databases/mysql80-{client,server}: Upgrade the ports to GA version 8.0.11

Fix build with LibreSSL and OpenSSL-devel ports as well

MySQL 8.0.11 is the General Availability (GA) version of MySQL 8.
MySQL since this version supports FIPS-mode, if compiled using OpenSSL, AND
    an OpenSSL library and FIPS Object Module are available at runtime.
    FIPS mode imposes conditions on cryptographic operations such as
    restrictions on acceptable encryption algorithms or requirements for longer key lengths.
    The --ssl-fips-mode client option enables control of FIPS mode on the client side for:
    mysql, mysqladmin, mysqlbinlog, mysqlcheck, mysqldump, mysqlimport, mysqlpump, ...
This update includes bugfixes including (not limited to):
-InnoDB: The server was stopped before a fatal error message
    was written to the error log.
-InnoDB: An incorrect GROUP BY result was returned when using the
    TempTable storage engine and a NO PAD collation.
-InnoDB: The data retrieved from INFORMATION_SCHEMA.INNODB_COLUMNS was
    incorrect for tables containing a virtual column.

Full Release-Notes are available at:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-11.html

databases/mysql80-client/Makefile

@@ -2,6 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	mysql
+PORTREVISION=	0
 PKGNAMESUFFIX=	80-client
 
 COMMENT=	Multithreaded SQL database (client)

databases/mysql80-client/files/patch-CMakeLists.txt

@@ -1,6 +1,12 @@
---- CMakeLists.txt.orig	2017-06-27 11:44:29 UTC
+--- CMakeLists.txt.orig	2018-05-03 10:27:45 UTC
 +++ CMakeLists.txt
-@@ -700,9 +700,6 @@ IF(NOT WITHOUT_SERVER)
+@@ -835,14 +835,12 @@ ADD_SUBDIRECTORY(extra/regex)
+ ADD_SUBDIRECTORY(libmysql)
+ ADD_SUBDIRECTORY(libbinlogevents)
+ ADD_SUBDIRECTORY(libbinlogstandalone)
++ADD_SUBDIRECTORY(support-files)
+ 
+ IF(NOT WITHOUT_SERVER)
    SET (MYSQLD_STATIC_PLUGIN_LIBS "" CACHE INTERNAL "")
    # Add storage engines and plugins.
    CONFIGURE_PLUGINS()
@@ -9,36 +15,26 @@
 -  ADD_SUBDIRECTORY(storage/ndb)
  ENDIF()
  
- ADD_SUBDIRECTORY(include)
-@@ -715,6 +712,7 @@ ADD_SUBDIRECTORY(extra/regex)
- ADD_SUBDIRECTORY(libmysql)
- ADD_SUBDIRECTORY(libbinlogevents)
- ADD_SUBDIRECTORY(libbinlogstandalone)
-+ADD_SUBDIRECTORY(support-files)
- 
  IF(NOT WITHOUT_SERVER)
-   SET (MYSQLD_STATIC_COMPONENT_LIBS "" CACHE INTERNAL "")
-@@ -811,14 +809,13 @@ ELSE()
-   SET(CPACK_GENERATOR "TGZ")
- ENDIF() 
+@@ -966,12 +964,10 @@ ENDIF() 
  ADD_SUBDIRECTORY(packaging/WiX)
--ADD_SUBDIRECTORY(packaging/solaris)
+ ADD_SUBDIRECTORY(packaging/solaris)
  
- IF(UNIX)
+-IF(UNIX)
 -  INSTALL(FILES Docs/mysql.info DESTINATION ${INSTALL_INFODIR} OPTIONAL COMPONENT Info)
- ENDIF()
+-ENDIF()
  #
  # RPM installs documentation directly from the source tree
  #
 +IF(FALSE)
  IF(NOT INSTALL_LAYOUT MATCHES "RPM")
-   INSTALL(FILES COPYING LICENSE.mysql 
-   DESTINATION ${INSTALL_DOCREADMEDIR} 
-@@ -841,6 +838,7 @@ IF(NOT INSTALL_LAYOUT MATCHES "RPM")
-     PATTERN "sp-imp-spec.txt" EXCLUDE
+   INSTALL(FILES README LICENSE DESTINATION ${INSTALL_DOCREADMEDIR} COMPONENT Readme)
+   INSTALL(FILES ${CMAKE_BINARY_DIR}/Docs/INFO_SRC ${CMAKE_BINARY_DIR}/Docs/INFO_BIN DESTINATION ${INSTALL_DOCDIR})
+@@ -990,6 +986,7 @@ IF(NOT INSTALL_LAYOUT MATCHES "RPM")
+     PATTERN "README.build" EXCLUDE
    )
  ENDIF()
 +ENDIF()
  
- INCLUDE(CPack)
- 
+ IF(UNIX)
+   EXECUTE_PROCESS(

databases/mysql80-client/files/patch-cmake_ssl.cmake

@@ -1,15 +1,14 @@
---- cmake/ssl.cmake.orig	2016-08-12 10:55:07 UTC
+--- cmake/ssl.cmake.orig	2018-04-29 16:21:47 UTC
 +++ cmake/ssl.cmake
-@@ -179,6 +179,12 @@ MACRO (MYSQL_CHECK_SSL)
-        OPENSSL_MAJOR_VERSION STREQUAL "1"
+@@ -265,10 +265,10 @@ MACRO (MYSQL_CHECK_SSL)
+         OPENSSL_MAJOR_VERSION "${OPENSSL_VERSION_NUMBER}"
+         )
+     ENDIF()
+     IF(OPENSSL_INCLUDE_DIR AND
+        OPENSSL_LIBRARY   AND
+        CRYPTO_LIBRARY      AND
+-       OPENSSL_MAJOR_VERSION STREQUAL "1"
++       (OPENSSL_MAJOR_VERSION STREQUAL "1" OR OPENSSL_MAJOR_VERSION STREQUAL "2")
        )
        SET(OPENSSL_FOUND TRUE)
-+    ELSEIF(OPENSSL_INCLUDE_DIR AND
-+       OPENSSL_LIBRARY   AND
-+       CRYPTO_LIBRARY      AND
-+       OPENSSL_MAJOR_VERSION STREQUAL "2"
-+      )
-+      SET(OPENSSL_FOUND TRUE)
-     ELSE()
-       SET(OPENSSL_FOUND FALSE)
-     ENDIF()
+       FIND_PROGRAM(OPENSSL_EXECUTABLE openssl

databases/mysql80-client/files/patch-include_CMakeLists.txt

@@ -1,13 +1,11 @@
 --- include/CMakeLists.txt.orig	2017-09-21 15:51:58 UTC
 +++ include/CMakeLists.txt
-@@ -30,11 +30,179 @@ SET(HEADERS
+@@ -30,11 +30,173 @@ SET(HEADERS
    ${CMAKE_CURRENT_BINARY_DIR}/mysql_version.h
    ${CMAKE_CURRENT_BINARY_DIR}/mysqld_error.h
    ../libbinlogevents/export/binary_log_types.h
 +  base64.h
 +  big_endian.h
-+  byte_order_generic.h
-+  byte_order_generic_x86.h
 +  c_string_less.h
 +  crypt_genhash_impl.h
 +  decimal.h
@@ -15,7 +13,6 @@
 +  dur_prop.h
 +  errmsg.h
 +  ft_global.h
-+  hash.h
 +  heap.h
 +  keycache.h
 +  lex_string.h
@@ -24,7 +21,6 @@
 +  m_ctype.h
 +  m_string.h
 +  map_helpers.h
-+  mem_root_fwd.h
 +  mf_wcomp.h
 +  mutex_lock.h
 +  my_aes.h
@@ -115,7 +111,6 @@
 +  sslopt-case.h
 +  sslopt-longopts.h
 +  sslopt-vars.h
-+  str_uca_type.h
 +  template_utils.h
 +  thr_cond.h
 +  thr_lock.h
@@ -154,7 +149,6 @@
 +  mysql/service_command.h
 +  mysql/service_locking.h
 +  mysql/service_my_plugin_log.h
-+  mysql/service_my_snprintf.h
 +  mysql/service_mysql_alloc.h
 +  mysql/service_mysql_keyring.h
 +  mysql/service_mysql_password_policy.h

databases/mysql80-client/files/patch-include_my__compare.h

@@ -1,11 +1,11 @@
---- include/my_compare.h.orig	2016-03-28 18:06:12 UTC
+--- include/my_compare.h.orig	2018-04-08 06:44:49 UTC
 +++ include/my_compare.h
-@@ -40,7 +40,7 @@ extern "C" {
+@@ -49,7 +49,7 @@
    But beware the dependency of MI_MAX_POSSIBLE_KEY_BUFF and HA_MAX_KEY_LENGTH.
  */
  
--#define HA_MAX_KEY_LENGTH           1000        /* Max length in bytes */
-+#define HA_MAX_KEY_LENGTH           4000        /* Max length in bytes */
- #define HA_MAX_KEY_SEG              16          /* Max segments for key */
+-#define HA_MAX_KEY_LENGTH 1000 /* Max length in bytes */
++#define HA_MAX_KEY_LENGTH 4000 /* Max length in bytes */
+ #define HA_MAX_KEY_SEG 16      /* Max segments for key */
  
- #define HA_MAX_POSSIBLE_KEY_BUFF    (HA_MAX_KEY_LENGTH + 24+ 6+6)
+ #define HA_MAX_POSSIBLE_KEY_BUFF (HA_MAX_KEY_LENGTH + 24 + 6 + 6)

databases/mysql80-client/files/patch-include_myisam.h

@@ -1,11 +1,11 @@
---- include/myisam.h.orig	2016-03-28 18:06:12 UTC
+--- include/myisam.h.orig	2018-04-08 06:44:49 UTC
 +++ include/myisam.h
-@@ -45,7 +45,7 @@ extern "C" {
+@@ -59,7 +59,7 @@
    The following defines can be increased if necessary.
    But beware the dependency of MI_MAX_POSSIBLE_KEY_BUFF and MI_MAX_KEY_LENGTH.
  */
--#define MI_MAX_KEY_LENGTH           1000            /* Max length in bytes */
-+#define MI_MAX_KEY_LENGTH           4000            /* Max length in bytes */
- #define MI_MAX_KEY_SEG              16              /* Max segments for key */
+-#define MI_MAX_KEY_LENGTH 1000 /* Max length in bytes */
++#define MI_MAX_KEY_LENGTH 4000 /* Max length in bytes */
+ #define MI_MAX_KEY_SEG 16      /* Max segments for key */
  
- #define MI_MAX_KEY_BUFF  (MI_MAX_KEY_LENGTH+MI_MAX_KEY_SEG*6+8+8)
+ #define MI_MAX_KEY_BUFF (MI_MAX_KEY_LENGTH + MI_MAX_KEY_SEG * 6 + 8 + 8)

databases/mysql80-client/files/patch-mysys__ssl_my__default.cc

@@ -6,11 +6,11 @@
  
 -#define MAX_DEFAULT_DIRS 6
 +#define MAX_DEFAULT_DIRS 7
- #define DEFAULT_DIRS_SIZE (MAX_DEFAULT_DIRS + 1)  /* Terminate with NULL */
+ #define DEFAULT_DIRS_SIZE (MAX_DEFAULT_DIRS + 1) /* Terminate with NULL */
  static const char **default_directories = NULL;
  
 @@ -914,6 +914,14 @@ static int search_default_file_with_ext(
-       return 1;                                 /* Ignore wrong files */
+       return 1; /* Ignore wrong files */
    }
  
 +  if (strstr(name, "/etc") == name)
@@ -21,13 +21,13 @@
 +      goto err;
 +  }
 +
-   while (mysql_file_getline(buff, sizeof(buff) - 1, fp, is_login_file))
-   {
+   while (mysql_file_getline(buff, sizeof(buff) - 1, fp, is_login_file)) {
      line++;
+     /* Ignore comment and empty lines */
 @@ -1252,7 +1260,8 @@ void my_print_default_files(const char *
-             end[(strlen(end)-1)] = ' ';
+             end[(strlen(end) - 1)] = ' ';
            else
-             strxmov(end, conf_file, *ext , " ",  NullS);
+             strxmov(end, conf_file, *ext, " ", NullS);
 -          fputs(name, stdout);
 +          if (strstr(name, "/etc") != name)
 +            fputs(name, stdout);
@@ -53,9 +53,8 @@
 @@ -1488,7 +1492,7 @@ int check_file_permissions(const char *f
    MY_STAT stat_info;
  
-   if (!my_stat(file_name,&stat_info,MYF(0)))
--    return 1;
-+    return 0;
+-  if (!my_stat(file_name, &stat_info, MYF(0))) return 1;
++  if (!my_stat(file_name, &stat_info, MYF(0))) return 0;
    /*
      Ignore .mylogin.cnf file if not exclusively readable/writable
      by current user.

databases/mysql80-client/files/patch-mysys__ssl_my__md5.cc

@@ -0,0 +1,11 @@
+--- mysys_ssl/my_md5.cc.orig	2018-04-08 06:44:49 UTC
++++ mysys_ssl/my_md5.cc
+@@ -56,7 +56,7 @@ static void my_md5_hash(unsigned char *d
+ int compute_md5_hash(char *digest, const char *buf, int len) {
+   int retval = 0;
+   int fips_mode = 0;
+-#if !defined(HAVE_WOLFSSL)
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+   fips_mode = FIPS_mode();
+ #endif /* HAVE_WOLFSSL */
+   /* If fips mode is ON/STRICT restricted method calls will result into abort,

databases/mysql80-client/files/patch-plugin_x_client_xconnection__impl.cc

@@ -0,0 +1,37 @@
+--- plugin/x/client/xconnection_impl.cc.orig	2018-04-08 06:44:49 UTC
++++ plugin/x/client/xconnection_impl.cc
+@@ -182,12 +182,12 @@ XError ssl_verify_server_cert(Vio *vio, 
+     return XError{CR_SSL_CONNECTION_ERROR, "Failed to get CN from CN entry"};
+   }
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+-  const auto cn = reinterpret_cast<char *>(ASN1_STRING_data(cn_asn1));
+-#else  /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+   const auto cn =
+       reinterpret_cast<const char *>(ASN1_STRING_get0_data(cn_asn1));
+-#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++#else
++  const auto cn = reinterpret_cast<char *>(ASN1_STRING_data(cn_asn1));
++#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
+   const auto cn_len = static_cast<size_t>(ASN1_STRING_length(cn_asn1));
+ 
+   // There should not be any NULL embedded in the CN
+@@ -451,7 +451,7 @@ XError Connection_impl::get_ssl_error(co
+   return XError(CR_SSL_CONNECTION_ERROR, buffer);
+ }
+ 
+-#ifndef HAVE_WOLFSSL
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+ /**
+   Set fips mode in openssl library,
+   When we set fips mode ON/STRICT, it will perform following operations:
+@@ -501,7 +501,7 @@ XError Connection_impl::activate_tls() {
+   if (!m_context->m_ssl_config.is_configured())
+     return XError{CR_SSL_CONNECTION_ERROR, ER_TEXT_TLS_NOT_CONFIGURATED};
+ 
+-#ifndef HAVE_WOLFSSL
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+   char err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
+   if (set_fips_mode((int)m_context->m_ssl_config.m_ssl_fips_mode, err_string) !=
+       1) {

databases/mysql80-client/files/patch-share_CMakeLists.txt

@@ -1,5 +1,5 @@
---- sql/share/CMakeLists.txt.orig	2017-10-03 10:54:31 UTC
-+++ sql/share/CMakeLists.txt
+--- share/CMakeLists.txt.orig	2017-10-03 10:54:31 UTC
++++ share/CMakeLists.txt
 @@ -45,6 +45,7 @@ SET(files 
   dictionary.txt
  )
@@ -16,7 +16,7 @@
  
  # Don't copy if we're building in-source.
  IF (NOT ${CMAKE_SOURCE_DIR} STREQUAL ${CMAKE_BINARY_DIR})
-   CONFIGURE_FILE(dictionary.txt ${CMAKE_BINARY_DIR}/sql/share/dictionary.txt)
+   CONFIGURE_FILE(dictionary.txt ${CMAKE_BINARY_DIR}/${INSTALL_MYSQLSHAREDIR}/dictionary.txt)
  ENDIF()
  
 +IF (FALSE)

databases/mysql80-client/files/patch-sql-common_client.cc

@@ -0,0 +1,27 @@
+--- sql-common/client.cc.orig	2018-04-08 06:44:49 UTC
++++ sql-common/client.cc
+@@ -2649,11 +2649,11 @@ static int ssl_verify_server_cert(Vio *v
+     goto error;
+   }
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+-  cn = (char *)ASN1_STRING_data(cn_asn1);
+-#else  /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+   cn = (char *)ASN1_STRING_get0_data(cn_asn1);
+-#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++#else  /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
++  cn = (char *)ASN1_STRING_data(cn_asn1);
++#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
+ 
+   // There should not be any NULL embedded in the CN
+   if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn)) {
+@@ -5596,7 +5596,7 @@ int STDCALL mysql_options(MYSQL *mysql, 
+ #endif
+       break;
+     case MYSQL_OPT_SSL_FIPS_MODE: {
+-#if defined(HAVE_OPENSSL) && !defined(HAVE_WOLFSSL)
++#if defined(HAVE_OPENSSL) && !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+       char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
+       ENSURE_EXTENSIONS_PRESENT(&mysql->options);
+       mysql->options.extension->ssl_fips_mode = *(uint *)arg;

databases/mysql80-client/files/patch-sql_auth_sha2__password__common.cc

@@ -0,0 +1,11 @@
+--- sql/auth/sha2_password_common.cc.orig	2018-05-06 18:47:55 UTC
++++ sql/auth/sha2_password_common.cc
+@@ -101,7 +101,7 @@ bool SHA256_digest::retrieve_digest(unsi
+     DBUG_RETURN(true);
+   }
+   m_ok = EVP_DigestFinal_ex(md_context, m_digest, NULL);
+-#if defined(HAVE_WOLFSSL) || OPENSSL_VERSION_NUMBER < 0x10100000L
++#if defined(HAVE_WOLFSSL) || defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+   EVP_MD_CTX_cleanup(md_context);
+ #else  /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   EVP_MD_CTX_reset(md_context);

databases/mysql80-client/files/patch-sql_mysqld.cc

@@ -0,0 +1,20 @@
+--- sql/mysqld.cc.orig	2018-05-06 19:15:48 UTC
++++ sql/mysqld.cc
+@@ -4321,7 +4321,7 @@ static void init_ssl() {
+ 
+ static int init_ssl_communication() {
+ #ifdef HAVE_OPENSSL
+-#ifndef HAVE_WOLFSSL
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+   char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
+   int ret_fips_mode = set_fips_mode(opt_ssl_fips_mode, ssl_err_string);
+   if (ret_fips_mode != 1) {
+@@ -8647,7 +8647,7 @@ bool mysqld_get_one_option(int optid,
+         One can disable SSL later by using --skip-ssl or --ssl=0.
+       */
+       opt_use_ssl = true;
+-#ifdef HAVE_WOLFSSL
++#if defined(HAVE_WOLFSSL) || defined(LIBRESSL_VERSION_NUMBER)
+       /* crl has no effect in wolfSSL. */
+       opt_ssl_crl = NULL;
+       opt_ssl_crlpath = NULL;

databases/mysql80-client/files/patch-sql_sys__vars.cc

@@ -0,0 +1,29 @@
+--- sql/sys_vars.cc.orig	2018-05-06 19:16:02 UTC
++++ sql/sys_vars.cc
+@@ -4098,7 +4098,7 @@ static Sys_var_charptr Sys_tls_version(
+     READ_ONLY GLOBAL_VAR(opt_tls_version), SSL_OPT(OPT_TLS_VERSION),
+     IN_FS_CHARSET, "TLSv1,TLSv1.1,TLSv1.2");
+ 
+-#ifndef HAVE_WOLFSSL
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+ static bool update_fips_mode(sys_var *, THD *, enum_var_type) {
+   char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
+   if (set_fips_mode(opt_ssl_fips_mode, ssl_err_string) != 1) {
+@@ -4110,7 +4110,7 @@ static bool update_fips_mode(sys_var *, 
+ }
+ #endif
+ 
+-#ifdef HAVE_WOLFSSL
++#if defined(HAVE_WOLFSSL) || defined(LIBRESSL_VERSION_NUMBER)
+ static const char *ssl_fips_mode_names[] = {"OFF", 0};
+ #else
+ static const char *ssl_fips_mode_names[] = {"OFF", "ON", "STRICT", 0};
+@@ -4121,7 +4121,7 @@ static Sys_var_enum Sys_ssl_fips_mode(
+     GLOBAL_VAR(opt_ssl_fips_mode), SSL_OPT(OPT_SSL_FIPS_MODE),
+     ssl_fips_mode_names, DEFAULT(0), NO_MUTEX_GUARD, NOT_IN_BINLOG,
+     ON_CHECK(NULL),
+-#ifndef HAVE_WOLFSSL
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+     ON_UPDATE(update_fips_mode),
+ #else
+     ON_UPDATE(NULL),

databases/mysql80-client/files/patch-storage_myisam_mi__dynrec.c

@@ -1,23 +0,0 @@
---- storage/myisam/mi_dynrec.c.orig	2016-03-28 18:06:12 UTC
-+++ storage/myisam/mi_dynrec.c
-@@ -65,18 +65,13 @@ my_bool mi_dynmap_file(MI_INFO *info, my
-     DBUG_RETURN(1);
-   }
-   /*
--    I wonder if it is good to use MAP_NORESERVE. From the Linux man page:
--    MAP_NORESERVE
--      Do not reserve swap space for this mapping. When swap space is
--      reserved, one has the guarantee that it is possible to modify the
--      mapping. When swap space is not reserved one might get SIGSEGV
--      upon a write if no physical memory is available.
-+    MAP_NORESERVE is unimplemented in FreeBSD
-   */
-   info->s->file_map= (uchar*)
-                   my_mmap(0, (size_t) size,
-                           info->s->mode==O_RDONLY ? PROT_READ :
-                           PROT_READ | PROT_WRITE,
--                          MAP_SHARED | MAP_NORESERVE,
-+                          MAP_SHARED,
-                           info->dfile, 0L);
-   if (info->s->file_map == (uchar*) MAP_FAILED)
-   {

databases/mysql80-client/files/patch-storage_myisam_mi__dynrec.cc

@@ -0,0 +1,22 @@
+--- storage/myisam/mi_dynrec.cc.orig	2016-03-28 18:06:12 UTC
++++ storage/myisam/mi_dynrec.cc
+@@ -65,18 +65,13 @@ bool mi_dynmap_file(MI_INFO *info, my
+     DBUG_RETURN(1);
+   }
+   /*
+-    I wonder if it is good to use MAP_NORESERVE. From the Linux man page:
+-    MAP_NORESERVE
+-      Do not reserve swap space for this mapping. When swap space is
+-      reserved, one has the guarantee that it is possible to modify the
+-      mapping. When swap space is not reserved one might get SIGSEGV
+-      upon a write if no physical memory is available.
++    MAP_NORESERVE is unimplemented in FreeBSD
+   */
+   info->s->file_map = (uchar *)my_mmap(
+       0, (size_t)size,
+       info->s->mode == O_RDONLY ? PROT_READ : PROT_READ | PROT_WRITE,
+-      MAP_SHARED | MAP_NORESERVE, info->dfile, 0L);
++      MAP_SHARED, info->dfile, 0L);
+   if (info->s->file_map == (uchar *)MAP_FAILED) {
+     info->s->file_map = NULL;
+

databases/mysql80-client/files/patch-utilities_CMakeLists.txt

@@ -2,20 +2,18 @@
 +++ utilities/CMakeLists.txt
 @@ -45,6 +45,7 @@ ENDIF()
  
- ADD_CUSTOM_COMMAND(OUTPUT ${PROJECT_BINARY_DIR}/include/mysqld_error.h 
-                    ${PROJECT_BINARY_DIR}/sql/share/english/errmsg.sys
-+                   COMMAND mkdir -p ${PROJECT_BINARY_DIR}/sql/share/
+ ADD_CUSTOM_COMMAND(OUTPUT ${PROJECT_BINARY_DIR}/include/mysqld_error.h
+                    ${PROJECT_BINARY_DIR}/${INSTALL_MYSQLSHAREDIR}/english/errmsg.sys
++                   COMMAND mkdir -p ${PROJECT_BINARY_DIR}/share/
                     COMMAND comp_err
-                     --charset=${PROJECT_SOURCE_DIR}/sql/share/charsets 
-                     --out-dir=${PROJECT_BINARY_DIR}/sql/share/
-@@ -73,6 +74,7 @@ IF (WIN32 AND WITH_SSL_PATH AND HAVE_CRY
+                     --charset=${PROJECT_SOURCE_DIR}/share/charsets
+                     --out-dir=${PROJECT_BINARY_DIR}/${INSTALL_MYSQLSHAREDIR}/
+@@ -73,4 +74,5 @@ IF (WIN32 AND WITH_SSL_PATH AND HAVE_CRY
  ENDIF()
  
- 
 +IF(FALSE)
  MYSQL_ADD_EXECUTABLE(my_print_defaults my_print_defaults.c)
  TARGET_LINK_LIBRARIES(my_print_defaults  mysys mysys_ssl)
- SET_TARGET_PROPERTIES(my_print_defaults PROPERTIES LINKER_LANGUAGE CXX)
 @@ -142,11 +144,14 @@ IF(WITH_INNOBASE_STORAGE_ENGINE)
    TARGET_LINK_LIBRARIES(innochecksum mysys mysys_ssl ${LZ4_LIBRARY})
    ADD_DEPENDENCIES(innochecksum GenError)

databases/mysql80-client/files/patch-vio_viosslfactories.cc

@@ -0,0 +1,47 @@
+--- vio/viosslfactories.cc.orig	2018-04-08 06:44:49 UTC
++++ vio/viosslfactories.cc
+@@ -37,6 +37,7 @@
+ 
+ #ifdef HAVE_OPENSSL
+ #include <openssl/dh.h>
++#include <openssl/crypto.h>
+ 
+ #define TLS_VERSION_OPTION_SIZE 256
+ #define SSL_CIPHER_LIST_SIZE 4096
+@@ -135,7 +136,7 @@ static DH *get_dh2048(void) {
+     BIGNUM *p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
+     BIGNUM *g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
+     if (!p || !g
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+         || !DH_set0_pqg(dh, p, NULL, g)
+ #endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
+     ) {
+@@ -426,7 +427,7 @@ void ssl_start() {
+   }
+ }
+ 
+-#ifndef HAVE_WOLFSSL
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+ /**
+   Set fips mode in openssl library,
+   When we set fips mode ON/STRICT, it will perform following operations:
+@@ -449,6 +450,10 @@ int set_fips_mode(const uint fips_mode, 
+   int rc = -1;
+   unsigned int fips_mode_old = -1;
+   unsigned long err_library = 0;
++#if defined(LIBRESSL_VERSION_NUMBER)
++  err_string="LibreSSL deosn't have FIPS_mode functionas";
++  goto EXIT;
++#else
+   if (fips_mode > 2) {
+     goto EXIT;
+   }
+@@ -462,6 +467,7 @@ int set_fips_mode(const uint fips_mode, 
+     ERR_error_string_n(err_library, err_string, OPENSSL_ERROR_LENGTH - 1);
+     err_string[OPENSSL_ERROR_LENGTH - 1] = '\0';
+   }
++#endif
+ EXIT:
+   return rc;
+ }

databases/mysql80-client/pkg-plist

@@ -13,8 +13,6 @@ bin/mysqlslap
 include/mysql/base64.h
 include/mysql/big_endian.h
 include/mysql/binary_log_types.h
-include/mysql/byte_order_generic.h
-include/mysql/byte_order_generic_x86.h
 include/mysql/c_string_less.h
 include/mysql/crypt_genhash_impl.h
 include/mysql/decimal.h
@@ -22,7 +20,6 @@ include/mysql/depth_first_search.h
 include/mysql/dur_prop.h
 include/mysql/errmsg.h
 include/mysql/ft_global.h
-include/mysql/hash.h
 include/mysql/heap.h
 include/mysql/keycache.h
 include/mysql/lex_string.h
@@ -31,7 +28,6 @@ include/mysql/little_endian.h
 include/mysql/m_ctype.h
 include/mysql/m_string.h
 include/mysql/map_helpers.h
-include/mysql/mem_root_fwd.h
 include/mysql/mf_wcomp.h
 include/mysql/mutex_lock.h
 include/mysql/my_aes.h
@@ -111,7 +107,6 @@ include/mysql/mysql/plugin_validate_password.h
 include/mysql/mysql/service_command.h
 include/mysql/mysql/service_locking.h
 include/mysql/mysql/service_my_plugin_log.h
-include/mysql/mysql/service_my_snprintf.h
 include/mysql/mysql/service_mysql_alloc.h
 include/mysql/mysql/service_mysql_keyring.h
 include/mysql/mysql/service_mysql_password_policy.h
@@ -171,7 +166,6 @@ include/mysql/sql_string.h
 include/mysql/sslopt-case.h
 include/mysql/sslopt-longopts.h
 include/mysql/sslopt-vars.h
-include/mysql/str_uca_type.h
 include/mysql/template_utils.h
 include/mysql/thr_cond.h
 include/mysql/thr_lock.h
@@ -187,7 +181,6 @@ lib/mysql/libmysqlclient.so.21
 lib/mysql/libmysqlclient_r.a
 lib/mysql/libmysqlclient_r.so
 lib/mysql/libmysqlclient_r.so.21
-lib/mysql/libmysqlservices.a
 libdata/pkgconfig/mysqlclient.pc
 man/man1/comp_err.1.gz
 man/man1/mysql.1.gz

databases/mysql80-server/Makefile

@@ -2,9 +2,8 @@
 # $FreeBSD$
 
 PORTNAME?=		mysql
-PORTVERSION=		8.0.2
-PORTREVISION?=		3
-DISTVERSIONSUFFIX?=	-dmr
+PORTVERSION=		8.0.11
+PORTREVISION?=		0
 CATEGORIES=		databases ipv6
 MASTER_SITES=		MYSQL/MySQL-8.0
 PKGNAMESUFFIX?=		80-server
@@ -15,9 +14,6 @@ COMMENT?=		Multithreaded SQL database (server)
 
 LICENSE=		GPLv2
 
-BROKEN_SSL=	openssl-devel
-BROKEN_SSL_REASON_openssl-devel=	member access into incomplete type 'DH' (aka 'dh_st')
-
 WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION}${DISTVERSIONSUFFIX}
 
 SLAVEDIRS=	databases/mysql80-client
@@ -31,7 +27,10 @@ MY_SECDIR=	/var/db/mysql_secure
 MY_TMPDIR=	/var/db/mysql_tmpdir
 
 LIB_DEPENDS+=	libevent.so:devel/libevent \
-		liblz4.so:archivers/liblz4
+		libicutu.so:devel/icu \
+		liblz4.so:archivers/liblz4 \
+		libre2.so:devel/re2 \
+		libprotobuf.so:devel/protobuf
 
 CMAKE_BUILD_TYPE=	Release
 CFLAGS+=		-fPIC
@@ -61,6 +60,9 @@ CMAKE_ARGS+=	-DINSTALL_LAYOUT=FREEBSD \
 		-DWITH_LIBEVENT=system \
 		-DWITH_LZ4=system \
 		-DWITH_ZLIB=system \
+		-DWITH_ICU=system \
+		-DWITH_RE2=system \
+		-DWITH_PROTOBUF=system \
 		-DINSTALL_MYSQLTESTDIR=0
 
 SHEBANG_FILES=	scripts/*.pl* scripts/*.sh

databases/mysql80-server/distinfo

@@ -1,3 +1,3 @@
-TIMESTAMP = 1505989679
-SHA256 (mysql-boost-8.0.2-dmr.tar.gz) = a93f63e8ac72046bc5b0dc8515c60dd72faaaff352652aa46375f3a484ac3872
-SIZE (mysql-boost-8.0.2-dmr.tar.gz) = 60697707
+TIMESTAMP = 1524414416
+SHA256 (mysql-boost-8.0.11.tar.gz) = f40711a9bd91ab2ccea331484a6d281f806b0fdecf78f4c9e9d8a4c91208f309
+SIZE (mysql-boost-8.0.11.tar.gz) = 77647598

databases/mysql80-server/files/my.cnf.sample.in

@@ -42,8 +42,6 @@ table_definition_cache          = 8192
 net_retry_count                 = 16384
 key_buffer_size                 = 256M
 max_allowed_packet              = 64M
-query_cache_type                = 0
-query_cache_size                = 0
 long_query_time                 = 0.5
 innodb_buffer_pool_size         = 1G
 innodb_data_home_dir            = %%MY_DBDIR%%

databases/mysql80-server/files/patch-CMakeLists.txt

@@ -1,6 +1,6 @@
---- CMakeLists.txt.orig	2017-06-27 11:44:29 UTC
+--- CMakeLists.txt.orig	2018-05-07 12:26:59 UTC
 +++ CMakeLists.txt
-@@ -750,7 +750,6 @@ IF(UNIX)
+@@ -870,7 +870,6 @@ IF(UNIX)
  ENDIF()
  
  IF(NOT WITHOUT_SERVER)
@@ -8,7 +8,7 @@
    ADD_SUBDIRECTORY(sql)
  ENDIF()
  
-@@ -759,8 +758,6 @@ ENDIF()
+@@ -879,8 +878,6 @@ ENDIF()
  ADD_SUBDIRECTORY(scripts)
  
  IF(NOT WITHOUT_SERVER)
@@ -17,19 +17,19 @@
    ADD_SUBDIRECTORY(support-files)
    IF(EXISTS ${CMAKE_SOURCE_DIR}/internal/CMakeLists.txt)
      ADD_SUBDIRECTORY(internal)
-@@ -819,6 +816,7 @@ ENDIF()
+@@ -972,6 +969,7 @@ ENDIF()
  #
  # RPM installs documentation directly from the source tree
  #
 +IF(FALSE)
  IF(NOT INSTALL_LAYOUT MATCHES "RPM")
-   INSTALL(FILES COPYING LICENSE.mysql 
-   DESTINATION ${INSTALL_DOCREADMEDIR} 
-@@ -841,6 +839,7 @@ IF(NOT INSTALL_LAYOUT MATCHES "RPM")
-     PATTERN "sp-imp-spec.txt" EXCLUDE
+   INSTALL(FILES README LICENSE DESTINATION ${INSTALL_DOCREADMEDIR} COMPONENT Readme)
+   INSTALL(FILES ${CMAKE_BINARY_DIR}/Docs/INFO_SRC ${CMAKE_BINARY_DIR}/Docs/INFO_BIN DESTINATION ${INSTALL_DOCDIR})
+@@ -990,6 +988,7 @@ IF(NOT INSTALL_LAYOUT MATCHES "RPM")
+     PATTERN "README.build" EXCLUDE
    )
  ENDIF()
 +ENDIF()
  
- INCLUDE(CPack)
- 
+ IF(UNIX)
+   EXECUTE_PROCESS(

databases/mysql80-server/files/patch-client_CMakeLists.txt

@@ -14,7 +14,7 @@
  
  ADD_DEFINITIONS(${SSL_DEFINES})
 +IF(FALSE)
- MYSQL_ADD_EXECUTABLE(mysql completion_hash.cc mysql.cc readline.cc ../sql-common/sql_string.cc)
+ MYSQL_ADD_EXECUTABLE(mysql completion_hash.cc mysql.cc readline.cc ../sql-common/sql_string.cc pattern_matcher.cc)
  TARGET_LINK_LIBRARIES(mysql mysqlclient)
  IF(UNIX)
    TARGET_LINK_LIBRARIES(mysql ${EDITLINE_LIBRARY})

databases/mysql80-server/files/patch-cmake_ssl.cmake

@@ -1,15 +1,14 @@
---- cmake/ssl.cmake.orig	2016-08-12 10:55:07 UTC
+--- cmake/ssl.cmake.orig	2018-04-29 16:21:47 UTC
 +++ cmake/ssl.cmake
-@@ -179,6 +179,12 @@ MACRO (MYSQL_CHECK_SSL)
-        OPENSSL_MAJOR_VERSION STREQUAL "1"
+@@ -265,10 +265,10 @@ MACRO (MYSQL_CHECK_SSL)
+         OPENSSL_MAJOR_VERSION "${OPENSSL_VERSION_NUMBER}"
+         )
+     ENDIF()
+     IF(OPENSSL_INCLUDE_DIR AND
+        OPENSSL_LIBRARY   AND
+        CRYPTO_LIBRARY      AND
+-       OPENSSL_MAJOR_VERSION STREQUAL "1"
++       (OPENSSL_MAJOR_VERSION STREQUAL "1" OR OPENSSL_MAJOR_VERSION STREQUAL "2")
        )
        SET(OPENSSL_FOUND TRUE)
-+    ELSEIF(OPENSSL_INCLUDE_DIR AND
-+       OPENSSL_LIBRARY   AND
-+       CRYPTO_LIBRARY      AND
-+       OPENSSL_MAJOR_VERSION STREQUAL "2"
-+      )
-+      SET(OPENSSL_FOUND TRUE)
-     ELSE()
-       SET(OPENSSL_FOUND FALSE)
-     ENDIF()
+       FIND_PROGRAM(OPENSSL_EXECUTABLE openssl

databases/mysql80-server/files/patch-include_my__compare.h

@@ -1,11 +1,11 @@
---- include/my_compare.h.orig	2016-03-28 18:06:12 UTC
+--- include/my_compare.h.orig	2018-04-08 06:44:49 UTC
 +++ include/my_compare.h
-@@ -40,7 +40,7 @@ extern "C" {
+@@ -49,7 +49,7 @@
    But beware the dependency of MI_MAX_POSSIBLE_KEY_BUFF and HA_MAX_KEY_LENGTH.
  */
  
--#define HA_MAX_KEY_LENGTH           1000        /* Max length in bytes */
-+#define HA_MAX_KEY_LENGTH           4000        /* Max length in bytes */
- #define HA_MAX_KEY_SEG              16          /* Max segments for key */
+-#define HA_MAX_KEY_LENGTH 1000 /* Max length in bytes */
++#define HA_MAX_KEY_LENGTH 4000 /* Max length in bytes */
+ #define HA_MAX_KEY_SEG 16      /* Max segments for key */
  
- #define HA_MAX_POSSIBLE_KEY_BUFF    (HA_MAX_KEY_LENGTH + 24+ 6+6)
+ #define HA_MAX_POSSIBLE_KEY_BUFF (HA_MAX_KEY_LENGTH + 24 + 6 + 6)

databases/mysql80-server/files/patch-include_myisam.h

@@ -1,11 +1,11 @@
---- include/myisam.h.orig	2016-03-28 18:06:12 UTC
+--- include/myisam.h.orig	2018-04-08 06:44:49 UTC
 +++ include/myisam.h
-@@ -45,7 +45,7 @@ extern "C" {
+@@ -59,7 +59,7 @@
    The following defines can be increased if necessary.
    But beware the dependency of MI_MAX_POSSIBLE_KEY_BUFF and MI_MAX_KEY_LENGTH.
  */
--#define MI_MAX_KEY_LENGTH           1000            /* Max length in bytes */
-+#define MI_MAX_KEY_LENGTH           4000            /* Max length in bytes */
- #define MI_MAX_KEY_SEG              16              /* Max segments for key */
+-#define MI_MAX_KEY_LENGTH 1000 /* Max length in bytes */
++#define MI_MAX_KEY_LENGTH 4000 /* Max length in bytes */
+ #define MI_MAX_KEY_SEG 16      /* Max segments for key */
  
- #define MI_MAX_KEY_BUFF  (MI_MAX_KEY_LENGTH+MI_MAX_KEY_SEG*6+8+8)
+ #define MI_MAX_KEY_BUFF (MI_MAX_KEY_LENGTH + MI_MAX_KEY_SEG * 6 + 8 + 8)

databases/mysql80-server/files/patch-libmysql_CMakeLists.txt

@@ -1,11 +1,11 @@
 --- libmysql/CMakeLists.txt.orig	2016-03-28 18:06:12 UTC
 +++ libmysql/CMakeLists.txt
 @@ -215,7 +215,7 @@ IF(WIN32)
- ENDIF()
+ ADD_SUBDIRECTORY(authentication_ldap)
  
  # Merge several convenience libraries into one big mysqlclient
--MERGE_LIBRARIES(mysqlclient STATIC ${LIBS} COMPONENT Development)
-+MERGE_LIBRARIES(mysqlclient STATIC ${LIBS} COMPONENT Development NOINSTALL)
+-MERGE_CONVENIENCE_LIBRARIES(mysqlclient ${LIBS} COMPONENT Development)
++MERGE_CONVENIENCE_LIBRARIES(mysqlclient ${LIBS} COMPONENT Development SKIP_INSTALL)
  
  # Visual Studio users need debug  static library for debug projects
  IF(MSVC)
@@ -14,7 +14,7 @@
    MERGE_LIBRARIES(libmysql SHARED ${LIBS}
      EXPORTS ${CLIENT_API_FUNCTIONS} ${CLIENT_API_FUNCTIONS_UNDOCUMENTED}
 -    COMPONENT SharedLibraries)
-+    COMPONENT SharedLibraries NOINSTALL)
++    COMPONENT SharedLibraries SKIP_INSTALL)
 +IF(FALSE)
    IF(UNIX)
      # libtool compatability

databases/mysql80-server/files/patch-mysys__ssl_my__default.cc

@@ -6,11 +6,11 @@
  
 -#define MAX_DEFAULT_DIRS 6
 +#define MAX_DEFAULT_DIRS 7
- #define DEFAULT_DIRS_SIZE (MAX_DEFAULT_DIRS + 1)  /* Terminate with NULL */
+ #define DEFAULT_DIRS_SIZE (MAX_DEFAULT_DIRS + 1) /* Terminate with NULL */
  static const char **default_directories = NULL;
  
 @@ -914,6 +914,14 @@ static int search_default_file_with_ext(
-       return 1;                                 /* Ignore wrong files */
+       return 1; /* Ignore wrong files */
    }
  
 +  if (strstr(name, "/etc") == name)
@@ -21,13 +21,13 @@
 +      goto err;
 +  }
 +
-   while (mysql_file_getline(buff, sizeof(buff) - 1, fp, is_login_file))
-   {
+   while (mysql_file_getline(buff, sizeof(buff) - 1, fp, is_login_file)) {
      line++;
+     /* Ignore comment and empty lines */
 @@ -1252,7 +1260,8 @@ void my_print_default_files(const char *
-             end[(strlen(end)-1)] = ' ';
+             end[(strlen(end) - 1)] = ' ';
            else
-             strxmov(end, conf_file, *ext , " ",  NullS);
+             strxmov(end, conf_file, *ext, " ", NullS);
 -          fputs(name, stdout);
 +          if (strstr(name, "/etc") != name)
 +            fputs(name, stdout);
@@ -53,9 +53,8 @@
 @@ -1488,7 +1492,7 @@ int check_file_permissions(const char *f
    MY_STAT stat_info;
  
-   if (!my_stat(file_name,&stat_info,MYF(0)))
--    return 1;
-+    return 0;
+-  if (!my_stat(file_name, &stat_info, MYF(0))) return 1;
++  if (!my_stat(file_name, &stat_info, MYF(0))) return 0;
    /*
      Ignore .mylogin.cnf file if not exclusively readable/writable
      by current user.

databases/mysql80-server/files/patch-mysys__ssl_my__md5.cc

@@ -0,0 +1,11 @@
+--- mysys_ssl/my_md5.cc.orig	2018-04-08 06:44:49 UTC
++++ mysys_ssl/my_md5.cc
+@@ -56,7 +56,7 @@ static void my_md5_hash(unsigned char *d
+ int compute_md5_hash(char *digest, const char *buf, int len) {
+   int retval = 0;
+   int fips_mode = 0;
+-#if !defined(HAVE_WOLFSSL)
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+   fips_mode = FIPS_mode();
+ #endif /* HAVE_WOLFSSL */
+   /* If fips mode is ON/STRICT restricted method calls will result into abort,

databases/mysql80-server/files/patch-plugin_password__validation_validate__password.cc

@@ -6,6 +6,7 @@
  #include <mysql/service_mysql_string.h>
 +/* solve clash between libc++ bitset::test() and test macro from my_global.h */
 +#undef test
+ #include <stdio.h>
  #include <stdlib.h>
  #include <string.h>
- #include <sys/types.h>
+

databases/mysql80-server/files/patch-plugin_x_CMakeLists.txt

@@ -0,0 +1,17 @@
+--- plugin/x/CMakeLists.txt.orig	2018-04-08 06:44:49 UTC
++++ plugin/x/CMakeLists.txt
+@@ -82,11 +82,14 @@ INCLUDE_DIRECTORIES(
+   ${MYSQLX_PROTOCOL_INCLUDE_DIR}
+   ${MYSQLX_PROJECT_DIR}/client/
+   ${CMAKE_SOURCE_DIR}/extra/regex
++  ${BOOST_INCLUDE_DIR}
+ )
+ 
+ INCLUDE_DIRECTORIES(SYSTEM
+   ${PROTOBUF_INCLUDE_DIRS}
+   ${LIBEVENT_INCLUDE_DIR}
++  ${SSL_INCLUDE_DIRS}
++  ${ZLIB_INCLUDE_DIR}
+ )
+ 
+ SET(MYSQLX_PROTBUF_AND_PROTOCOL_LIB

databases/mysql80-server/files/patch-plugin_x_client_sha256__scramble__generator.cc

@@ -0,0 +1,11 @@
+--- plugin/x/client/sha256_scramble_generator.cc.orig	2018-05-09 14:20:16 UTC
++++ plugin/x/client/sha256_scramble_generator.cc
+@@ -97,7 +97,7 @@ bool SHA256_digest::retrieve_digest(unsi
+     DBUG_RETURN(true);
+   }
+   m_ok = EVP_DigestFinal_ex(md_context, m_digest, nullptr);
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+   EVP_MD_CTX_cleanup(md_context);
+ #else  /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   EVP_MD_CTX_reset(md_context);

databases/mysql80-server/files/patch-plugin_x_client_xconnection__impl.cc

@@ -0,0 +1,37 @@
+--- plugin/x/client/xconnection_impl.cc.orig	2018-04-08 06:44:49 UTC
++++ plugin/x/client/xconnection_impl.cc
+@@ -182,12 +182,12 @@ XError ssl_verify_server_cert(Vio *vio, 
+     return XError{CR_SSL_CONNECTION_ERROR, "Failed to get CN from CN entry"};
+   }
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+-  const auto cn = reinterpret_cast<char *>(ASN1_STRING_data(cn_asn1));
+-#else  /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+   const auto cn =
+       reinterpret_cast<const char *>(ASN1_STRING_get0_data(cn_asn1));
+-#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++#else
++  const auto cn = reinterpret_cast<char *>(ASN1_STRING_data(cn_asn1));
++#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
+   const auto cn_len = static_cast<size_t>(ASN1_STRING_length(cn_asn1));
+ 
+   // There should not be any NULL embedded in the CN
+@@ -451,7 +451,7 @@ XError Connection_impl::get_ssl_error(co
+   return XError(CR_SSL_CONNECTION_ERROR, buffer);
+ }
+ 
+-#ifndef HAVE_WOLFSSL
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+ /**
+   Set fips mode in openssl library,
+   When we set fips mode ON/STRICT, it will perform following operations:
+@@ -501,7 +501,7 @@ XError Connection_impl::activate_tls() {
+   if (!m_context->m_ssl_config.is_configured())
+     return XError{CR_SSL_CONNECTION_ERROR, ER_TEXT_TLS_NOT_CONFIGURATED};
+ 
+-#ifndef HAVE_WOLFSSL
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+   char err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
+   if (set_fips_mode((int)m_context->m_ssl_config.m_ssl_fips_mode, err_string) !=
+       1) {

databases/mysql80-server/files/patch-plugin_x_configure.cmake

@@ -0,0 +1,15 @@
+--- plugin/x/configure.cmake.orig	2018-04-08 06:44:49 UTC
++++ plugin/x/configure.cmake
+@@ -44,6 +44,7 @@ CONFIGURE_FILE(${MYSQLX_PROJECT_DIR}/src
+ CONFIGURE_FILE(${MYSQLX_PROJECT_DIR}/src/mysqlx_version.h.in
+                ${MYSQLX_GENERATE_DIR}/mysqlx_version.h )
+ 
++IF(FALSE)
+ INSTALL(FILES ${MYSQLX_GENERATE_DIR}/mysqlx_error.h
+         DESTINATION ${INSTALL_INCLUDEDIR}
+         COMPONENT Development)
+@@ -55,3 +56,4 @@ INSTALL(FILES ${MYSQLX_GENERATE_DIR}/mys
+ INSTALL(FILES ${MYSQLX_GENERATE_DIR}/mysqlx_version.h
+         DESTINATION ${INSTALL_INCLUDEDIR}
+         COMPONENT Development)
++ENDIF()

databases/mysql80-server/files/patch-rapid_plugin_x_CMakeLists.txt

@@ -1,19 +0,0 @@
---- rapid/plugin/x/CMakeLists.txt.orig	2017-06-27 11:44:29 UTC
-+++ rapid/plugin/x/CMakeLists.txt
-@@ -70,13 +70,14 @@ ELSE()
-     ${CMAKE_CURRENT_SOURCE_DIR}/ngs/include
-     ${CMAKE_SOURCE_DIR}/include #temporary
-     ${CMAKE_CURRENT_BINARY_DIR}/generated
--    ${SSL_INCLUDE_DIRS}
--    ${ZLIB_INCLUDE_DIR}
-+    ${BOOST_INCLUDE_DIR}
-   )
- 
-   INCLUDE_DIRECTORIES(SYSTEM
-     ${PROTOBUF_INCLUDE_DIRS}
-     ${LIBEVENT_INCLUDE_DIR}
-+    ${SSL_INCLUDE_DIRS}
-+    ${ZLIB_INCLUDE_DIR}
-   )
- 
-   IF(XPLUGIN_NO_LITE_PROTOBUF)

databases/mysql80-server/files/patch-rapid_plugin_x_mysqlx__configure.cmake

@@ -1,15 +0,0 @@
---- rapid/plugin/x/mysqlx_configure.cmake.orig	2016-09-14 15:25:26 UTC
-+++ rapid/plugin/x/mysqlx_configure.cmake
-@@ -29,6 +29,7 @@ CONFIGURE_FILE(${MYSQLX_PROJECT_DIR}/src
- CONFIGURE_FILE(${MYSQLX_PROJECT_DIR}/src/mysqlx_version.h.in
-                ${CMAKE_CURRENT_BINARY_DIR}/generated/mysqlx_version.h )
- 
-+IF(FALSE)
- INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/generated/mysqlx_error.h
-         DESTINATION ${INSTALL_INCLUDEDIR}
-         COMPONENT Developement)
-@@ -36,3 +37,4 @@ INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR
- INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/generated/mysqlx_version.h
-         DESTINATION ${INSTALL_INCLUDEDIR}
-         COMPONENT Developement)
-+ENDIF()

databases/mysql80-server/files/patch-rapid_unittest_gunit_xplugin_CMakeLists.txt

@@ -1,10 +0,0 @@
---- rapid/unittest/gunit/xplugin/CMakeLists.txt.orig	2017-09-21 12:20:03 UTC
-+++ rapid/unittest/gunit/xplugin/CMakeLists.txt
-@@ -63,6 +63,7 @@ INCLUDE_DIRECTORIES(
-   ${PROJECT_SOURCE_DIR}/include/mysql
-   ${ZLIB_INCLUDE_DIR}
-   ${CMAKE_BINARY_DIR}/rapid/plugin/x/generated/
-+  ${BOOST_INCLUDE_DIR}
- )
- 
- FILE(

databases/mysql80-server/files/patch-sql-common_client.cc

@@ -0,0 +1,27 @@
+--- sql-common/client.cc.orig	2018-04-08 06:44:49 UTC
++++ sql-common/client.cc
+@@ -2649,11 +2649,11 @@ static int ssl_verify_server_cert(Vio *v
+     goto error;
+   }
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+-  cn = (char *)ASN1_STRING_data(cn_asn1);
+-#else  /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+   cn = (char *)ASN1_STRING_get0_data(cn_asn1);
+-#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++#else  /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
++  cn = (char *)ASN1_STRING_data(cn_asn1);
++#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
+ 
+   // There should not be any NULL embedded in the CN
+   if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn)) {
+@@ -5596,7 +5596,7 @@ int STDCALL mysql_options(MYSQL *mysql, 
+ #endif
+       break;
+     case MYSQL_OPT_SSL_FIPS_MODE: {
+-#if defined(HAVE_OPENSSL) && !defined(HAVE_WOLFSSL)
++#if defined(HAVE_OPENSSL) && !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+       char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
+       ENSURE_EXTENSIONS_PRESENT(&mysql->options);
+       mysql->options.extension->ssl_fips_mode = *(uint *)arg;

databases/mysql80-server/files/patch-sql_CMakeLists.txt

@@ -1,11 +0,0 @@
---- sql/CMakeLists.txt.orig	2016-08-25 11:52:06 UTC
-+++ sql/CMakeLists.txt
-@@ -24,6 +24,8 @@ INCLUDE_DIRECTORIES(
-   ${ZLIB_INCLUDE_DIR}
-   ${SSL_INCLUDE_DIRS}
-   ${CMAKE_BINARY_DIR}/sql
-+  ${CMAKE_BINARY_DIR}/include
-+  ${CMAKE_BINARY_DIR}
-   ${LZ4_INCLUDE_DIR}
- )
- 

databases/mysql80-server/files/patch-sql_auth_sha2__password__common.cc

@@ -0,0 +1,11 @@
+--- sql/auth/sha2_password_common.cc.orig	2018-05-06 18:47:55 UTC
++++ sql/auth/sha2_password_common.cc
+@@ -101,7 +101,7 @@ bool SHA256_digest::retrieve_digest(unsi
+     DBUG_RETURN(true);
+   }
+   m_ok = EVP_DigestFinal_ex(md_context, m_digest, NULL);
+-#if defined(HAVE_WOLFSSL) || OPENSSL_VERSION_NUMBER < 0x10100000L
++#if defined(HAVE_WOLFSSL) || defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+   EVP_MD_CTX_cleanup(md_context);
+ #else  /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   EVP_MD_CTX_reset(md_context);

databases/mysql80-server/files/patch-sql_conn__handler_socket__connection.cc

@@ -1,6 +1,6 @@
---- sql/conn_handler/socket_connection.cc.orig	2017-06-27 11:44:29 UTC
+--- sql/conn_handler/socket_connection.cc.orig	2018-04-08 06:44:49 UTC
 +++ sql/conn_handler/socket_connection.cc
-@@ -903,22 +903,26 @@ Channel_info* Mysqld_socket_listener::li
+@@ -810,20 +810,24 @@ Channel_info *Mysqld_socket_listener::li
      signal(SIGCHLD, SIG_DFL);
      request_init(&req, RQ_DAEMON, m_libwrap_name, RQ_FILE,
                   mysql_socket_getfd(connect_sock), NULL);
@@ -8,26 +8,24 @@
 +    void (*my_fromhost) (void *) = (void (*)(void *)) fromhost;
 +    my_fromhost(&req);
  
--    if (!hosts_access(&req))
+-    if (!hosts_access(&req)) {
 +    int (*my_hosts_access) (void *) = (int (*) (void *)) hosts_access;
-+    if (!my_hosts_access(&req))
-     {
++    if (!my_hosts_access(&req)) {
        /*
          This may be stupid but refuse() includes an exit(0)
          which we surely don't want...
          clean_exit() - same stupid thing ...
        */
 +      char *(*my_eval_client) (void *) = (char *(*) (void *)) eval_client;
-       syslog(LOG_AUTH | m_deny_severity,
--             "refused connect from %s", eval_client(&req));
-+             "refused connect from %s", my_eval_client(&req));
+       syslog(LOG_AUTH | m_deny_severity, "refused connect from %s",
+-             eval_client(&req));
++             my_eval_client(&req));
  
  #ifdef HAVE_LIBWRAP_PROTOTYPES
        // Some distros have patched tcpd.h to have proper prototypes
-       if (req.sink)
--        (req.sink)(req.fd);
-+        ((void (*)(int)) (req.sink))(req.fd);
+-      if (req.sink) (req.sink)(req.fd);
++      if (req.sink) ((void (*)(int)) (req.sink))(req.fd);
 +
  #else
        // Some distros have not patched tcpd.h
-       if (req.sink)
+       if (req.sink) ((void (*)(int))req.sink)(req.fd);

databases/mysql80-server/files/patch-sql_mysqld.cc

@@ -0,0 +1,29 @@
+--- sql/mysqld.cc.orig	2018-04-08 06:44:49 UTC
++++ sql/mysqld.cc
+@@ -4309,7 +4309,7 @@ static int warn_self_signed_ca() {
+ static void init_ssl() {
+ #ifdef HAVE_OPENSSL
+ #ifndef HAVE_WOLFSSL
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+   CRYPTO_malloc_init();
+ #else  /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   OPENSSL_malloc_init();
+@@ -4321,7 +4321,7 @@ static void init_ssl() {
+ 
+ static int init_ssl_communication() {
+ #ifdef HAVE_OPENSSL
+-#ifndef HAVE_WOLFSSL
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+   char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
+   int ret_fips_mode = set_fips_mode(opt_ssl_fips_mode, ssl_err_string);
+   if (ret_fips_mode != 1) {
+@@ -8647,7 +8647,7 @@ bool mysqld_get_one_option(int optid,
+         One can disable SSL later by using --skip-ssl or --ssl=0.
+       */
+       opt_use_ssl = true;
+-#ifdef HAVE_WOLFSSL
++#if defined(HAVE_WOLFSSL) || defined(LIBRESSL_VERSION_NUMBER)
+       /* crl has no effect in wolfSSL. */
+       opt_ssl_crl = NULL;
+       opt_ssl_crlpath = NULL;

databases/mysql80-server/files/patch-sql_sys__vars.cc

@@ -1,38 +1,65 @@
---- sql/sys_vars.cc.orig	2016-03-28 18:06:12 UTC
+--- sql/sys_vars.cc.orig	2018-04-08 06:44:49 UTC
 +++ sql/sys_vars.cc
-@@ -1734,7 +1734,7 @@ static Sys_var_ulong Sys_interactive_tim
-        "connection before closing it",
-        SESSION_VAR(net_interactive_timeout),
-        CMD_LINE(REQUIRED_ARG),
--       VALID_RANGE(1, LONG_TIMEOUT), DEFAULT(NET_WAIT_TIMEOUT), BLOCK_SIZE(1));
-+       VALID_RANGE(1, INT_MAX32/1000), DEFAULT(NET_WAIT_TIMEOUT), BLOCK_SIZE(1));
+@@ -1792,7 +1792,7 @@ static Sys_var_ulong Sys_interactive_tim
+     "The number of seconds the server waits for activity on an interactive "
+     "connection before closing it",
+     SESSION_VAR(net_interactive_timeout), CMD_LINE(REQUIRED_ARG),
+-    VALID_RANGE(1, LONG_TIMEOUT), DEFAULT(NET_WAIT_TIMEOUT), BLOCK_SIZE(1));
++    VALID_RANGE(1, INT_MAX32 / 1000), DEFAULT(NET_WAIT_TIMEOUT), BLOCK_SIZE(1));
  
  static Sys_var_ulong Sys_join_buffer_size(
-        "join_buffer_size",
-@@ -2552,7 +2552,7 @@ static Sys_var_ulong Sys_net_read_timeou
-        "Number of seconds to wait for more data from a connection before "
-        "aborting the read",
-        SESSION_VAR(net_read_timeout), CMD_LINE(REQUIRED_ARG),
--       VALID_RANGE(1, LONG_TIMEOUT), DEFAULT(NET_READ_TIMEOUT), BLOCK_SIZE(1),
-+       VALID_RANGE(1, INT_MAX32/1000), DEFAULT(NET_READ_TIMEOUT), BLOCK_SIZE(1),
-        NO_MUTEX_GUARD, NOT_IN_BINLOG, ON_CHECK(0),
-        ON_UPDATE(fix_net_read_timeout));
+     "join_buffer_size", "The size of the buffer that is used for full joins",
+@@ -2594,7 +2594,7 @@ static Sys_var_ulong Sys_net_read_timeou
+     "Number of seconds to wait for more data from a connection before "
+     "aborting the read",
+     SESSION_VAR(net_read_timeout), CMD_LINE(REQUIRED_ARG),
+-    VALID_RANGE(1, LONG_TIMEOUT), DEFAULT(NET_READ_TIMEOUT), BLOCK_SIZE(1),
++    VALID_RANGE(1, INT_MAX32 / 1000), DEFAULT(NET_READ_TIMEOUT), BLOCK_SIZE(1),
+     NO_MUTEX_GUARD, NOT_IN_BINLOG, ON_CHECK(0),
+     ON_UPDATE(fix_net_read_timeout));
  
-@@ -2568,7 +2568,7 @@ static Sys_var_ulong Sys_net_write_timeo
-        "Number of seconds to wait for a block to be written to a connection "
-        "before aborting the write",
-        SESSION_VAR(net_write_timeout), CMD_LINE(REQUIRED_ARG),
--       VALID_RANGE(1, LONG_TIMEOUT), DEFAULT(NET_WRITE_TIMEOUT), BLOCK_SIZE(1),
-+       VALID_RANGE(1, INT_MAX32/1000), DEFAULT(NET_WRITE_TIMEOUT), BLOCK_SIZE(1),
-        NO_MUTEX_GUARD, NOT_IN_BINLOG, ON_CHECK(0),
-        ON_UPDATE(fix_net_write_timeout));
+@@ -2615,7 +2615,7 @@ static Sys_var_ulong Sys_net_write_timeo
+     "Number of seconds to wait for a block to be written to a connection "
+     "before aborting the write",
+     SESSION_VAR(net_write_timeout), CMD_LINE(REQUIRED_ARG),
+-    VALID_RANGE(1, LONG_TIMEOUT), DEFAULT(NET_WRITE_TIMEOUT), BLOCK_SIZE(1),
++    VALID_RANGE(1, INT_MAX32 / 1000), DEFAULT(NET_WRITE_TIMEOUT), BLOCK_SIZE(1),
+     NO_MUTEX_GUARD, NOT_IN_BINLOG, ON_CHECK(0),
+     ON_UPDATE(fix_net_write_timeout));
  
-@@ -4083,7 +4083,7 @@ static Sys_var_ulong Sys_net_wait_timeou
-        "The number of seconds the server waits for activity on a "
-        "connection before closing it",
-        SESSION_VAR(net_wait_timeout), CMD_LINE(REQUIRED_ARG),
--       VALID_RANGE(1, IF_WIN(INT_MAX32/1000, LONG_TIMEOUT)),
-+       VALID_RANGE(1, INT_MAX32/1000),
-        DEFAULT(NET_WAIT_TIMEOUT), BLOCK_SIZE(1));
+@@ -4098,7 +4098,7 @@ static Sys_var_charptr Sys_tls_version(
+     READ_ONLY GLOBAL_VAR(opt_tls_version), SSL_OPT(OPT_TLS_VERSION),
+     IN_FS_CHARSET, "TLSv1,TLSv1.1,TLSv1.2");
+ 
+-#ifndef HAVE_WOLFSSL
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+ static bool update_fips_mode(sys_var *, THD *, enum_var_type) {
+   char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
+   if (set_fips_mode(opt_ssl_fips_mode, ssl_err_string) != 1) {
+@@ -4110,7 +4110,7 @@ static bool update_fips_mode(sys_var *, 
+ }
+ #endif
+ 
+-#ifdef HAVE_WOLFSSL
++#if defined(HAVE_WOLFSSL) || defined(LIBRESSL_VERSION_NUMBER)
+ static const char *ssl_fips_mode_names[] = {"OFF", 0};
+ #else
+ static const char *ssl_fips_mode_names[] = {"OFF", "ON", "STRICT", 0};
+@@ -4121,7 +4121,7 @@ static Sys_var_enum Sys_ssl_fips_mode(
+     GLOBAL_VAR(opt_ssl_fips_mode), SSL_OPT(OPT_SSL_FIPS_MODE),
+     ssl_fips_mode_names, DEFAULT(0), NO_MUTEX_GUARD, NOT_IN_BINLOG,
+     ON_CHECK(NULL),
+-#ifndef HAVE_WOLFSSL
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+     ON_UPDATE(update_fips_mode),
+ #else
+     ON_UPDATE(NULL),
+@@ -4429,7 +4429,7 @@ static Sys_var_ulong Sys_net_wait_timeou
+     "The number of seconds the server waits for activity on a "
+     "connection before closing it",
+     SESSION_VAR(net_wait_timeout), CMD_LINE(REQUIRED_ARG),
+-    VALID_RANGE(1, IF_WIN(INT_MAX32 / 1000, LONG_TIMEOUT)),
++    VALID_RANGE(1, INT_MAX32 / 1000),
+     DEFAULT(NET_WAIT_TIMEOUT), BLOCK_SIZE(1));
  
  static Sys_var_plugin Sys_default_storage_engine(

databases/mysql80-server/files/patch-storage_myisam_mi__dynrec.c

@@ -1,23 +0,0 @@
---- storage/myisam/mi_dynrec.c.orig	2016-03-28 18:06:12 UTC
-+++ storage/myisam/mi_dynrec.c
-@@ -65,18 +65,13 @@ my_bool mi_dynmap_file(MI_INFO *info, my
-     DBUG_RETURN(1);
-   }
-   /*
--    I wonder if it is good to use MAP_NORESERVE. From the Linux man page:
--    MAP_NORESERVE
--      Do not reserve swap space for this mapping. When swap space is
--      reserved, one has the guarantee that it is possible to modify the
--      mapping. When swap space is not reserved one might get SIGSEGV
--      upon a write if no physical memory is available.
-+    MAP_NORESERVE is unimplemented in FreeBSD
-   */
-   info->s->file_map= (uchar*)
-                   my_mmap(0, (size_t) size,
-                           info->s->mode==O_RDONLY ? PROT_READ :
-                           PROT_READ | PROT_WRITE,
--                          MAP_SHARED | MAP_NORESERVE,
-+                          MAP_SHARED,
-                           info->dfile, 0L);
-   if (info->s->file_map == (uchar*) MAP_FAILED)
-   {

databases/mysql80-server/files/patch-storage_myisam_mi__dynrec.cc

@@ -0,0 +1,22 @@
+--- storage/myisam/mi_dynrec.cc.orig	2016-03-28 18:06:12 UTC
++++ storage/myisam/mi_dynrec.cc
+@@ -65,18 +65,13 @@ bool mi_dynmap_file(MI_INFO *info, my
+     DBUG_RETURN(1);
+   }
+   /*
+-    I wonder if it is good to use MAP_NORESERVE. From the Linux man page:
+-    MAP_NORESERVE
+-      Do not reserve swap space for this mapping. When swap space is
+-      reserved, one has the guarantee that it is possible to modify the
+-      mapping. When swap space is not reserved one might get SIGSEGV
+-      upon a write if no physical memory is available.
++    MAP_NORESERVE is unimplemented in FreeBSD
+   */
+   info->s->file_map = (uchar *)my_mmap(
+       0, (size_t)size,
+       info->s->mode == O_RDONLY ? PROT_READ : PROT_READ | PROT_WRITE,
+-      MAP_SHARED | MAP_NORESERVE, info->dfile, 0L);
++      MAP_SHARED, info->dfile, 0L);
+   if (info->s->file_map == (uchar *)MAP_FAILED) {
+     info->s->file_map = NULL;
+

databases/mysql80-server/files/patch-vio_viosslfactories.cc

@@ -0,0 +1,56 @@
+--- vio/viosslfactories.cc.orig	2018-04-08 06:44:49 UTC
++++ vio/viosslfactories.cc
+@@ -37,6 +37,7 @@
+ 
+ #ifdef HAVE_OPENSSL
+ #include <openssl/dh.h>
++#include <openssl/crypto.h>
+ 
+ #define TLS_VERSION_OPTION_SIZE 256
+ #define SSL_CIPHER_LIST_SIZE 4096
+@@ -135,7 +136,7 @@ static DH *get_dh2048(void) {
+     BIGNUM *p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
+     BIGNUM *g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
+     if (!p || !g
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+         || !DH_set0_pqg(dh, p, NULL, g)
+ #endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
+     ) {
+@@ -143,7 +144,7 @@ static DH *get_dh2048(void) {
+       DH_free(dh);
+       return NULL;
+     }
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+     dh->p = p;
+     dh->g = g;
+ #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+@@ -426,7 +427,7 @@ void ssl_start() {
+   }
+ }
+ 
+-#ifndef HAVE_WOLFSSL
++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+ /**
+   Set fips mode in openssl library,
+   When we set fips mode ON/STRICT, it will perform following operations:
+@@ -449,6 +450,10 @@ int set_fips_mode(const uint fips_mode, 
+   int rc = -1;
+   unsigned int fips_mode_old = -1;
+   unsigned long err_library = 0;
++#if defined(LIBRESSL_VERSION_NUMBER)
++  err_string="LibreSSL deosn't have FIPS_mode functionas";
++  goto EXIT;
++#else
+   if (fips_mode > 2) {
+     goto EXIT;
+   }
+@@ -462,6 +467,7 @@ int set_fips_mode(const uint fips_mode, 
+     ERR_error_string_n(err_library, err_string, OPENSSL_ERROR_LENGTH - 1);
+     err_string[OPENSSL_ERROR_LENGTH - 1] = '\0';
+   }
++#endif
+ EXIT:
+   return rc;
+ }

databases/mysql80-server/pkg-message

@@ -12,7 +12,7 @@ There is no initial password for first time use of MySQL.
 Keep in mind to reset it to a secure password.
 
 MySQL80 has a default %%ETCDIR%%/my.cnf,
-remember to replace it wit your own
+remember to replace it with your own
 or set `mysql_optfile="$YOUR_CNF_FILE` in rc.conf.
 
 *****************************************************************************

databases/mysql80-server/pkg-plist

@@ -16,21 +16,36 @@ bin/mysqlxtest
 bin/perror
 bin/resolve_stack_dump
 bin/resolveip
+bin/zlib_decompress
 lib/mysql/plugin/adt_null.so
 lib/mysql/plugin/auth.so
 lib/mysql/plugin/auth_test_plugin.so
 lib/mysql/plugin/component_example_component1.so
 lib/mysql/plugin/component_example_component2.so
 lib/mysql/plugin/component_example_component3.so
+lib/mysql/plugin/component_log_filter_dragnet.so
 lib/mysql/plugin/component_log_sink_json.so
 lib/mysql/plugin/component_log_sink_syseventlog.so
 lib/mysql/plugin/component_log_sink_test.so
+lib/mysql/plugin/component_mysqlx_global_reset.so
+lib/mysql/plugin/component_pfs_example.so
 lib/mysql/plugin/component_pfs_example_component_population.so
+lib/mysql/plugin/component_test_backup_lock_service.so
 lib/mysql/plugin/component_test_pfs_notification.so
 lib/mysql/plugin/component_test_pfs_resource_group.so
+lib/mysql/plugin/component_test_status_var_service.so
+lib/mysql/plugin/component_test_status_var_service_int.so
+lib/mysql/plugin/component_test_status_var_service_reg_only.so
+lib/mysql/plugin/component_test_status_var_service_str.so
+lib/mysql/plugin/component_test_status_var_service_unreg_only.so
 lib/mysql/plugin/component_test_string_service.so
 lib/mysql/plugin/component_test_string_service_charset.so
 lib/mysql/plugin/component_test_string_service_long.so
+lib/mysql/plugin/component_test_sys_var_service.so
+lib/mysql/plugin/component_test_sys_var_service_int.so
+lib/mysql/plugin/component_test_sys_var_service_same.so
+lib/mysql/plugin/component_test_sys_var_service_str.so
+lib/mysql/plugin/component_test_system_variable_source.so
 lib/mysql/plugin/component_test_udf_registration.so
 lib/mysql/plugin/component_udf_reg_3_func.so
 lib/mysql/plugin/component_udf_reg_avg_func.so
@@ -41,6 +56,7 @@ lib/mysql/plugin/component_udf_reg_real_func.so
 lib/mysql/plugin/component_udf_unreg_3_func.so
 lib/mysql/plugin/component_udf_unreg_int_func.so
 lib/mysql/plugin/component_udf_unreg_real_func.so
+lib/mysql/plugin/component_validate_password.so
 lib/mysql/plugin/connection_control.so
 lib/mysql/plugin/daemon_example.ini
 lib/mysql/plugin/group_replication.so
@@ -50,6 +66,7 @@ lib/mysql/plugin/libdaemon_example.so
 lib/mysql/plugin/libtest_framework.so
 lib/mysql/plugin/libtest_services.so
 lib/mysql/plugin/libtest_services_threaded.so
+lib/mysql/plugin/libtest_session_attach.so
 lib/mysql/plugin/libtest_session_detach.so
 lib/mysql/plugin/libtest_session_in_thd.so
 lib/mysql/plugin/libtest_session_info.so
@@ -72,7 +89,6 @@ lib/mysql/plugin/libtest_x_sessions_init.so
 lib/mysql/plugin/locking_service.so
 lib/mysql/plugin/mypluglib.so
 lib/mysql/plugin/mysql_no_login.so
-lib/mysql/plugin/mysqlx.so
 lib/mysql/plugin/pfs_example_plugin_employee.so
 lib/mysql/plugin/qa_auth_client.so
 lib/mysql/plugin/qa_auth_interface.so
@@ -84,6 +100,7 @@ lib/mysql/plugin/semisync_master.so
 lib/mysql/plugin/semisync_slave.so
 lib/mysql/plugin/test_security_context.so
 lib/mysql/plugin/test_services_plugin_registry.so
+lib/mysql/plugin/udf_example.so
 lib/mysql/plugin/keyring_udf.so
 lib/mysql/plugin/test_udf_services.so
 lib/mysql/plugin/validate_password.so
@@ -103,7 +120,6 @@ man/man1/mysqld_multi.1.gz
 man/man1/mysqld_safe.1.gz
 man/man1/mysqldumpslow.1.gz
 man/man1/mysqlman.1.gz
-man/man1/mysqltest.1.gz
 man/man1/perror.1.gz
 man/man1/resolve_stack_dump.1.gz
 man/man1/resolveip.1.gz