From owner-svn-ports-all@freebsd.org Thu Mar 12 07:47:50 2020 Return-Path: Delivered-To: svn-ports-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id F2DD82774D9; Thu, 12 Mar 2020 07:47:50 +0000 (UTC) (envelope-from joneum@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48dLXQ5Gnsz48gN; Thu, 12 Mar 2020 07:47:50 +0000 (UTC) (envelope-from joneum@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5AE5B21EC5; Thu, 12 Mar 2020 07:47:50 +0000 (UTC) (envelope-from joneum@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 02C7lnvm005579; Thu, 12 Mar 2020 07:47:49 GMT (envelope-from joneum@FreeBSD.org) Received: (from joneum@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 02C7lkuO005561; Thu, 12 Mar 2020 07:47:46 GMT (envelope-from joneum@FreeBSD.org) Message-Id: <202003120747.02C7lkuO005561@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: joneum set sender to joneum@FreeBSD.org using -f From: Jochen Neumeister Date: Thu, 12 Mar 2020 07:47:46 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r528273 - in branches/2020Q1/databases: mysql56-client mysql56-client/files mysql56-server mysql56-server/files X-SVN-Group: ports-branches X-SVN-Commit-Author: joneum X-SVN-Commit-Paths: in branches/2020Q1/databases: mysql56-client mysql56-client/files mysql56-server mysql56-server/files X-SVN-Commit-Revision: 528273 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Mar 2020 07:47:51 -0000 Author: joneum Date: Thu Mar 12 07:47:46 2020 New Revision: 528273 URL: https://svnweb.freebsd.org/changeset/ports/528273 Log: MFH: r528272 This fix a Problem, when MySQL build with libressl /var/ports/usr/ports/databases/mysql56-client/work/mysql-5.6.47/vio/viosslfactories.c:230:25: error: use of undeclared identifier 'SSL_OP_NO_TLSv1_3' SSL_OP_NO_TLSv1_3 | ^ /var/ports/usr/ports/databases/mysql56-client/work/mysql-5.6.47/vio/viosslfactories.c:275:12: warning: implicit declaration of function 'SSL_CTX_set_ciphersuites' is invalid in C99 [-Wimplicit-function-declaration] if (0 == SSL_CTX_set_ciphersuites(ssl_fd->ssl_context, "")) Special thanks for his help to: fluffy PR: 244320 Sponsored by: Netzkommune GmbH Approved by: ports-secteam (joneum) Added: branches/2020Q1/databases/mysql56-client/files/patch-mysys__ssl_my__aes__openssl.cc - copied unchanged from r528272, head/databases/mysql56-client/files/patch-mysys__ssl_my__aes__openssl.cc branches/2020Q1/databases/mysql56-client/files/patch-sql-common_client.c - copied unchanged from r528272, head/databases/mysql56-client/files/patch-sql-common_client.c branches/2020Q1/databases/mysql56-client/files/patch-sql_mysqld.cc - copied unchanged from r528272, head/databases/mysql56-client/files/patch-sql_mysqld.cc branches/2020Q1/databases/mysql56-client/files/patch-vio_vio.c - copied unchanged from r528272, head/databases/mysql56-client/files/patch-vio_vio.c branches/2020Q1/databases/mysql56-client/files/patch-vio_viossl.c - copied unchanged from r528272, head/databases/mysql56-client/files/patch-vio_viossl.c branches/2020Q1/databases/mysql56-client/files/patch-vio_viosslfactories.c - copied unchanged from r528272, head/databases/mysql56-client/files/patch-vio_viosslfactories.c branches/2020Q1/databases/mysql56-server/files/patch-mysys__ssl_my__aes__openssl.cc - copied unchanged from r528272, head/databases/mysql56-server/files/patch-mysys__ssl_my__aes__openssl.cc branches/2020Q1/databases/mysql56-server/files/patch-sql-common_client.c - copied unchanged from r528272, head/databases/mysql56-server/files/patch-sql-common_client.c branches/2020Q1/databases/mysql56-server/files/patch-sql_mysqld.cc - copied unchanged from r528272, head/databases/mysql56-server/files/patch-sql_mysqld.cc branches/2020Q1/databases/mysql56-server/files/patch-vio_vio.c - copied unchanged from r528272, head/databases/mysql56-server/files/patch-vio_vio.c branches/2020Q1/databases/mysql56-server/files/patch-vio_viossl.c - copied unchanged from r528272, head/databases/mysql56-server/files/patch-vio_viossl.c branches/2020Q1/databases/mysql56-server/files/patch-vio_viosslfactories.c - copied unchanged from r528272, head/databases/mysql56-server/files/patch-vio_viosslfactories.c Modified: branches/2020Q1/databases/mysql56-client/Makefile branches/2020Q1/databases/mysql56-client/files/patch-cmake_ssl.cmake branches/2020Q1/databases/mysql56-server/Makefile branches/2020Q1/databases/mysql56-server/files/patch-cmake_ssl.cmake Directory Properties: branches/2020Q1/ (props changed) Modified: branches/2020Q1/databases/mysql56-client/Makefile ============================================================================== --- branches/2020Q1/databases/mysql56-client/Makefile Thu Mar 12 07:42:38 2020 (r528272) +++ branches/2020Q1/databases/mysql56-client/Makefile Thu Mar 12 07:47:46 2020 (r528273) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= mysql -PORTREVISION= 0 +PORTREVISION= 1 PKGNAMESUFFIX= 56-client COMMENT= Multithreaded SQL database (client) Modified: branches/2020Q1/databases/mysql56-client/files/patch-cmake_ssl.cmake ============================================================================== --- branches/2020Q1/databases/mysql56-client/files/patch-cmake_ssl.cmake Thu Mar 12 07:42:38 2020 (r528272) +++ branches/2020Q1/databases/mysql56-client/files/patch-cmake_ssl.cmake Thu Mar 12 07:47:46 2020 (r528273) @@ -1,11 +1,25 @@ ---- cmake/ssl.cmake.orig 2016-11-28 13:36:22 UTC +--- cmake/ssl.cmake.orig 2019-11-26 16:53:45 UTC +++ cmake/ssl.cmake -@@ -176,7 +176,7 @@ MACRO (MYSQL_CHECK_SSL) +@@ -189,13 +189,20 @@ MACRO (MYSQL_CHECK_SSL) + OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}" + ) + ENDIF() +- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0") ++ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION) ++ IF(HAVE_TLS1_3_VERSION) + ADD_DEFINITIONS(-DHAVE_TLSv13) + ENDIF() IF(OPENSSL_INCLUDE_DIR AND OPENSSL_LIBRARY AND CRYPTO_LIBRARY AND - OPENSSL_MAJOR_VERSION STREQUAL "1" + OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1" ++ ) ++ SET(OPENSSL_FOUND TRUE) ++ ELSEIF(OPENSSL_INCLUDE_DIR AND ++ OPENSSL_LIBRARY AND ++ CRYPTO_LIBRARY AND ++ OPENSSL_MAJOR_VERSION STREQUAL "2" ) SET(OPENSSL_FOUND TRUE) ELSE() Copied: branches/2020Q1/databases/mysql56-client/files/patch-mysys__ssl_my__aes__openssl.cc (from r528272, head/databases/mysql56-client/files/patch-mysys__ssl_my__aes__openssl.cc) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q1/databases/mysql56-client/files/patch-mysys__ssl_my__aes__openssl.cc Thu Mar 12 07:47:46 2020 (r528273, copy of r528272, head/databases/mysql56-client/files/patch-mysys__ssl_my__aes__openssl.cc) @@ -0,0 +1,74 @@ +--- mysys_ssl/my_aes_openssl.cc.orig 2019-11-26 16:53:45 UTC ++++ mysys_ssl/my_aes_openssl.cc +@@ -120,7 +120,7 @@ int my_aes_encrypt(const unsigned char *source, uint32 + const unsigned char *key, uint32 key_length, + enum my_aes_opmode mode, const unsigned char *iv) + { +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX stack_ctx; + EVP_CIPHER_CTX *ctx= &stack_ctx; + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ +@@ -135,7 +135,7 @@ int my_aes_encrypt(const unsigned char *source, uint32 + if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) + return MY_AES_BAD_DATA; + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_init(ctx); + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + +@@ -148,7 +148,7 @@ int my_aes_encrypt(const unsigned char *source, uint32 + if (!EVP_EncryptFinal(ctx, dest + u_len, &f_len)) + goto aes_error; /* Error */ + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_cleanup(ctx); + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + EVP_CIPHER_CTX_free(ctx); +@@ -158,7 +158,7 @@ int my_aes_encrypt(const unsigned char *source, uint32 + aes_error: + /* need to explicitly clean up the error if we want to ignore it */ + ERR_clear_error(); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_cleanup(ctx); + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + EVP_CIPHER_CTX_free(ctx); +@@ -172,7 +172,7 @@ int my_aes_decrypt(const unsigned char *source, uint32 + const unsigned char *key, uint32 key_length, + enum my_aes_opmode mode, const unsigned char *iv) + { +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX stack_ctx; + EVP_CIPHER_CTX *ctx= &stack_ctx; + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ +@@ -188,7 +188,7 @@ int my_aes_decrypt(const unsigned char *source, uint32 + if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) + return MY_AES_BAD_DATA; + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_init(ctx); + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + +@@ -201,7 +201,7 @@ int my_aes_decrypt(const unsigned char *source, uint32 + if (!EVP_DecryptFinal_ex(ctx, dest + u_len, &f_len)) + goto aes_error; /* Error */ + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_cleanup(ctx); + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + EVP_CIPHER_CTX_free(ctx); +@@ -211,7 +211,7 @@ int my_aes_decrypt(const unsigned char *source, uint32 + aes_error: + /* need to explicitly clean up the error if we want to ignore it */ + ERR_clear_error(); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_cleanup(ctx); + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + EVP_CIPHER_CTX_free(ctx); Copied: branches/2020Q1/databases/mysql56-client/files/patch-sql-common_client.c (from r528272, head/databases/mysql56-client/files/patch-sql-common_client.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q1/databases/mysql56-client/files/patch-sql-common_client.c Thu Mar 12 07:47:46 2020 (r528273, copy of r528272, head/databases/mysql56-client/files/patch-sql-common_client.c) @@ -0,0 +1,15 @@ +--- sql-common/client.c.orig 2019-11-26 16:53:45 UTC ++++ sql-common/client.c +@@ -1980,7 +1980,11 @@ static int ssl_verify_server_cert(Vio *vio, const char + goto error; + } + +- cn= (char *) ASN1_STRING_data(cn_asn1); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++ cn= (const char *) ASN1_STRING_data(cn_asn1); ++#else ++ cn= (const char *) ASN1_STRING_get0_data(cn_asn1); ++#endif + + // There should not be any NULL embedded in the CN + if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn)) Copied: branches/2020Q1/databases/mysql56-client/files/patch-sql_mysqld.cc (from r528272, head/databases/mysql56-client/files/patch-sql_mysqld.cc) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q1/databases/mysql56-client/files/patch-sql_mysqld.cc Thu Mar 12 07:47:46 2020 (r528273, copy of r528272, head/databases/mysql56-client/files/patch-sql_mysqld.cc) @@ -0,0 +1,65 @@ +--- sql/mysqld.cc.orig 2019-11-26 16:53:45 UTC ++++ sql/mysqld.cc +@@ -1258,7 +1258,7 @@ char *opt_ssl_ca= NULL, *opt_ssl_capath= NULL, *opt_ss + *opt_ssl_crlpath= NULL; + + #ifdef HAVE_OPENSSL +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + #include + typedef struct CRYPTO_dynlock_value + { +@@ -2029,7 +2029,7 @@ static void clean_up_mutexes() + mysql_mutex_destroy(&LOCK_connection_count); + #ifdef HAVE_OPENSSL + mysql_mutex_destroy(&LOCK_des_key_file); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + for (int i= 0; i < CRYPTO_num_locks(); ++i) + mysql_rwlock_destroy(&openssl_stdlocks[i].lock); + OPENSSL_free(openssl_stdlocks); +@@ -2768,7 +2768,7 @@ bool one_thread_per_connection_end(THD *thd, bool bloc + + // Clean up errors now, before possibly waiting for a new connection. + #ifndef EMBEDDED_LIBRARY +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + ERR_remove_thread_state(0); + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + #endif +@@ -4252,7 +4252,7 @@ static int init_thread_environment() + #ifdef HAVE_OPENSSL + mysql_mutex_init(key_LOCK_des_key_file, + &LOCK_des_key_file, MY_MUTEX_INIT_FAST); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + openssl_stdlocks= (openssl_lock_t*) OPENSSL_malloc(CRYPTO_num_locks() * + sizeof(openssl_lock_t)); + for (int i= 0; i < CRYPTO_num_locks(); ++i) +@@ -4301,7 +4301,7 @@ static int init_thread_environment() + OpenSSL 1.1 supports native platform threads, + so we don't need the following callback functions. + */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + + static unsigned long openssl_id_function() + { +@@ -4375,7 +4375,7 @@ static void openssl_lock(int mode, openssl_lock_t *loc + static int init_ssl() + { + #ifdef HAVE_OPENSSL +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + CRYPTO_malloc_init(); + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + OPENSSL_malloc_init(); +@@ -4392,7 +4392,7 @@ static int init_ssl() + opt_ssl_cipher, &error, + opt_ssl_crl, opt_ssl_crlpath); + DBUG_PRINT("info",("ssl_acceptor_fd: 0x%lx", (long) ssl_acceptor_fd)); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + ERR_remove_thread_state(0); + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + if (!ssl_acceptor_fd) Copied: branches/2020Q1/databases/mysql56-client/files/patch-vio_vio.c (from r528272, head/databases/mysql56-client/files/patch-vio_vio.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q1/databases/mysql56-client/files/patch-vio_vio.c Thu Mar 12 07:47:46 2020 (r528273, copy of r528272, head/databases/mysql56-client/files/patch-vio_vio.c) @@ -0,0 +1,11 @@ +--- vio/vio.c.orig 2019-11-26 16:53:45 UTC ++++ vio/vio.c +@@ -394,7 +394,7 @@ void vio_end(void) + { + #if defined(HAVE_OPENSSL) + // This one is needed on the client side +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + ERR_remove_thread_state(0); + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + ERR_free_strings(); Copied: branches/2020Q1/databases/mysql56-client/files/patch-vio_viossl.c (from r528272, head/databases/mysql56-client/files/patch-vio_viossl.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q1/databases/mysql56-client/files/patch-vio_viossl.c Thu Mar 12 07:47:46 2020 (r528273, copy of r528272, head/databases/mysql56-client/files/patch-vio_viossl.c) @@ -0,0 +1,11 @@ +--- vio/viossl.c.orig 2019-11-26 16:53:45 UTC ++++ vio/viossl.c +@@ -403,7 +403,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, + for (j = 0; j < n; j++) + { + SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + DBUG_PRINT("info", (" %d: %s\n", c->id, c->name)); + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + DBUG_PRINT("info", (" %d: %s\n", SSL_COMP_get_id(c), SSL_COMP_get0_name(c))); Copied: branches/2020Q1/databases/mysql56-client/files/patch-vio_viosslfactories.c (from r528272, head/databases/mysql56-client/files/patch-vio_viosslfactories.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q1/databases/mysql56-client/files/patch-vio_viosslfactories.c Thu Mar 12 07:47:46 2020 (r528273, copy of r528272, head/databases/mysql56-client/files/patch-vio_viosslfactories.c) @@ -0,0 +1,20 @@ +--- vio/viosslfactories.c.orig 2019-11-26 16:53:45 UTC ++++ vio/viosslfactories.c +@@ -91,7 +91,7 @@ static DH *get_dh2048(void) + DH_free(dh); + return NULL; + } +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + dh->p= p; + dh->g= g; + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ +@@ -250,7 +250,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi + DBUG_RETURN(0); + + if (!(ssl_fd->ssl_context= SSL_CTX_new(is_client ? +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + SSLv23_client_method() : + SSLv23_server_method() + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ Modified: branches/2020Q1/databases/mysql56-server/Makefile ============================================================================== --- branches/2020Q1/databases/mysql56-server/Makefile Thu Mar 12 07:42:38 2020 (r528272) +++ branches/2020Q1/databases/mysql56-server/Makefile Thu Mar 12 07:47:46 2020 (r528273) @@ -3,7 +3,7 @@ PORTNAME?= mysql PORTVERSION= 5.6.47 -PORTREVISION?= 0 +PORTREVISION?= 1 CATEGORIES= databases MASTER_SITES= MYSQL/MySQL-5.6 PKGNAMESUFFIX?= 56-server Modified: branches/2020Q1/databases/mysql56-server/files/patch-cmake_ssl.cmake ============================================================================== --- branches/2020Q1/databases/mysql56-server/files/patch-cmake_ssl.cmake Thu Mar 12 07:42:38 2020 (r528272) +++ branches/2020Q1/databases/mysql56-server/files/patch-cmake_ssl.cmake Thu Mar 12 07:47:46 2020 (r528273) @@ -1,11 +1,25 @@ ---- cmake/ssl.cmake.orig 2016-11-28 13:36:22 UTC +--- cmake/ssl.cmake.orig 2019-11-26 16:53:45 UTC +++ cmake/ssl.cmake -@@ -176,7 +176,7 @@ MACRO (MYSQL_CHECK_SSL) +@@ -189,13 +189,20 @@ MACRO (MYSQL_CHECK_SSL) + OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}" + ) + ENDIF() +- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0") ++ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION) ++ IF(HAVE_TLS1_3_VERSION) + ADD_DEFINITIONS(-DHAVE_TLSv13) + ENDIF() IF(OPENSSL_INCLUDE_DIR AND OPENSSL_LIBRARY AND CRYPTO_LIBRARY AND - OPENSSL_MAJOR_VERSION STREQUAL "1" + OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1" ++ ) ++ SET(OPENSSL_FOUND TRUE) ++ ELSEIF(OPENSSL_INCLUDE_DIR AND ++ OPENSSL_LIBRARY AND ++ CRYPTO_LIBRARY AND ++ OPENSSL_MAJOR_VERSION STREQUAL "2" ) SET(OPENSSL_FOUND TRUE) ELSE() Copied: branches/2020Q1/databases/mysql56-server/files/patch-mysys__ssl_my__aes__openssl.cc (from r528272, head/databases/mysql56-server/files/patch-mysys__ssl_my__aes__openssl.cc) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q1/databases/mysql56-server/files/patch-mysys__ssl_my__aes__openssl.cc Thu Mar 12 07:47:46 2020 (r528273, copy of r528272, head/databases/mysql56-server/files/patch-mysys__ssl_my__aes__openssl.cc) @@ -0,0 +1,74 @@ +--- mysys_ssl/my_aes_openssl.cc.orig 2019-11-26 16:53:45 UTC ++++ mysys_ssl/my_aes_openssl.cc +@@ -120,7 +120,7 @@ int my_aes_encrypt(const unsigned char *source, uint32 + const unsigned char *key, uint32 key_length, + enum my_aes_opmode mode, const unsigned char *iv) + { +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX stack_ctx; + EVP_CIPHER_CTX *ctx= &stack_ctx; + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ +@@ -135,7 +135,7 @@ int my_aes_encrypt(const unsigned char *source, uint32 + if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) + return MY_AES_BAD_DATA; + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_init(ctx); + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + +@@ -148,7 +148,7 @@ int my_aes_encrypt(const unsigned char *source, uint32 + if (!EVP_EncryptFinal(ctx, dest + u_len, &f_len)) + goto aes_error; /* Error */ + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_cleanup(ctx); + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + EVP_CIPHER_CTX_free(ctx); +@@ -158,7 +158,7 @@ int my_aes_encrypt(const unsigned char *source, uint32 + aes_error: + /* need to explicitly clean up the error if we want to ignore it */ + ERR_clear_error(); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_cleanup(ctx); + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + EVP_CIPHER_CTX_free(ctx); +@@ -172,7 +172,7 @@ int my_aes_decrypt(const unsigned char *source, uint32 + const unsigned char *key, uint32 key_length, + enum my_aes_opmode mode, const unsigned char *iv) + { +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX stack_ctx; + EVP_CIPHER_CTX *ctx= &stack_ctx; + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ +@@ -188,7 +188,7 @@ int my_aes_decrypt(const unsigned char *source, uint32 + if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) + return MY_AES_BAD_DATA; + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_init(ctx); + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + +@@ -201,7 +201,7 @@ int my_aes_decrypt(const unsigned char *source, uint32 + if (!EVP_DecryptFinal_ex(ctx, dest + u_len, &f_len)) + goto aes_error; /* Error */ + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_cleanup(ctx); + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + EVP_CIPHER_CTX_free(ctx); +@@ -211,7 +211,7 @@ int my_aes_decrypt(const unsigned char *source, uint32 + aes_error: + /* need to explicitly clean up the error if we want to ignore it */ + ERR_clear_error(); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + EVP_CIPHER_CTX_cleanup(ctx); + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + EVP_CIPHER_CTX_free(ctx); Copied: branches/2020Q1/databases/mysql56-server/files/patch-sql-common_client.c (from r528272, head/databases/mysql56-server/files/patch-sql-common_client.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q1/databases/mysql56-server/files/patch-sql-common_client.c Thu Mar 12 07:47:46 2020 (r528273, copy of r528272, head/databases/mysql56-server/files/patch-sql-common_client.c) @@ -0,0 +1,15 @@ +--- sql-common/client.c.orig 2019-11-26 16:53:45 UTC ++++ sql-common/client.c +@@ -1980,7 +1980,11 @@ static int ssl_verify_server_cert(Vio *vio, const char + goto error; + } + +- cn= (char *) ASN1_STRING_data(cn_asn1); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++ cn= (const char *) ASN1_STRING_data(cn_asn1); ++#else ++ cn= (const char *) ASN1_STRING_get0_data(cn_asn1); ++#endif + + // There should not be any NULL embedded in the CN + if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn)) Copied: branches/2020Q1/databases/mysql56-server/files/patch-sql_mysqld.cc (from r528272, head/databases/mysql56-server/files/patch-sql_mysqld.cc) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q1/databases/mysql56-server/files/patch-sql_mysqld.cc Thu Mar 12 07:47:46 2020 (r528273, copy of r528272, head/databases/mysql56-server/files/patch-sql_mysqld.cc) @@ -0,0 +1,65 @@ +--- sql/mysqld.cc.orig 2019-11-26 16:53:45 UTC ++++ sql/mysqld.cc +@@ -1258,7 +1258,7 @@ char *opt_ssl_ca= NULL, *opt_ssl_capath= NULL, *opt_ss + *opt_ssl_crlpath= NULL; + + #ifdef HAVE_OPENSSL +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + #include + typedef struct CRYPTO_dynlock_value + { +@@ -2029,7 +2029,7 @@ static void clean_up_mutexes() + mysql_mutex_destroy(&LOCK_connection_count); + #ifdef HAVE_OPENSSL + mysql_mutex_destroy(&LOCK_des_key_file); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + for (int i= 0; i < CRYPTO_num_locks(); ++i) + mysql_rwlock_destroy(&openssl_stdlocks[i].lock); + OPENSSL_free(openssl_stdlocks); +@@ -2768,7 +2768,7 @@ bool one_thread_per_connection_end(THD *thd, bool bloc + + // Clean up errors now, before possibly waiting for a new connection. + #ifndef EMBEDDED_LIBRARY +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + ERR_remove_thread_state(0); + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + #endif +@@ -4252,7 +4252,7 @@ static int init_thread_environment() + #ifdef HAVE_OPENSSL + mysql_mutex_init(key_LOCK_des_key_file, + &LOCK_des_key_file, MY_MUTEX_INIT_FAST); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + openssl_stdlocks= (openssl_lock_t*) OPENSSL_malloc(CRYPTO_num_locks() * + sizeof(openssl_lock_t)); + for (int i= 0; i < CRYPTO_num_locks(); ++i) +@@ -4301,7 +4301,7 @@ static int init_thread_environment() + OpenSSL 1.1 supports native platform threads, + so we don't need the following callback functions. + */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + + static unsigned long openssl_id_function() + { +@@ -4375,7 +4375,7 @@ static void openssl_lock(int mode, openssl_lock_t *loc + static int init_ssl() + { + #ifdef HAVE_OPENSSL +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + CRYPTO_malloc_init(); + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + OPENSSL_malloc_init(); +@@ -4392,7 +4392,7 @@ static int init_ssl() + opt_ssl_cipher, &error, + opt_ssl_crl, opt_ssl_crlpath); + DBUG_PRINT("info",("ssl_acceptor_fd: 0x%lx", (long) ssl_acceptor_fd)); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + ERR_remove_thread_state(0); + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + if (!ssl_acceptor_fd) Copied: branches/2020Q1/databases/mysql56-server/files/patch-vio_vio.c (from r528272, head/databases/mysql56-server/files/patch-vio_vio.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q1/databases/mysql56-server/files/patch-vio_vio.c Thu Mar 12 07:47:46 2020 (r528273, copy of r528272, head/databases/mysql56-server/files/patch-vio_vio.c) @@ -0,0 +1,11 @@ +--- vio/vio.c.orig 2019-11-26 16:53:45 UTC ++++ vio/vio.c +@@ -394,7 +394,7 @@ void vio_end(void) + { + #if defined(HAVE_OPENSSL) + // This one is needed on the client side +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + ERR_remove_thread_state(0); + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + ERR_free_strings(); Copied: branches/2020Q1/databases/mysql56-server/files/patch-vio_viossl.c (from r528272, head/databases/mysql56-server/files/patch-vio_viossl.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q1/databases/mysql56-server/files/patch-vio_viossl.c Thu Mar 12 07:47:46 2020 (r528273, copy of r528272, head/databases/mysql56-server/files/patch-vio_viossl.c) @@ -0,0 +1,11 @@ +--- vio/viossl.c.orig 2019-11-26 16:53:45 UTC ++++ vio/viossl.c +@@ -403,7 +403,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, + for (j = 0; j < n; j++) + { + SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + DBUG_PRINT("info", (" %d: %s\n", c->id, c->name)); + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */ + DBUG_PRINT("info", (" %d: %s\n", SSL_COMP_get_id(c), SSL_COMP_get0_name(c))); Copied: branches/2020Q1/databases/mysql56-server/files/patch-vio_viosslfactories.c (from r528272, head/databases/mysql56-server/files/patch-vio_viosslfactories.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q1/databases/mysql56-server/files/patch-vio_viosslfactories.c Thu Mar 12 07:47:46 2020 (r528273, copy of r528272, head/databases/mysql56-server/files/patch-vio_viosslfactories.c) @@ -0,0 +1,20 @@ +--- vio/viosslfactories.c.orig 2019-11-26 16:53:45 UTC ++++ vio/viosslfactories.c +@@ -91,7 +91,7 @@ static DH *get_dh2048(void) + DH_free(dh); + return NULL; + } +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + dh->p= p; + dh->g= g; + #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ +@@ -250,7 +250,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi + DBUG_RETURN(0); + + if (!(ssl_fd->ssl_context= SSL_CTX_new(is_client ? +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + SSLv23_client_method() : + SSLv23_server_method() + #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */