databases/mysql56*: update to 5.7.33 release

Disable detect of TLSv1.3 functions - it's broken with LibreSSL Release Notes: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-33.html Requested by: joneum
svn path=/head/; revision=563858
2024-12-29 05:38:00 +00:00 · 2021-02-03 02:02:58 +00:00 · 2021-02-03 02:02:58 +00:00 · fa82d30804 · 2021-03-31 03:12:20 +00:00
commit fa82d30804
parent b3269ba45f
8 changed files with 145 additions and 21 deletions
--- a/databases/mysql57-client/Makefile
+++ b/databases/mysql57-client/Makefile
@ -2,7 +2,7 @@
 # $FreeBSD$

 PORTNAME=	mysql
-PORTREVISION=	1
+PORTREVISION=	0
 PKGNAMESUFFIX=	57-client

 COMMENT=	Multithreaded SQL database (client)
--- a/databases/mysql57-client/files/patch-cmake_ssl.cmake
+++ b/databases/mysql57-client/files/patch-cmake_ssl.cmake
@ -1,5 +1,5 @@
--- cmake/ssl.cmake.orig	2020-07-08 22:29:14.999896000 +0200
-+++ cmake/ssl.cmake	2020-07-08 22:44:05.251931000 +0200
+--- cmake/ssl.cmake.orig	2019-12-06 10:41:47 UTC
+++ cmake/ssl.cmake
@@ -150,22 +150,12 @@ MACRO (MYSQL_CHECK_SSL)
       MESSAGE(STATUS "OPENSSL_APPLINK_C ${OPENSSL_APPLINK_C}")
     ENDIF()
@ -23,26 +23,32 @@
 
     IF(OPENSSL_INCLUDE_DIR)
       # Verify version number. Version information looks like:
-@@ -193,7 +183,8 @@ MACRO (MYSQL_CHECK_SSL)
+@@ -193,9 +183,10 @@ MACRO (MYSQL_CHECK_SSL)
       )
     SET(OPENSSL_VERSION ${OPENSSL_VERSION} CACHE INTERNAL "")
 
 -    IF("${OPENSSL_VERSION}" VERSION_GREATER "1.1.0")
-+	CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
-+	IF(HAVE_TLS1_3_VERSION)
-        ADD_DEFINITIONS(-DHAVE_TLSv13)
-        SET(HAVE_TLSv13 1)
+-       ADD_DEFINITIONS(-DHAVE_TLSv13)
+-       SET(HAVE_TLSv13 1)
+    CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
+    IF(HAVE_TLS1_3_VERSION)
+       #ADD_DEFINITIONS(-DHAVE_TLSv13)
+       #SET(HAVE_TLSv13 1)
        IF(SOLARIS)
-@@ -204,6 +195,12 @@ MACRO (MYSQL_CHECK_SSL)
+          SET(FORCE_SSL_SOLARIS "-Wl,--undefined,address_of_sk_new_null")
+        ENDIF()
+@@ -203,7 +204,13 @@ MACRO (MYSQL_CHECK_SSL)
+     IF(OPENSSL_INCLUDE_DIR AND
        OPENSSL_LIBRARY   AND
        CRYPTO_LIBRARY      AND
-        OPENSSL_MAJOR_VERSION STREQUAL "1"
-+	  )
-+  	  SET(OPENSSL_FOUND TRUE)
-+	ELSEIF(OPENSSL_INCLUDE_DIR AND
-+		OPENSSL_LIBRARY   AND
-+		CRYPTO_LIBRARY      AND
-+		OPENSSL_MAJOR_VERSION STREQUAL "2"
+-       OPENSSL_MAJOR_VERSION STREQUAL "1"
+       OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1"
+      )
+      SET(OPENSSL_FOUND TRUE)
+    ELSEIF(OPENSSL_INCLUDE_DIR AND
+       OPENSSL_LIBRARY   AND
+       CRYPTO_LIBRARY      AND
+       OPENSSL_MAJOR_VERSION STREQUAL "2"
       )
       SET(OPENSSL_FOUND TRUE)
     ELSE()
--- a/databases/mysql57-client/files/patch-vio_viosslfactories.c
+++ b/databases/mysql57-client/files/patch-vio_viosslfactories.c
@ -33,3 +33,30 @@
   }
   return(dh);
 }
+@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+   struct st_VioSSLFd *ssl_fd;
+   /* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */
+   long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3
+-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+                         | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+                         ;
+@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+                     SSL_OP_NO_TLSv1 |
+                     SSL_OP_NO_TLSv1_1
+                     | SSL_OP_NO_TLSv1_2
+-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+                     | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+                     | SSL_OP_NO_TICKET
+@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+ 
+   SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
+ 
+-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+   /*
+     MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
+   */
--- a/databases/mysql57-server/Makefile
+++ b/databases/mysql57-server/Makefile
@ -2,8 +2,8 @@
 # $FreeBSD$

 PORTNAME?=	mysql
-PORTVERSION=	5.7.32
-PORTREVISION?=	1
+PORTVERSION=	5.7.33
+PORTREVISION?=	0
 CATEGORIES=	databases
 MASTER_SITES=	MYSQL/MySQL-5.7
 PKGNAMESUFFIX?=	57-server
--- a/databases/mysql57-server/files/patch-cmake_ssl.cmake
+++ b/databases/mysql57-server/files/patch-cmake_ssl.cmake
@ -1,15 +1,42 @@
 --- cmake/ssl.cmake.orig	2019-12-06 10:41:47 UTC
 +++ cmake/ssl.cmake
-@@ -193,7 +193,8 @@ MACRO (MYSQL_CHECK_SSL)
+@@ -150,22 +150,12 @@ MACRO (MYSQL_CHECK_SSL)
+       MESSAGE(STATUS "OPENSSL_APPLINK_C ${OPENSSL_APPLINK_C}")
+     ENDIF()
+ 
+-    # On mac this list is <.dylib;.so;.a>
+-    # We prefer static libraries, so we reverse it here.
+-    IF (WITH_SSL_PATH)
+-      LIST(REVERSE CMAKE_FIND_LIBRARY_SUFFIXES)
+-      MESSAGE(STATUS "suffixes <${CMAKE_FIND_LIBRARY_SUFFIXES}>")
+-    ENDIF()
+-
+     FIND_LIBRARY(OPENSSL_LIBRARY
+                  NAMES ssl libssl ssleay32 ssleay32MD
+                  HINTS ${OPENSSL_ROOT_DIR}/lib)
+     FIND_LIBRARY(CRYPTO_LIBRARY
+                  NAMES crypto libcrypto libeay32
+                  HINTS ${OPENSSL_ROOT_DIR}/lib)
+-    IF (WITH_SSL_PATH)
+-      LIST(REVERSE CMAKE_FIND_LIBRARY_SUFFIXES)
+-    ENDIF()
+ 
+     IF(OPENSSL_INCLUDE_DIR)
+       # Verify version number. Version information looks like:
+@@ -193,9 +183,10 @@ MACRO (MYSQL_CHECK_SSL)
       )
     SET(OPENSSL_VERSION ${OPENSSL_VERSION} CACHE INTERNAL "")
 
 -    IF("${OPENSSL_VERSION}" VERSION_GREATER "1.1.0")
+-       ADD_DEFINITIONS(-DHAVE_TLSv13)
+-       SET(HAVE_TLSv13 1)
 +    CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
 +    IF(HAVE_TLS1_3_VERSION)
-        ADD_DEFINITIONS(-DHAVE_TLSv13)
-        SET(HAVE_TLSv13 1)
+       #ADD_DEFINITIONS(-DHAVE_TLSv13)
+       #SET(HAVE_TLSv13 1)
        IF(SOLARIS)
+          SET(FORCE_SSL_SOLARIS "-Wl,--undefined,address_of_sk_new_null")
+        ENDIF()
@@ -203,7 +204,13 @@ MACRO (MYSQL_CHECK_SSL)
     IF(OPENSSL_INCLUDE_DIR AND
        OPENSSL_LIBRARY   AND
--- a/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c
+++ b/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c
@ -1,5 +1,31 @@
 --- rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c.orig	2020-03-23 17:35:17 UTC
 +++ rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
+@@ -232,7 +232,7 @@ static int configure_ssl_algorithms(SSL_CTX* ssl_ctx, 
+                                     const char* tls_version)
+ {
+   DH *dh= NULL;
+-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+   /* We support TLS up to 1.2, so explicitly disable TLS 1.3. */
+   long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1_3;
+ #else
+@@ -257,14 +257,14 @@ static int configure_ssl_algorithms(SSL_CTX* ssl_ctx, 
+                     SSL_OP_NO_TLSv1 |
+                     SSL_OP_NO_TLSv1_1
+                     | SSL_OP_NO_TLSv1_2
+-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+                     | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+                    );
+ 
+   SSL_CTX_set_options(ssl_ctx, ssl_ctx_options);
+ 
+-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+   /* We do not support TLS 1.3.
+      Setting empty TLS 1.3 ciphersuites disables them. */
+   if (SSL_CTX_set_ciphersuites(ssl_ctx, "") == 0)
@@ -529,7 +529,7 @@ int xcom_init_ssl(const char *server_key_file, const c
     break e.g. ODBC clients (if the client also uses SSL).
   */
--- a/databases/mysql57-server/files/patch-sql_locks_sharedspinlock.cc
+++ b/databases/mysql57-server/files/patch-sql_locks_sharedspinlock.cc
@ -0,0 +1,11 @@
+--- sql/locks/shared_spin_lock.cc.orig	2020-12-10 03:01:55 UTC
+++ sql/locks/shared_spin_lock.cc
+@@ -239,7 +239,7 @@ lock::Shared_spin_lock &lock::Shared_spin_lock::try_or
+   {
+     this->spin_exclusive_lock();
+   }
+-  my_atomic_store64(&this->m_exclusive_owner, self);
+  my_atomic_store64(&this->m_exclusive_owner, reinterpret_cast<int64>(self));
+   return (*this);
+ }
+ 
--- a/databases/mysql57-server/files/patch-vio_viosslfactories.c
+++ b/databases/mysql57-server/files/patch-vio_viosslfactories.c
@ -33,3 +33,30 @@
   }
   return(dh);
 }
+@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+   struct st_VioSSLFd *ssl_fd;
+   /* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */
+   long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3
+-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+                         | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+                         ;
+@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+                     SSL_OP_NO_TLSv1 |
+                     SSL_OP_NO_TLSv1_1
+                     | SSL_OP_NO_TLSv1_2
+-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+                     | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+                     | SSL_OP_NO_TICKET
+@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+ 
+   SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
+ 
+-#ifdef HAVE_TLSv13
+#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+   /*
+     MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
+   */