mysql/plugin/libtest_sql_stored_procedures_functions.so