- Update Percona Server/Client to 5.7.28-31 release [1]

* When using skip-innodb_doublewrite in my.cnf, a parallel doublewrite buffer is still created. Bugs fixed #3411. * During a binlogging replication event, if the master crashes after the multi-threaded slave has begun copying to the slave’s relay log and before the process has completed, a STOP SLAVE on the slave takes longer than expected. Bug fixed #5824. * If pam_krb5 is configured to allow the user to change their password, and the password expired, the server crashed after receiving the new password. Bug fixed #6023. - Provide LibreSSL support [2] - Take maintainership. feld@ didn't pet the ports for almost two years, all updates was committed with maintainer timeout PR: 242649 Submitted by: Igor Zabelin [1]. fluffy@ [2] Approved by: maintainer (feld@, timeout >2 weeks)
author: Dima Panov <fluffy@FreeBSD.org> 2019-12-31 04:42:42 +0000
committer: Dima Panov <fluffy@FreeBSD.org> 2019-12-31 04:42:42 +0000
commit: 841ac9b3023caba2c89b32cea0a48c2e8b09e74e (patch)
tree: a0bc73b4f10647b585d406a7ebba768f95859e2a
parent: Update to the latest MIT krb5 commit on github. (diff)
10 files changed, 108 insertions, 20 deletions
diff --git a/databases/percona57-client/files/patch-cmake_ssl.cmake b/databases/percona57-client/files/patch-cmake_ssl.cmake
new file mode 100644
index 000000000000..d32169c23961
--- /dev/null
+++ b/databases/percona57-client/files/patch-cmake_ssl.cmake
@@ -0,0 +1,22 @@
+--- cmake/ssl.cmake.orig	2019-11-09 00:33:40.000000000 +1000
++++ cmake/ssl.cmake	2019-12-13 23:08:53.686402000 +1000
+@@ -189,7 +189,8 @@ MACRO (MYSQL_CHECK_SSL)
+         OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
+         )
+     ENDIF()
+-    IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
++    CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
++    IF(HAVE_TLS1_3_VERSION)
+        ADD_DEFINITIONS(-DHAVE_TLSv13)
+        SET(HAVE_TLSv13 1)
+        IF(SOLARIS)
+@@ -198,8 +199,7 @@ MACRO (MYSQL_CHECK_SSL)
+     ENDIF()
+     IF(OPENSSL_INCLUDE_DIR AND
+        OPENSSL_LIBRARY   AND
+-       CRYPTO_LIBRARY      AND
+-       OPENSSL_MAJOR_VERSION STREQUAL "1"
++       CRYPTO_LIBRARY
+       )
+       SET(OPENSSL_FOUND TRUE)
+     ELSE()
diff --git a/databases/percona57-client/files/patch-mysys__ssl_my__crypt.cc b/databases/percona57-client/files/patch-mysys__ssl_my__crypt.cc
new file mode 100644
index 000000000000..56a64a6300a5
--- /dev/null
+++ b/databases/percona57-client/files/patch-mysys__ssl_my__crypt.cc
@@ -0,0 +1,21 @@
+--- mysys_ssl/my_crypt.cc.orig	2019-05-16 05:06:00 UTC
++++ mysys_ssl/my_crypt.cc
+@@ -30,7 +30,7 @@
+ #include <boost/move/unique_ptr.hpp>
+ #include <boost/core/noncopyable.hpp>
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf)
+ #define RAND_OpenSSL() RAND_SSLeay()
+ #endif
+@@ -95,7 +95,8 @@ MyEncryptionCTX::MyEncryptionCTX()
+ MyEncryptionCTX::~MyEncryptionCTX()
+ {
+   
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
++    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02090000fL)
+   EVP_CIPHER_CTX_cleanup(ctx);
+   delete ctx;
+   ERR_remove_thread_state(0);
diff --git a/databases/percona57-client/files/patch-sql_auth_sha2__password__common.cc b/databases/percona57-client/files/patch-sql_auth_sha2__password__common.cc
new file mode 100644
index 000000000000..1d2486c48d20
--- /dev/null
+++ b/databases/percona57-client/files/patch-sql_auth_sha2__password__common.cc
@@ -0,0 +1,12 @@
+--- sql/auth/sha2_password_common.cc.orig	2019-05-16 05:06:00 UTC
++++ sql/auth/sha2_password_common.cc
+@@ -146,7 +146,8 @@ bool SHA256_digest::retrieve_digest(unsigned char *dig
+     DBUG_RETURN(true);
+   }
+   m_ok= EVP_DigestFinal_ex(md_context, m_digest, NULL);
+-#if defined(HAVE_WOLFSSL) || OPENSSL_VERSION_NUMBER < 0x10100000L
++#if defined(HAVE_WOLFSSL) || OPENSSL_VERSION_NUMBER < 0x10100000L || \
++    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL)
+   EVP_MD_CTX_cleanup(md_context);
+ #else  /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   EVP_MD_CTX_reset(md_context);
diff --git a/databases/percona57-client/files/patch-vio_viosslfactories.c b/databases/percona57-client/files/patch-vio_viosslfactories.c
new file mode 100644
index 000000000000..35fadb4c302e
--- /dev/null
+++ b/databases/percona57-client/files/patch-vio_viosslfactories.c
@@ -0,0 +1,11 @@
+--- vio/viosslfactories.c.orig	2019-05-16 05:06:00 UTC
++++ vio/viosslfactories.c
+@@ -123,7 +123,7 @@ static DH *get_dh2048(void)
+   {
+     BIGNUM* p= BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
+     BIGNUM* g= BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+     dh->p= p;
+     dh->g= g;
+     if (! dh->p || ! dh->g)
diff --git a/databases/percona57-server/Makefile b/databases/percona57-server/Makefile
index d8965c6fd6c6..49d0ef753524 100644
--- a/databases/percona57-server/Makefile
+++ b/databases/percona57-server/Makefile
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME?=	percona
-DISTVERSION=	5.7.27-30
+DISTVERSION=	5.7.28-31
 PORTREVISION?=	0
 CATEGORIES=	databases
 MASTER_SITES=	http://www.percona.com/downloads/Percona-Server-5.7/Percona-Server-${DISTVERSION}/source/tarball/:percona \
@@ -12,7 +12,7 @@ DISTNAME=	percona-server-${DISTVERSION}
 DISTFILES=	percona-server-${DISTVERSION}${EXTRACT_SUFX}:percona \
 		boost_1_59_0${EXTRACT_SUFX}:boost
 
-MAINTAINER=	feld@FreeBSD.org
+MAINTAINER=	fluffy@FreeBSD.org
 COMMENT?=	Multithreaded SQL database (server)
 
 LICENSE?=	GPLv2+
@@ -24,7 +24,7 @@ LIB_DEPENDS=	libevent.so:devel/libevent \
 SLAVEDIRS=	databases/percona57-client \
 		databases/percona57-pam-for-mysql
 USES=		bison:build cmake:insource,noninja compiler:c11 \
-		cpe libedit localbase perl5 shebangfix
+		cpe libedit localbase perl5 shebangfix ssl
 
 MY_DBDIR=	/var/db/mysql
 MY_SECDIR=	/var/db/mysql_secure
@@ -45,7 +45,7 @@ CMAKE_ARGS+=	-DINSTALL_LAYOUT=FREEBSD \
 		-DINSTALL_MYSQLDATADIR="/var/db/mysql" \
 		-DINSTALL_SECURE_FILE_PRIVDIR="${MY_SECDIR}" \
 		-DINSTALL_MYSQLSHAREDIR="share/mysql" \
-		-DINSTALL_MYSQLTESTDIR="${MY_TESTDIR}" \
+		-DINSTALL_MYSQLTESTDIR=0 \
 		-DINSTALL_PLUGINDIR="lib/mysql/plugin" \
 		-DINSTALL_SBINDIR="libexec" \
 		-DINSTALL_SCRIPTDIR="bin" \
@@ -131,11 +131,11 @@ CMAKE_ARGS+=	-DWITH_AUTHENTICATION_LDAP=0
 
 .include <bsd.port.options.mk>
 
-.if !${SSL_DEFAULT:Mlibressl*}
-MY_TESTDIR=	"share/mysql/tests"
-.else
-MY_TESTDIR=	""
-.endif
+#.if !${SSL_DEFAULT:Mlibressl*}
+#MY_TESTDIR=	"share/mysql/tests"
+#.else
+#MY_TESTDIR=	""
+#.endif
 
 .if ${OPSYS} == FreeBSD && ${OSVERSION} >= 1200057
 SUB_LIST+=	LEGACY_LIMITS="@comment " MODERN_LIMITS=""
diff --git a/databases/percona57-server/distinfo b/databases/percona57-server/distinfo
index 51be64a3d29d..4bbe7db515a2 100644
--- a/databases/percona57-server/distinfo
+++ b/databases/percona57-server/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1567963686
-SHA256 (percona-server-5.7.27-30.tar.gz) = b50dff3d222c6444468ff328c652df24a81103627c9da2fa98ee878b8f65a226
-SIZE (percona-server-5.7.27-30.tar.gz) = 84672298
+TIMESTAMP = 1576055476
+SHA256 (percona-server-5.7.28-31.tar.gz) = 8a55a37b494086850ff3699d4f1ef39b2cfe9aa4d35662505dc372ccb9cb283f
+SIZE (percona-server-5.7.28-31.tar.gz) = 84704254
 SHA256 (boost_1_59_0.tar.gz) = 47f11c8844e579d02691a607fbd32540104a9ac7a2534a8ddaef50daf502baac
 SIZE (boost_1_59_0.tar.gz) = 83709983
diff --git a/databases/percona57-server/files/patch-client_CMakeLists.txt b/databases/percona57-server/files/patch-client_CMakeLists.txt
index 09de11a195d7..e89ab375d99c 100644
--- a/databases/percona57-server/files/patch-client_CMakeLists.txt
+++ b/databases/percona57-server/files/patch-client_CMakeLists.txt
@@ -47,7 +47,7 @@
 @@ -97,9 +100,12 @@ TARGET_LINK_LIBRARIES(mysqlslap perconas
  
  MYSQL_ADD_EXECUTABLE(mysql_config_editor mysql_config_editor.cc)
- TARGET_LINK_LIBRARIES(mysql_config_editor perconaserverclient)
+ TARGET_LINK_LIBRARIES(mysql_config_editor ${FORCE_SSL_SOLARIS} perconaserverclient)
 +ENDIF()
  
 +IF(FALSE)
diff --git a/databases/percona57-server/files/patch-cmake_ssl.cmake b/databases/percona57-server/files/patch-cmake_ssl.cmake
new file mode 100644
index 000000000000..d32169c23961
--- /dev/null
+++ b/databases/percona57-server/files/patch-cmake_ssl.cmake
@@ -0,0 +1,22 @@
+--- cmake/ssl.cmake.orig	2019-11-09 00:33:40.000000000 +1000
++++ cmake/ssl.cmake	2019-12-13 23:08:53.686402000 +1000
+@@ -189,7 +189,8 @@ MACRO (MYSQL_CHECK_SSL)
+         OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
+         )
+     ENDIF()
+-    IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
++    CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
++    IF(HAVE_TLS1_3_VERSION)
+        ADD_DEFINITIONS(-DHAVE_TLSv13)
+        SET(HAVE_TLSv13 1)
+        IF(SOLARIS)
+@@ -198,8 +199,7 @@ MACRO (MYSQL_CHECK_SSL)
+     ENDIF()
+     IF(OPENSSL_INCLUDE_DIR AND
+        OPENSSL_LIBRARY   AND
+-       CRYPTO_LIBRARY      AND
+-       OPENSSL_MAJOR_VERSION STREQUAL "1"
++       CRYPTO_LIBRARY
+       )
+       SET(OPENSSL_FOUND TRUE)
+     ELSE()
diff --git a/databases/percona57-server/files/patch-libmysql_CMakeLists.txt b/databases/percona57-server/files/patch-libmysql_CMakeLists.txt
index f7d94508b549..d66517c9ed59 100644
--- a/databases/percona57-server/files/patch-libmysql_CMakeLists.txt
+++ b/databases/percona57-server/files/patch-libmysql_CMakeLists.txt
@@ -4,21 +4,21 @@
  ADD_SUBDIRECTORY(authentication_ldap)
    
  # Merge several convenience libraries into one big perconaserverclient
--MERGE_CONVENIENCE_LIBRARIES(perconaserverclient ${LIBS} COMPONENT Development)
-+MERGE_CONVENIENCE_LIBRARIES(perconaserverclient ${LIBS} COMPONENT Development SKIP_INSTALL)
- 
+-MERGE_CONVENIENCE_LIBRARIES(perconaserverclient ${LIBS_TO_MERGE} COMPONENT Development)
++MERGE_CONVENIENCE_LIBRARIES(perconaserverclient ${LIBS_TO_MERGE} COMPONENT Development SKIP_INSTALL)
+ TARGET_LINK_LIBRARIES(perconaserverclient ${LIBS_TO_LINK})
+
  # Visual Studio users need debug  static library for debug projects
- IF(MSVC)
 @@ -271,7 +271,8 @@
    # and link them together into shared library.
-   MERGE_LIBRARIES_SHARED(libmysql ${LIBS}
+   MERGE_LIBRARIES_SHARED(libmysql ${LIBS_TO_MERGE}
      EXPORTS ${CLIENT_API_FUNCTIONS} ${CLIENT_API_FUNCTIONS_UNDOCUMENTED}
 -    COMPONENT SharedLibraries)
 +    COMPONENT SharedLibraries SKIP_INSTALL)
+   TARGET_LINK_LIBRARIES(libmysql ${LIBS_TO_LINK})
 +IF(FALSE)
    IF(UNIX)
      # libtool compatability
-     IF(CMAKE_SYSTEM_NAME MATCHES "FreeBSD" OR APPLE)
 @@ -327,6 +328,7 @@
  # to initialize api_calls[] array in api_test.c
  #
diff --git a/databases/percona57-server/files/patch-sql_mysqld.cc b/databases/percona57-server/files/patch-sql_mysqld.cc
index ce4d118965a5..184ace5eab3e 100644
--- a/databases/percona57-server/files/patch-sql_mysqld.cc
+++ b/databases/percona57-server/files/patch-sql_mysqld.cc
@@ -20,11 +20,11 @@
 @@ -3678,6 +3688,7 @@ static int init_ssl()
  {
  #ifdef HAVE_OPENSSL
- #ifndef HAVE_YASSL
 +#ifndef LIBRESSL_VERSION_NUMBER
    int fips_mode= FIPS_mode();
    if (fips_mode != 0)
    {
+     /* FIPS is enabled, Log warning and Disable it now */
 @@ -3687,7 +3698,9 @@ static int init_ssl()
          " Disabling FIPS.");
      FIPS_mode_set(0);
author	Dima Panov <fluffy@FreeBSD.org>	2019-12-31 04:42:42 +0000
committer	Dima Panov <fluffy@FreeBSD.org>	2019-12-31 04:42:42 +0000
commit	841ac9b3023caba2c89b32cea0a48c2e8b09e74e (patch)
tree	a0bc73b4f10647b585d406a7ebba768f95859e2a
parent	Update to the latest MIT krb5 commit on github. (diff)