pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2019Q2] pkgsrc/databases



Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Sun Sep  8 16:55:18 UTC 2019

Modified Files:
        pkgsrc/databases/mysql56-client [pkgsrc-2019Q2]: Makefile
            Makefile.common distinfo
        pkgsrc/databases/mysql56-client/patches [pkgsrc-2019Q2]:
            patch-include_my_net.h
        pkgsrc/databases/mysql56-server [pkgsrc-2019Q2]: Makefile
Added Files:
        pkgsrc/databases/mysql56-client/patches [pkgsrc-2019Q2]:
            patch-include_m__string.h patch-mysys__ssl_my__aes__openssl.cc
            patch-sql_mysqld.cc patch-sql_rpl__slave.cc
            patch-storage_innobase_include_univ.i patch-vio_vio.c
            patch-vio_viosslfactories.c
Removed Files:
        pkgsrc/databases/mysql56-client/patches [pkgsrc-2019Q2]:
            patch-sql-common_client__authentication.cc

Log Message:
Pullup ticket #6028 - requested by taca
databases/mysql56-client: security fix

Revisions pulled up:
- databases/mysql56-client/Makefile                             1.31
- databases/mysql56-client/Makefile.common                      1.52
- databases/mysql56-client/distinfo                             1.52-1.53
- databases/mysql56-client/patches/patch-include_m__string.h    1.1
- databases/mysql56-client/patches/patch-include_my_net.h       1.2
- databases/mysql56-client/patches/patch-mysys__ssl_my__aes__openssl.cc 1.1
- databases/mysql56-client/patches/patch-sql-common_client__authentication.cc deleted
- databases/mysql56-client/patches/patch-sql_mysqld.cc          1.5
- databases/mysql56-client/patches/patch-sql_rpl__slave.cc      1.3
- databases/mysql56-client/patches/patch-storage_innobase_include_univ.i 1.1
- databases/mysql56-client/patches/patch-vio_vio.c              1.3
- databases/mysql56-client/patches/patch-vio_viosslfactories.c  1.3
- databases/mysql56-server/Makefile                             1.38

---
   Module Name: pkgsrc
   Committed By:        adam
   Date:                Tue Aug  6 06:55:15 UTC 2019

   Modified Files:
        pkgsrc/databases/mysql56-client: Makefile Makefile.common distinfo
        pkgsrc/databases/mysql56-server: Makefile
   Removed Files:
        pkgsrc/databases/mysql56-client/patches:
            patch-sql-common_client__authentication.cc

   Log Message:
   mysql56: updated to 5.6.45

   Changes in MySQL 5.6.45:

   Functionality Added or Changed

   Microsoft Windows: A new warning message now reminds DBAs that connections made using the MySQL named pipe on Windows has limited the permissions a connector can request on the named pipe.

   Previously, the named_pipe_full_access_group system variable was set to a value that maps to the built-in Windows Everyone group (SID S-1-1-0) by default. However, this group is not ideal and 
should be replaced with a group that restricts its membership for connectors that are unable to request fewer permissions on the MySQL named pipe.

   The new warning is written to the error log at startup if the string value assigned to named_pipe_full_access_group is '*everyone*' (or the Windows System Language equivalent) and named pipes are 
enabled. In addition, the warning is written to the error log and raised to the client if the system variable is reset to the Everyone group at runtime.

   Bugs Fixed

   InnoDB: A query that scanned the primary key of a table did not return the expected result.

   InnoDB: A full-text cache lock taken when data is synchronized was not released if the full-text cache size exceeded the full-text cache size limit.

   InnoDB: Client sessions using different auto_increment_increment values while performing concurrent insert operations could cause a duplicate key error.

   Replication: In query log events in the binary log, the thread ID used for the execution of DROP TABLE and DELETE statements was identified incorrectly or not at all. On a multi-threaded 
replication slave, where temporary tables were involved (which require the correct thread ID as they are session specific), this omission resulted in errors when using mysqlbinlog to replay the 
binary log for point-in-time recovery. The thread ID is now set correctly.

   Installing from RPM packages could result in an error log with incorrect permissions.

   Enabling audit log encryption could cause a server exit.

   MySQL Installer did not install OpenSSL DLL dependencies if the Development component was not selected.

   The parser could leak memory for certain multiple-statement queries.

   MySQL does not support OpenSSL session tickets, but did not set the SSL_OP_NO_TICKET flag to inform OpenSSL of that. The flag is now set.

   UpdateXML() did not always free memory properly in certain cases.

   Empty values in the name column of the mysql.plugin system table caused the server to exit during startup.

   Some PROXY grants were not replicated to slaves, causing incorrect replication.

   If an INSTALL PLUGIN statement contained invalid UTF-8 characters in the shared library name, it caused the server to hang (or to raise an assertion in debug builds).

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Fri Sep  6 10:01:44 UTC 2019

   Modified Files:
        pkgsrc/databases/mysql56-client: distinfo
        pkgsrc/databases/mysql56-client/patches: patch-include_my_net.h
   Added Files:
        pkgsrc/databases/mysql56-client/patches: patch-include_m__string.h
            patch-mysys__ssl_my__aes__openssl.cc patch-sql_mysqld.cc
            patch-sql_rpl__slave.cc patch-storage_innobase_include_univ.i
            patch-vio_vio.c patch-vio_viosslfactories.c

   Log Message:
   databases/mysql56-client: allow build with OpenSSL 1.1.x

   * Allow mysql56-{client,server} build with OpenSSL 1.1.x.
   * Reduce a few useless warnings.


To generate a diff of this commit:
cvs rdiff -u -r1.30 -r1.30.2.1 pkgsrc/databases/mysql56-client/Makefile
cvs rdiff -u -r1.51 -r1.51.2.1 \
    pkgsrc/databases/mysql56-client/Makefile.common \
    pkgsrc/databases/mysql56-client/distinfo
cvs rdiff -u -r0 -r1.1.2.2 \
    pkgsrc/databases/mysql56-client/patches/patch-include_m__string.h \
    pkgsrc/databases/mysql56-client/patches/patch-mysys__ssl_my__aes__openssl.cc \
    pkgsrc/databases/mysql56-client/patches/patch-storage_innobase_include_univ.i
cvs rdiff -u -r1.1 -r1.1.54.1 \
    pkgsrc/databases/mysql56-client/patches/patch-include_my_net.h
cvs rdiff -u -r1.1 -r0 \
    pkgsrc/databases/mysql56-client/patches/patch-sql-common_client__authentication.cc
cvs rdiff -u -r0 -r1.5.2.2 \
    pkgsrc/databases/mysql56-client/patches/patch-sql_mysqld.cc
cvs rdiff -u -r0 -r1.3.2.2 \
    pkgsrc/databases/mysql56-client/patches/patch-sql_rpl__slave.cc \
    pkgsrc/databases/mysql56-client/patches/patch-vio_vio.c \
    pkgsrc/databases/mysql56-client/patches/patch-vio_viosslfactories.c
cvs rdiff -u -r1.37 -r1.37.2.1 pkgsrc/databases/mysql56-server/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/databases/mysql56-client/Makefile
diff -u pkgsrc/databases/mysql56-client/Makefile:1.30 pkgsrc/databases/mysql56-client/Makefile:1.30.2.1
--- pkgsrc/databases/mysql56-client/Makefile:1.30       Tue Apr 30 17:20:23 2019
+++ pkgsrc/databases/mysql56-client/Makefile    Sun Sep  8 16:55:17 2019
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.30 2019/04/30 17:20:23 abs Exp $
+# $NetBSD: Makefile,v 1.30.2.1 2019/09/08 16:55:17 bsiegert Exp $
 
 PKGNAME=       ${DISTNAME:S/-/-client-/}
-PKGREVISION=   1
 COMMENT=       MySQL 5, a free SQL database (client)
 
 CONFLICTS=     mysql3-client-[0-9]*

Index: pkgsrc/databases/mysql56-client/Makefile.common
diff -u pkgsrc/databases/mysql56-client/Makefile.common:1.51 pkgsrc/databases/mysql56-client/Makefile.common:1.51.2.1
--- pkgsrc/databases/mysql56-client/Makefile.common:1.51        Wed Jun  5 09:35:18 2019
+++ pkgsrc/databases/mysql56-client/Makefile.common     Sun Sep  8 16:55:17 2019
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile.common,v 1.51 2019/06/05 09:35:18 jperkin Exp $
+# $NetBSD: Makefile.common,v 1.51.2.1 2019/09/08 16:55:17 bsiegert Exp $
 #
 # used by databases/mysql56-client/Makefile
 # used by databases/mysql56-server/Makefile
 
-DISTNAME=      mysql-5.6.44
+DISTNAME=      mysql-5.6.45
 CATEGORIES=    databases
 MASTER_SITES=  ${MASTER_SITE_MYSQL:=MySQL-5.6/}
 
Index: pkgsrc/databases/mysql56-client/distinfo
diff -u pkgsrc/databases/mysql56-client/distinfo:1.51 pkgsrc/databases/mysql56-client/distinfo:1.51.2.1
--- pkgsrc/databases/mysql56-client/distinfo:1.51       Thu Apr 25 08:53:43 2019
+++ pkgsrc/databases/mysql56-client/distinfo    Sun Sep  8 16:55:17 2019
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.51 2019/04/25 08:53:43 adam Exp $
+$NetBSD: distinfo,v 1.51.2.1 2019/09/08 16:55:17 bsiegert Exp $
 
-SHA1 (mysql-5.6.44.tar.gz) = 7bc331b735c480fc48427e7c8986a2bb82538d6c
-RMD160 (mysql-5.6.44.tar.gz) = 6a6c0a18503e5f6b758e76c76d612a4ada3a8296
-SHA512 (mysql-5.6.44.tar.gz) = 65ace1c803773ca6c8759d171c09bc93c7d61b8e3208ac9905f82e99087622c9dcca602d2da217741dc62fc6eabe9108ebc7f31facd26705072eae65fcc37077
-Size (mysql-5.6.44.tar.gz) = 32531507 bytes
+SHA1 (mysql-5.6.45.tar.gz) = f42901c8d52297912da4978ec9422458cff72071
+RMD160 (mysql-5.6.45.tar.gz) = c711161babd1b8f9b7f96d88264a468972a83a0b
+SHA512 (mysql-5.6.45.tar.gz) = f9d8bb72e96cc83f1064fe7df2e5fe8317ca9d44c4e776cf7827a61292fbcfccec716806c80d565958383d78fef93a19d61c726687b57680d5f93299291ff168
+Size (mysql-5.6.45.tar.gz) = 32525559 bytes
 SHA1 (sphinx-2.2.11-release.tar.gz) = 34e83f43de0e69e258bf749ea00348c60a51632a
 RMD160 (sphinx-2.2.11-release.tar.gz) = 5804b4cce64bc03fa20bac26c7391cd661cecc77
 SHA512 (sphinx-2.2.11-release.tar.gz) = cf1a262a5b0fbf0bd2827ec6ec629edeaf709ce855a6e7b509b65342baaeb26c02717ca63f1578d32c83d21e2fd6d1e92dceb34660e6351b93cd96fd4e623689
@@ -22,20 +22,23 @@ SHA1 (patch-cmake_ssl.cmake) = a5a25b000
 SHA1 (patch-cmd-line-utils_libedit_chartype.h) = 6b1453df648001ed1fc81190106e15872a69a04c
 SHA1 (patch-cmd-line-utils_libedit_vi.c) = 7c5ce1d07f650815d028e435a59e5d078ec74c2f
 SHA1 (patch-include_CMakeLists.txt) = 49d351a958e63c69ad8bfe5c50961fe3751e86c4
+SHA1 (patch-include_m__string.h) = 1622466a65c61a4ab0838bd80f6c24c061407eaf
 SHA1 (patch-include_my__global.h) = 843b9527faf880eee59cf02239ba601f5985ddfb
 SHA1 (patch-include_my_compare.h) = f45bac4b488332a668b0005751856279b67401f5
-SHA1 (patch-include_my_net.h) = b08aa36921efd023f9ecaac4cd3fb8a16d200abd
+SHA1 (patch-include_my_net.h) = 8d97e4396fd1df095798fca79cc07daffff449d3
 SHA1 (patch-include_my_pthread.h) = ff3bf1fddd04edd7804d810f79de64387464b5ca
 SHA1 (patch-libmysql_CMakeLists.txt) = 229044de6d11b26ee99b25be99b628a9f146b795
 SHA1 (patch-mysql-test_CMakeLists.txt) = b7dd562d55678b13ac487aa0ee59bf2551af1f9d
 SHA1 (patch-mysys__ssl_CMakeLists.txt) = e50bad459520be78ea2d5c4d0699cda8c1141884
+SHA1 (patch-mysys__ssl_my__aes__openssl.cc) = c6bcab27d992f90f7929cb697a7c7565671ebb6f
 SHA1 (patch-mysys_stacktrace.c) = 27ddd012c9ca299cfe2b9935b9f99fe603415e7e
 SHA1 (patch-scripts_CMakeLists.txt) = 5b44d2d137e3e64474d663a8faab5b5f289f4cf5
 SHA1 (patch-scripts_mysql__install__db.pl.in) = c2ed1705a530a0f2dfb8325496ceb7e2a9c98185
 SHA1 (patch-scripts_mysqld_safe.sh) = 0784314227657aa0bc3f4a0b4e21c173a86fa94b
-SHA1 (patch-sql-common_client__authentication.cc) = fb14e5bcb64c4d2d0b8cbbe97ff5b24b725e509e
 SHA1 (patch-sql_CMakeLists.txt) = 83c1e50de6b53a0af5ff010f248dd595745b3eb5
 SHA1 (patch-sql_log_event.h) = a413038ffa29103c75e1d243864615ccb3d9621e
+SHA1 (patch-sql_mysqld.cc) = 953ea6b1178e5d139446bc45a96730a9de9051e3
+SHA1 (patch-sql_rpl__slave.cc) = cc231060d7b8c1efe230c324fb7dfee90b058589
 SHA1 (patch-sql_sql_string.h) = 1ce4d4db59310ea45e384f34e33c0d61935059bf
 SHA1 (patch-sql_sys__vars.cc) = 355b17dac8da6f94c9996ae406df304113a1f8f5
 SHA1 (patch-storage_archive_CMakeLists.txt) = e739ef4884a154d7e33e8aae24234fd6855119b7
@@ -44,7 +47,10 @@ SHA1 (patch-storage_csv_CMakeLists.txt) 
 SHA1 (patch-storage_example_CMakeLists.txt) = a80b1dd3c6020b3fe958db35bebe3bd181136f0d
 SHA1 (patch-storage_federated_CMakeLists.txt) = f809504bad63129a06ce455b49ee40cca940891e
 SHA1 (patch-storage_heap_CMakeLists.txt) = 0a1a5a7b5e83f14cec43bfa4782dd4bb7b629347
+SHA1 (patch-storage_innobase_include_univ.i) = eb305029b8529cab88c80d75821fc9940e0f6b0b
 SHA1 (patch-storage_myisam_CMakeLists.txt) = 55897ae78208f78a396776d1082cb5f98631fff8
 SHA1 (patch-storage_myisammrg_CMakeLists.txt) = 0a56a16ccaff3fa9de996fec6ffc324af9855a4e
 SHA1 (patch-storage_ndb_include_util_Parser.hpp) = 037fc153619bf79ee95cb03a5ac4a71c14952c3a
 SHA1 (patch-strings_decimal.c) = 069c9d930c735f74510702baa9bef38aec425903
+SHA1 (patch-vio_vio.c) = 33914d1a3c8d9c7b4b83ba0b9be97c007137a7cd
+SHA1 (patch-vio_viosslfactories.c) = 0ec8e17abb5419f49a9fc803c374da70306b5e3a

Index: pkgsrc/databases/mysql56-client/patches/patch-include_my_net.h
diff -u pkgsrc/databases/mysql56-client/patches/patch-include_my_net.h:1.1 pkgsrc/databases/mysql56-client/patches/patch-include_my_net.h:1.1.54.1
--- pkgsrc/databases/mysql56-client/patches/patch-include_my_net.h:1.1  Wed Feb 13 21:00:04 2013
+++ pkgsrc/databases/mysql56-client/patches/patch-include_my_net.h      Sun Sep  8 16:55:18 2019
@@ -1,10 +1,11 @@
-$NetBSD: patch-include_my_net.h,v 1.1 2013/02/13 21:00:04 adam Exp $
+$NetBSD: patch-include_my_net.h,v 1.1.54.1 2019/09/08 16:55:18 bsiegert Exp $
 
-Define SHUT_RDWR for Irix 5.
+* Define SHUT_RDWR for Irix 5.
+* Stop useless warnings.
 
---- include/my_net.h.orig      2013-01-22 16:54:49.000000000 +0000
+--- include/my_net.h.orig      2019-06-10 10:25:32.000000000 +0000
 +++ include/my_net.h
-@@ -70,6 +70,15 @@ C_MODE_START
+@@ -70,14 +70,25 @@ C_MODE_START
  #include <netdb.h>     /* getaddrinfo() & co */
  #endif
  
@@ -20,3 +21,13 @@ Define SHUT_RDWR for Irix 5.
  /*
    On OSes which don't have the in_addr_t, we guess that using uint32 is the best
    possible choice. We guess this from the fact that on HP-UX64bit & FreeBSD64bit
+   & Solaris64bit, in_addr_t is equivalent to uint32. And on Linux32bit too.
+ */
+ #ifndef HAVE_IN_ADDR_T
++#ifndef in_addr_t
+ #define in_addr_t uint32
+ #endif
++#endif
+ 
+ 
+ C_MODE_END

Index: pkgsrc/databases/mysql56-server/Makefile
diff -u pkgsrc/databases/mysql56-server/Makefile:1.37 pkgsrc/databases/mysql56-server/Makefile:1.37.2.1
--- pkgsrc/databases/mysql56-server/Makefile:1.37       Tue Apr 30 17:20:23 2019
+++ pkgsrc/databases/mysql56-server/Makefile    Sun Sep  8 16:55:18 2019
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.37 2019/04/30 17:20:23 abs Exp $
+# $NetBSD: Makefile,v 1.37.2.1 2019/09/08 16:55:18 bsiegert Exp $
 
 PKGNAME=       ${DISTNAME:S/-/-server-/}
-PKGREVISION=   1
 COMMENT=       MySQL 5, a free SQL database (server)
 
 CONFLICTS=     mysql3-server-[0-9]*

Added files:

Index: pkgsrc/databases/mysql56-client/patches/patch-include_m__string.h
diff -u /dev/null pkgsrc/databases/mysql56-client/patches/patch-include_m__string.h:1.1.2.2
--- /dev/null   Sun Sep  8 16:55:18 2019
+++ pkgsrc/databases/mysql56-client/patches/patch-include_m__string.h   Sun Sep  8 16:55:17 2019
@@ -0,0 +1,16 @@
+$NetBSD: patch-include_m__string.h,v 1.1.2.2 2019/09/08 16:55:17 bsiegert Exp $
+
+* Stop useless warnings.
+
+--- include/m_string.h.orig    2019-06-10 10:25:32.000000000 +0000
++++ include/m_string.h
+@@ -43,7 +43,9 @@
+ #endif
+ 
+ #define bfill please_use_memset_rather_than_bfill()
++#ifndef bzero
+ #define bzero please_use_memset_rather_than_bzero()
++#endif
+ 
+ #if !defined(HAVE_MEMCPY) && !defined(HAVE_MEMMOVE)
+ # define memcpy(d, s, n)      bcopy ((s), (d), (n))
Index: pkgsrc/databases/mysql56-client/patches/patch-mysys__ssl_my__aes__openssl.cc
diff -u /dev/null pkgsrc/databases/mysql56-client/patches/patch-mysys__ssl_my__aes__openssl.cc:1.1.2.2
--- /dev/null   Sun Sep  8 16:55:18 2019
+++ pkgsrc/databases/mysql56-client/patches/patch-mysys__ssl_my__aes__openssl.cc        Sun Sep  8 16:55:18 2019
@@ -0,0 +1,118 @@
+$NetBSD: patch-mysys__ssl_my__aes__openssl.cc,v 1.1.2.2 2019/09/08 16:55:18 bsiegert Exp $
+
+* Allow build with OpenSSL 1.1.
+
+--- mysys_ssl/my_aes_openssl.cc.orig   2019-06-10 10:25:32.000000000 +0000
++++ mysys_ssl/my_aes_openssl.cc
+@@ -108,33 +108,46 @@ int my_aes_encrypt(const unsigned char *
+                    const unsigned char *key, uint32 key_length,
+                    enum my_aes_opmode mode, const unsigned char *iv)
+ {
+-  EVP_CIPHER_CTX ctx;
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++  EVP_CIPHER_CTX stack_ctx;
++  EVP_CIPHER_CTX *ctx= &stack_ctx;
++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++  EVP_CIPHER_CTX *ctx= EVP_CIPHER_CTX_new();
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   const EVP_CIPHER *cipher= aes_evp_type(mode);
+   int u_len, f_len;
+   /* The real key to be used for encryption */
+   unsigned char rkey[MAX_AES_KEY_LENGTH / 8];
+   my_aes_create_key(key, key_length, rkey, mode);
+ 
+-  if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv))
++  if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv))
+     return MY_AES_BAD_DATA;
+ 
+-  if (!EVP_EncryptInit(&ctx, cipher, rkey, iv))
++  if (!EVP_EncryptInit(ctx, cipher, rkey, iv))
+     goto aes_error;                             /* Error */
+-  if (!EVP_CIPHER_CTX_set_padding(&ctx, 1))
++  if (!EVP_CIPHER_CTX_set_padding(ctx, 1))
+     goto aes_error;                             /* Error */
+-  if (!EVP_EncryptUpdate(&ctx, dest, &u_len, source, source_length))
++  if (!EVP_EncryptUpdate(ctx, dest, &u_len, source, source_length))
+     goto aes_error;                             /* Error */
+ 
+-  if (!EVP_EncryptFinal(&ctx, dest + u_len, &f_len))
++  if (!EVP_EncryptFinal(ctx, dest + u_len, &f_len))
+     goto aes_error;                             /* Error */
+ 
+-  EVP_CIPHER_CTX_cleanup(&ctx);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++  EVP_CIPHER_CTX_cleanup(ctx);
++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++  EVP_CIPHER_CTX_free(ctx);
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   return u_len + f_len;
+ 
+ aes_error:
+   /* need to explicitly clean up the error if we want to ignore it */
+   ERR_clear_error();
+-  EVP_CIPHER_CTX_cleanup(&ctx);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++    EVP_CIPHER_CTX_cleanup(ctx);
++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++    EVP_CIPHER_CTX_free(ctx);
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   return MY_AES_BAD_DATA;
+ }
+ 
+@@ -145,7 +158,12 @@ int my_aes_decrypt(const unsigned char *
+                    enum my_aes_opmode mode, const unsigned char *iv)
+ {
+ 
+-  EVP_CIPHER_CTX ctx;
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++  EVP_CIPHER_CTX stack_ctx;
++  EVP_CIPHER_CTX *ctx= &stack_ctx;
++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++  EVP_CIPHER_CTX *ctx= EVP_CIPHER_CTX_new();
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   const EVP_CIPHER *cipher= aes_evp_type(mode);
+   int u_len, f_len;
+ 
+@@ -153,27 +171,33 @@ int my_aes_decrypt(const unsigned char *
+   unsigned char rkey[MAX_AES_KEY_LENGTH / 8];
+ 
+   my_aes_create_key(key, key_length, rkey, mode);
+-  if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv))
++  if (!ctx || !cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv))
+     return MY_AES_BAD_DATA;
+ 
+-  EVP_CIPHER_CTX_init(&ctx);
+-
+-  if (!EVP_DecryptInit(&ctx, aes_evp_type(mode), rkey, iv))
++  if (!EVP_DecryptInit(ctx, aes_evp_type(mode), rkey, iv))
+     goto aes_error;                             /* Error */
+-  if (!EVP_CIPHER_CTX_set_padding(&ctx, 1))
++  if (!EVP_CIPHER_CTX_set_padding(ctx, 1))
+     goto aes_error;                             /* Error */
+-  if (!EVP_DecryptUpdate(&ctx, dest, &u_len, source, source_length))
++  if (!EVP_DecryptUpdate(ctx, dest, &u_len, source, source_length))
+     goto aes_error;                             /* Error */
+-  if (!EVP_DecryptFinal_ex(&ctx, dest + u_len, &f_len))
++  if (!EVP_DecryptFinal_ex(ctx, dest + u_len, &f_len))
+     goto aes_error;                             /* Error */
+ 
+-  EVP_CIPHER_CTX_cleanup(&ctx);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++  EVP_CIPHER_CTX_cleanup(ctx);
++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++  EVP_CIPHER_CTX_free(ctx);
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   return u_len + f_len;
+ 
+ aes_error:
+   /* need to explicitly clean up the error if we want to ignore it */
+   ERR_clear_error();
+-  EVP_CIPHER_CTX_cleanup(&ctx);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++  EVP_CIPHER_CTX_cleanup(ctx);
++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++  EVP_CIPHER_CTX_free(ctx);
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   return MY_AES_BAD_DATA;
+ }
+ 
Index: pkgsrc/databases/mysql56-client/patches/patch-storage_innobase_include_univ.i
diff -u /dev/null pkgsrc/databases/mysql56-client/patches/patch-storage_innobase_include_univ.i:1.1.2.2
--- /dev/null   Sun Sep  8 16:55:18 2019
+++ pkgsrc/databases/mysql56-client/patches/patch-storage_innobase_include_univ.i       Sun Sep  8 16:55:18 2019
@@ -0,0 +1,16 @@
+$NetBSD: patch-storage_innobase_include_univ.i,v 1.1.2.2 2019/09/08 16:55:18 bsiegert Exp $
+
+* Stop another useless warnings.
+
+--- storage/innobase/include/univ.i.orig       2019-06-10 10:25:32.000000000 +0000
++++ storage/innobase/include/univ.i
+@@ -123,7 +123,9 @@ Sun Studio */
+ #endif /* #if (defined(WIN32) || ... */
+ 
+ #ifndef __WIN__
++#ifndef __STDC_FORMAT_MACROS
+ #define __STDC_FORMAT_MACROS    /* Enable C99 printf format macros */
++#endif
+ #include <inttypes.h>
+ #endif /* !__WIN__ */
+ 

Index: pkgsrc/databases/mysql56-client/patches/patch-sql_mysqld.cc
diff -u /dev/null pkgsrc/databases/mysql56-client/patches/patch-sql_mysqld.cc:1.5.2.2
--- /dev/null   Sun Sep  8 16:55:18 2019
+++ pkgsrc/databases/mysql56-client/patches/patch-sql_mysqld.cc Sun Sep  8 16:55:18 2019
@@ -0,0 +1,42 @@
+$NetBSD: patch-sql_mysqld.cc,v 1.5.2.2 2019/09/08 16:55:18 bsiegert Exp $
+
+* Allow build with OpenSSL 1.1.
+
+--- sql/mysqld.cc.orig 2019-06-10 10:25:32.000000000 +0000
++++ sql/mysqld.cc
+@@ -2759,9 +2759,9 @@ bool one_thread_per_connection_end(THD *
+   }
+ 
+   // Clean up errors now, before possibly waiting for a new connection.
+-#ifndef EMBEDDED_LIBRARY
+-  ERR_remove_state(0);
+-#endif
++#if !defined(EMBEDDED_LIBRARY) && OPENSSL_VERSION_NUMBER < 0x10100000L
++  ERR_remove_thread_state(0);
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+ 
+   delete thd;
+ 
+@@ -4358,7 +4358,11 @@ static int init_ssl()
+ {
+ #ifdef HAVE_OPENSSL
+ #ifndef HAVE_YASSL
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+   CRYPTO_malloc_init();
++#else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++  OPENSSL_malloc_init();
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+ #endif
+   ssl_start();
+ #ifndef EMBEDDED_LIBRARY
+@@ -4372,7 +4376,9 @@ static int init_ssl()
+                                         opt_ssl_cipher, &error,
+                                           opt_ssl_crl, opt_ssl_crlpath);
+     DBUG_PRINT("info",("ssl_acceptor_fd: 0x%lx", (long) ssl_acceptor_fd));
+-    ERR_remove_state(0);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++    ERR_remove_thread_state(0);
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+     if (!ssl_acceptor_fd)
+     {
+       sql_print_warning("Failed to setup SSL");

Index: pkgsrc/databases/mysql56-client/patches/patch-sql_rpl__slave.cc
diff -u /dev/null pkgsrc/databases/mysql56-client/patches/patch-sql_rpl__slave.cc:1.3.2.2
--- /dev/null   Sun Sep  8 16:55:18 2019
+++ pkgsrc/databases/mysql56-client/patches/patch-sql_rpl__slave.cc     Sun Sep  8 16:55:18 2019
@@ -0,0 +1,39 @@
+$NetBSD: patch-sql_rpl__slave.cc,v 1.3.2.2 2019/09/08 16:55:18 bsiegert Exp $
+
+* Allow build with OpenSSL 1.1.
+
+--- sql/rpl_slave.cc.orig      2019-06-10 10:25:32.000000000 +0000
++++ sql/rpl_slave.cc
+@@ -5143,7 +5143,9 @@ err:
+   mysql_mutex_unlock(&mi->run_lock);
+   DBUG_LEAVE;                                   // Must match DBUG_ENTER()
+   my_thread_end();
+-  ERR_remove_state(0);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++  ERR_remove_thread_state(0);
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   pthread_exit(0);
+   return(0);                                    // Avoid compiler warnings
+ }
+@@ -5334,7 +5336,9 @@ err:
+   }
+ 
+   my_thread_end();
+-  ERR_remove_state(0);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++  ERR_remove_thread_state(0);
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   pthread_exit(0);
+   DBUG_RETURN(0); 
+ }
+@@ -6482,7 +6486,9 @@ log '%s' at position %s, relay log '%s' 
+ 
+   DBUG_LEAVE;                            // Must match DBUG_ENTER()
+   my_thread_end();
+-  ERR_remove_state(0);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++  ERR_remove_thread_state(0);
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   pthread_exit(0);
+   return 0;                             // Avoid compiler warnings
+ }
Index: pkgsrc/databases/mysql56-client/patches/patch-vio_vio.c
diff -u /dev/null pkgsrc/databases/mysql56-client/patches/patch-vio_vio.c:1.3.2.2
--- /dev/null   Sun Sep  8 16:55:18 2019
+++ pkgsrc/databases/mysql56-client/patches/patch-vio_vio.c     Sun Sep  8 16:55:18 2019
@@ -0,0 +1,17 @@
+$NetBSD: patch-vio_vio.c,v 1.3.2.2 2019/09/08 16:55:18 bsiegert Exp $
+
+* Allow build with OpenSSL 1.1.
+
+--- vio/vio.c.orig     2019-06-10 10:25:32.000000000 +0000
++++ vio/vio.c
+@@ -384,7 +384,9 @@ void vio_end(void)
+   yaSSL_CleanUp();
+ #elif defined(HAVE_OPENSSL)
+   // This one is needed on the client side
+-  ERR_remove_state(0);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++  ERR_remove_thread_state(0);
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   ERR_free_strings();
+   EVP_cleanup();
+   CRYPTO_cleanup_all_ex_data();
Index: pkgsrc/databases/mysql56-client/patches/patch-vio_viosslfactories.c
diff -u /dev/null pkgsrc/databases/mysql56-client/patches/patch-vio_viosslfactories.c:1.3.2.2
--- /dev/null   Sun Sep  8 16:55:18 2019
+++ pkgsrc/databases/mysql56-client/patches/patch-vio_viosslfactories.c Sun Sep  8 16:55:18 2019
@@ -0,0 +1,44 @@
+$NetBSD: patch-vio_viosslfactories.c,v 1.3.2.2 2019/09/08 16:55:18 bsiegert Exp $
+
+* Allow build with OpenSSL 1.1.
+
+--- vio/viosslfactories.c.orig 2019-06-10 10:25:32.000000000 +0000
++++ vio/viosslfactories.c
+@@ -68,13 +68,21 @@ static DH *get_dh2048(void)
+   DH *dh;
+   if ((dh=DH_new()))
+   {
+-    dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
+-    dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
+-    if (! dh->p || ! dh->g)
+-    {
++    BIGNUM *p= BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
++    BIGNUM *g= BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
++    if (!p || !g
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++        || !DH_set0_pqg(dh, p, NULL, g)
++#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
++    ) {
++      /* DH_free() will free 'p' and 'g' at once. */
+       DH_free(dh);
+-      dh=0;
++      return NULL;
+     }
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++    dh->p= p;
++    dh->g= g;
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+   }
+   return(dh);
+ }
+@@ -230,8 +238,8 @@ new_VioSSLFd(const char *key_file, const
+     DBUG_RETURN(0);
+ 
+   if (!(ssl_fd->ssl_context= SSL_CTX_new(is_client ?
+-                                         TLSv1_client_method() :
+-                                         TLSv1_server_method())))
++                                         SSLv23_client_method() :
++                                         SSLv23_server_method())))
+   {
+     *error= SSL_INITERR_MEMFAIL;
+     DBUG_PRINT("error", ("%s", sslGetErrString(*error)));



Home | Main Index | Thread Index | Old Index