databases/mysql56*: update to 5.7.33 release

Disable detect of TLSv1.3 functions - it's broken with LibreSSL Release Notes: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-33.html Requested by: joneum
author: Dima Panov <fluffy@FreeBSD.org> 2021-02-03 02:02:58 +0000
committer: Dima Panov <fluffy@FreeBSD.org> 2021-02-03 02:02:58 +0000
commit: fa82d308042aa39350565a6c1b300335ed2c5598 (patch)
tree: 85df4889ae974e85629d469c936999f7f038fdd8 /databases/mysql57-server
parent: b3269ba45f73a8ac03bf889b7990394309f0a65d (diff)
download: ports-fa82d308042aa39350565a6c1b300335ed2c5598.tar.gz
ports-fa82d308042aa39350565a6c1b300335ed2c5598.zip
5 files changed, 96 insertions, 5 deletions
diff --git a/databases/mysql57-server/Makefile b/databases/mysql57-server/Makefile
index df53c7588317..1f2bdd7e5847 100644
--- a/databases/mysql57-server/Makefile
+++ b/databases/mysql57-server/Makefile
@@ -2,8 +2,8 @@
 # $FreeBSD$
 
 PORTNAME?=	mysql
-PORTVERSION=	5.7.32
-PORTREVISION?=	1
+PORTVERSION=	5.7.33
+PORTREVISION?=	0
 CATEGORIES=	databases
 MASTER_SITES=	MYSQL/MySQL-5.7
 PKGNAMESUFFIX?=	57-server
diff --git a/databases/mysql57-server/files/patch-cmake_ssl.cmake b/databases/mysql57-server/files/patch-cmake_ssl.cmake
index 4ac61da59a4f..0e70d693a90d 100644
--- a/databases/mysql57-server/files/patch-cmake_ssl.cmake
+++ b/databases/mysql57-server/files/patch-cmake_ssl.cmake
@@ -1,15 +1,42 @@
 --- cmake/ssl.cmake.orig	2019-12-06 10:41:47 UTC
 +++ cmake/ssl.cmake
-@@ -193,7 +193,8 @@ MACRO (MYSQL_CHECK_SSL)
+@@ -150,22 +150,12 @@ MACRO (MYSQL_CHECK_SSL)
+       MESSAGE(STATUS "OPENSSL_APPLINK_C ${OPENSSL_APPLINK_C}")
+     ENDIF()
+ 
+-    # On mac this list is <.dylib;.so;.a>
+-    # We prefer static libraries, so we reverse it here.
+-    IF (WITH_SSL_PATH)
+-      LIST(REVERSE CMAKE_FIND_LIBRARY_SUFFIXES)
+-      MESSAGE(STATUS "suffixes <${CMAKE_FIND_LIBRARY_SUFFIXES}>")
+-    ENDIF()
+-
+     FIND_LIBRARY(OPENSSL_LIBRARY
+                  NAMES ssl libssl ssleay32 ssleay32MD
+                  HINTS ${OPENSSL_ROOT_DIR}/lib)
+     FIND_LIBRARY(CRYPTO_LIBRARY
+                  NAMES crypto libcrypto libeay32
+                  HINTS ${OPENSSL_ROOT_DIR}/lib)
+-    IF (WITH_SSL_PATH)
+-      LIST(REVERSE CMAKE_FIND_LIBRARY_SUFFIXES)
+-    ENDIF()
+ 
+     IF(OPENSSL_INCLUDE_DIR)
+       # Verify version number. Version information looks like:
+@@ -193,9 +183,10 @@ MACRO (MYSQL_CHECK_SSL)
        )
      SET(OPENSSL_VERSION ${OPENSSL_VERSION} CACHE INTERNAL "")
  
 -    IF("${OPENSSL_VERSION}" VERSION_GREATER "1.1.0")
+-       ADD_DEFINITIONS(-DHAVE_TLSv13)
+-       SET(HAVE_TLSv13 1)
 +    CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
 +    IF(HAVE_TLS1_3_VERSION)
-        ADD_DEFINITIONS(-DHAVE_TLSv13)
-        SET(HAVE_TLSv13 1)
++       #ADD_DEFINITIONS(-DHAVE_TLSv13)
++       #SET(HAVE_TLSv13 1)
         IF(SOLARIS)
+          SET(FORCE_SSL_SOLARIS "-Wl,--undefined,address_of_sk_new_null")
+        ENDIF()
 @@ -203,7 +204,13 @@ MACRO (MYSQL_CHECK_SSL)
      IF(OPENSSL_INCLUDE_DIR AND
         OPENSSL_LIBRARY   AND
diff --git a/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c b/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c
index e25f39ca85a5..44217e5fec58 100644
--- a/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c
+++ b/databases/mysql57-server/files/patch-rapid_plugin_group_replication_libmysqlgcs_src_bindings_xcom_xcom_xcom_ssl_transport.c
@@ -1,5 +1,31 @@
 --- rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c.orig	2020-03-23 17:35:17 UTC
 +++ rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
+@@ -232,7 +232,7 @@ static int configure_ssl_algorithms(SSL_CTX* ssl_ctx, 
+                                     const char* tls_version)
+ {
+   DH *dh= NULL;
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+   /* We support TLS up to 1.2, so explicitly disable TLS 1.3. */
+   long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1_3;
+ #else
+@@ -257,14 +257,14 @@ static int configure_ssl_algorithms(SSL_CTX* ssl_ctx, 
+                     SSL_OP_NO_TLSv1 |
+                     SSL_OP_NO_TLSv1_1
+                     | SSL_OP_NO_TLSv1_2
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+                     | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+                    );
+ 
+   SSL_CTX_set_options(ssl_ctx, ssl_ctx_options);
+ 
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+   /* We do not support TLS 1.3.
+      Setting empty TLS 1.3 ciphersuites disables them. */
+   if (SSL_CTX_set_ciphersuites(ssl_ctx, "") == 0)
 @@ -529,7 +529,7 @@ int xcom_init_ssl(const char *server_key_file, const c
      break e.g. ODBC clients (if the client also uses SSL).
    */
diff --git a/databases/mysql57-server/files/patch-sql_locks_shared__spin__lock.cc b/databases/mysql57-server/files/patch-sql_locks_shared__spin__lock.cc
new file mode 100644
index 000000000000..44325de6c602
--- /dev/null
+++ b/databases/mysql57-server/files/patch-sql_locks_shared__spin__lock.cc
@@ -0,0 +1,11 @@
+--- sql/locks/shared_spin_lock.cc.orig	2020-12-10 03:01:55 UTC
++++ sql/locks/shared_spin_lock.cc
+@@ -239,7 +239,7 @@ lock::Shared_spin_lock &lock::Shared_spin_lock::try_or
+   {
+     this->spin_exclusive_lock();
+   }
+-  my_atomic_store64(&this->m_exclusive_owner, self);
++  my_atomic_store64(&this->m_exclusive_owner, reinterpret_cast<int64>(self));
+   return (*this);
+ }
+ 
diff --git a/databases/mysql57-server/files/patch-vio_viosslfactories.c b/databases/mysql57-server/files/patch-vio_viosslfactories.c
index c114c25c07cd..00c32ea9dca3 100644
--- a/databases/mysql57-server/files/patch-vio_viosslfactories.c
+++ b/databases/mysql57-server/files/patch-vio_viosslfactories.c
@@ -33,3 +33,30 @@
    }
    return(dh);
  }
+@@ -503,7 +501,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+   struct st_VioSSLFd *ssl_fd;
+   /* MySQL 5.7 supports TLS up to v1.2, explicitly disable TLSv1.3. */
+   long ssl_ctx_options= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+                         | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+                         ;
+@@ -536,7 +534,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+                     SSL_OP_NO_TLSv1 |
+                     SSL_OP_NO_TLSv1_1
+                     | SSL_OP_NO_TLSv1_2
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+                     | SSL_OP_NO_TLSv1_3
+ #endif /* HAVE_TLSv13 */
+                     | SSL_OP_NO_TICKET
+@@ -559,7 +557,7 @@ new_VioSSLFd(const char *key_file, const char *cert_fi
+ 
+   SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
+ 
+-#ifdef HAVE_TLSv13
++#if defined(HAVE_TLSv13) && !defined(LIBRESSL_VERSION_NUMBER)
+   /*
+     MySQL 5.7 doesn't support TLSv1.3 - set empty TLSv1.3 ciphersuites.
+   */
author	Dima Panov <fluffy@FreeBSD.org>	2021-02-03 02:02:58 +0000
committer	Dima Panov <fluffy@FreeBSD.org>	2021-02-03 02:02:58 +0000
commit	fa82d308042aa39350565a6c1b300335ed2c5598 (patch)
tree	85df4889ae974e85629d469c936999f7f038fdd8 /databases/mysql57-server
parent	b3269ba45f73a8ac03bf889b7990394309f0a65d (diff)
download	ports-fa82d308042aa39350565a6c1b300335ed2c5598.tar.gz ports-fa82d308042aa39350565a6c1b300335ed2c5598.zip