rpms/mysql
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Replace whole repo with latest content from branch stream-8.0-rhel-8.8.0

Browse Source 
Content corresponds with RHEL dist-git commit 9a17365
This commit is contained in:
Honza Horak 2023-06-22 15:21:02 +02:00
parent 6cc09066d1
commit 2c8b4b3ea9
6 changed files with 0 additions and 327 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
gating.yaml
View File

@ -1,6 +0,0 @@
--- !Policy
product_versions:
- rhel-9
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}

24
mysql-chain-certs.patch
View File

@ -1,24 +0,0 @@
Fix things so that chains of certificates work in the server and client
certificate files.
This only really works for OpenSSL-based builds, as yassl is unable to read
multiple certificates from a file. The patch below to yassl/src/ssl.cpp
doesn't fix that, but just arranges that the viosslfactories.c patch won't
have any ill effects in a yassl build. Since we don't use yassl in Red Hat/
Fedora builds, I'm not feeling motivated to try to fix yassl for this.
See RH bug #598656. Filed upstream at http://bugs.mysql.com/bug.php?id=54158
diff --git a/vio/viosslfactories.cc b/vio/viosslfactories.cc
index 5e881e3..2927e7f 100644
--- a/vio/viosslfactories.cc
+++ b/vio/viosslfactories.cc
@@ -198,7 +198,7 @@ static int vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file,
if (!key_file && cert_file) key_file = cert_file;
if (cert_file &&
- SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0) {
+ SSL_CTX_use_certificate_chain_file(ctx, cert_file) <= 0) {
*error = SSL_INITERR_CERT;
DBUG_PRINT("error",
("%s from file '%s'", sslGetErrString(*error), cert_file));

13
mysql-fix-includes-robin-hood.patch
View File

@ -1,13 +0,0 @@
# Prevents fails when compiling with gcc11 (Fedora 34)
# Upstream PR: https://github.com/mysql/mysql-server/pull/323
--- mysql-8.0.23/extra/robin-hood-hashing/robin_hood.h.old 2021-02-04 17:15:31.034997221 +0100
+++ mysql-8.0.23/extra/robin-hood-hashing/robin_hood.h 2021-02-04 17:15:50.781372066 +0100
@@ -48,6 +48,7 @@
#include <string>
#include <type_traits>
#include <utility>
+#include <limits>
#if __cplusplus >= 201703L
# include <string_view>
#endif

206
mysql-openssl3.patch
View File

@ -1,206 +0,0 @@
Make MySQL compile with openssl 3.x without FIPS properly implemented
This change takes some pieces from MariaDB, including compat_ssl.h and
changes in my_md5.cc.
MySQL utilizes FIPS_mode() and FIPS_mode_set() functions that are not
available in OpenSSL 3.x any more. This patch only mocks the call of
those functions, returning 0 every time, which effectively makes usage
of those functions non working. For making the MySQL build with
OpenSSL 3.x this seems to be enough though.
Resolves: #1952951
diff -rup mysql-8.0.22-orig/cmake/ssl.cmake mysql-8.0.22/cmake/ssl.cmake
--- mysql-8.0.22-orig/cmake/ssl.cmake 2021-05-19 21:36:33.161996422 +0200
+++ mysql-8.0.22/cmake/ssl.cmake 2021-05-19 23:06:54.211877057 +0200
@@ -227,8 +227,7 @@ MACRO (MYSQL_CHECK_SSL)
ENDIF()
IF(OPENSSL_INCLUDE_DIR AND
OPENSSL_LIBRARY AND
- CRYPTO_LIBRARY AND
- OPENSSL_MAJOR_VERSION STREQUAL "1"
+ CRYPTO_LIBRARY
)
SET(OPENSSL_FOUND TRUE)
FIND_PROGRAM(OPENSSL_EXECUTABLE openssl
diff -rup mysql-8.0.22-orig/include/ssl_compat.h mysql-8.0.22/include/ssl_compat.h
--- mysql-8.0.22-orig/include/ssl_compat.h 2021-05-19 23:19:36.152956356 +0200
+++ mysql-8.0.22/include/ssl_compat.h 2021-05-19 23:06:55.048885933 +0200
@@ -0,0 +1,105 @@
+/*
+ Copyright (c) 2016, 2021, MariaDB Corporation.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
+
+#include <openssl/opensslv.h>
+
+/* OpenSSL version specific definitions */
+#if defined(OPENSSL_VERSION_NUMBER)
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+#define HAVE_OPENSSL11 1
+#define SSL_LIBRARY OpenSSL_version(OPENSSL_VERSION)
+#define ERR_remove_state(X) ERR_clear_error()
+#define EVP_CIPHER_CTX_SIZE 176
+#define EVP_MD_CTX_SIZE 48
+#undef EVP_MD_CTX_init
+#define EVP_MD_CTX_init(X) do { memset((X), 0, EVP_MD_CTX_SIZE); EVP_MD_CTX_reset(X); } while(0)
+#undef EVP_CIPHER_CTX_init
+#define EVP_CIPHER_CTX_init(X) do { memset((X), 0, EVP_CIPHER_CTX_SIZE); EVP_CIPHER_CTX_reset(X); } while(0)
+
+/*
+ Macros below are deprecated. OpenSSL 1.1 may define them or not,
+ depending on how it was built.
+*/
+#undef ERR_free_strings
+#define ERR_free_strings()
+#undef EVP_cleanup
+#define EVP_cleanup()
+#undef CRYPTO_cleanup_all_ex_data
+#define CRYPTO_cleanup_all_ex_data()
+#undef SSL_load_error_strings
+#define SSL_load_error_strings()
+
+#else
+#define HAVE_OPENSSL10 1
+#ifdef HAVE_WOLFSSL
+#define SSL_LIBRARY "WolfSSL " WOLFSSL_VERSION
+#else
+#define SSL_LIBRARY SSLeay_version(SSLEAY_VERSION)
+#endif
+
+#ifdef HAVE_WOLFSSL
+#undef ERR_remove_state
+#define ERR_remove_state(x) do {} while(0)
+#elif defined (HAVE_ERR_remove_thread_state)
+#define ERR_remove_state(X) ERR_remove_thread_state(NULL)
+#endif /* HAVE_ERR_remove_thread_state */
+
+#endif /* HAVE_OPENSSL11 */
+#endif
+
+#ifdef HAVE_WOLFSSL
+#define EVP_MD_CTX_SIZE sizeof(wc_Md5)
+#endif
+
+#ifndef HAVE_OPENSSL11
+#ifndef ASN1_STRING_get0_data
+#define ASN1_STRING_get0_data(X) ASN1_STRING_data(X)
+#endif
+#ifndef EVP_MD_CTX_SIZE
+#define EVP_MD_CTX_SIZE sizeof(EVP_MD_CTX)
+#endif
+
+#define DH_set0_pqg(D,P,Q,G) ((D)->p= (P), (D)->g= (G))
+#define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf)
+#define EVP_CIPHER_CTX_encrypting(ctx) ((ctx)->encrypt)
+#define EVP_CIPHER_CTX_SIZE sizeof(EVP_CIPHER_CTX)
+
+#ifndef HAVE_WOLFSSL
+#define OPENSSL_init_ssl(X,Y) SSL_library_init()
+#define EVP_MD_CTX_reset(X) EVP_MD_CTX_cleanup(X)
+#define EVP_CIPHER_CTX_reset(X) EVP_CIPHER_CTX_cleanup(X)
+#define X509_get0_notBefore(X) X509_get_notBefore(X)
+#define X509_get0_notAfter(X) X509_get_notAfter(X)
+#endif
+#endif
+
+#ifndef TLS1_3_VERSION
+//#define SSL_CTX_set_ciphersuites(X,Y) 0
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+int check_openssl_compatibility();
+
+#define FIPS_mode_set(X) 0
+#define FIPS_mode() 0
+
+#ifdef __cplusplus
+}
+#endif
diff -rup mysql-8.0.22-orig/mysys/my_md5.cc mysql-8.0.22/mysys/my_md5.cc
--- mysql-8.0.22-orig/mysys/my_md5.cc 2021-05-19 21:36:31.738980913 +0200
+++ mysql-8.0.22/mysys/my_md5.cc 2021-05-19 23:13:41.380194493 +0200
@@ -34,13 +34,12 @@
#include <openssl/crypto.h>
#include <openssl/md5.h>
+#include <openssl/evp.h>
+#include <ssl_compat.h>
static void my_md5_hash(unsigned char *digest, unsigned const char *buf,
int len) {
- MD5_CTX ctx;
- MD5_Init(&ctx);
- MD5_Update(&ctx, buf, len);
- MD5_Final(digest, &ctx);
+ MD5(buf, len, digest);
}
/**
diff -Naurp mysql-8.0.27/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/network/xcom_network_provider_ssl_native_lib.cc*
--- mysql-8.0.27/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/network/xcom_network_provider_ssl_native_lib.cc 2021-09-28 13:46:34.000000000 +0200
+++ mysql-8.0.27/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/network/xcom_network_provider_ssl_native_lib.cc_patched 2021-10-31 10:57:37.865934624 +0100
@@ -30,6 +30,7 @@
#include <assert.h>
#include <stdlib.h>
+#include <openssl/crypto.h>
#include <openssl/dh.h>
#include <openssl/opensslv.h>
#include <openssl/x509v3.h>
@@ -39,6 +40,7 @@
#endif
#include "openssl/engine.h"
+#include <ssl_compat.h>
#include "xcom/task_debug.h"
#include "xcom/x_platform.h"
diff -rup mysql-8.0.22-orig/plugin/x/client/xconnection_impl.cc mysql-8.0.22/plugin/x/client/xconnection_impl.cc
--- mysql-8.0.22-orig/plugin/x/client/xconnection_impl.cc 2021-05-19 21:36:14.388791818 +0200
+++ mysql-8.0.22/plugin/x/client/xconnection_impl.cc 2021-05-19 23:06:55.049885943 +0200
@@ -31,6 +31,7 @@
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif // HAVE_NETINET_IN_H
+#include <openssl/crypto.h>
#include <openssl/x509v3.h>
#include <cassert>
#include <chrono> // NOLINT(build/c++11)
@@ -38,6 +39,7 @@
#include <limits>
#include <sstream>
#include <string>
+#include <ssl_compat.h>
#include "errmsg.h" // NOLINT(build/include_subdir)
#include "my_config.h" // NOLINT(build/include_subdir)
diff -rup mysql-8.0.22-orig/vio/viosslfactories.cc mysql-8.0.22/vio/viosslfactories.cc
--- mysql-8.0.22-orig/vio/viosslfactories.cc 2021-05-19 21:36:33.310998046 +0200
+++ mysql-8.0.22/vio/viosslfactories.cc 2021-05-19 23:06:55.049885943 +0200
@@ -39,7 +39,9 @@
#include "mysys_err.h"
#include "vio/vio_priv.h"
+#include <openssl/crypto.h>
#include <openssl/dh.h>
+#include <ssl_compat.h>
#if OPENSSL_VERSION_NUMBER < 0x10002000L
#include <openssl/ec.h>

41
mysql-s390-tsc.patch
View File

@ -1,41 +0,0 @@
Support s390/s390x in performance schema's cycle-counting functions.
Filed upstream at http://bugs.mysql.com/bug.php?id=59953
diff --git a/include/my_rdtsc.h b/include/my_rdtsc.h
index 65f7df1..a28f470 100644
--- a/include/my_rdtsc.h
+++ b/include/my_rdtsc.h
@@ -128,5 +128,6 @@ void my_timer_init(MY_TIMER_INFO *mti);
#define MY_TIMER_ROUTINE_GETSYSTEMTIMEASFILETIME 26
#define MY_TIMER_ROUTINE_ASM_SUNPRO_X86_64 27
#define MY_TIMER_ROUTINE_ASM_AARCH64 28
+#define MY_TIMER_ROUTINE_ASM_S390 29
#endif
diff --git a/mysys/my_rdtsc.cc b/mysys/my_rdtsc.cc
index ec8e855..c3408b1 100644
--- a/mysys/my_rdtsc.cc
+++ b/mysys/my_rdtsc.cc
@@ -204,6 +204,13 @@ ulonglong my_timer_cycles(void) {
__asm __volatile__("mrs %[rt],cntvct_el0" : [ rt ] "=r"(result));
return result;
}
+#elif defined(__GNUC__) && defined(__s390__)
+ /* covers both s390 and s390x */
+ {
+ ulonglong result;
+ __asm__ __volatile__ ("stck %0" : "=Q" (result) : : "cc");
+ return result;
+ }
#elif defined(HAVE_SYS_TIMES_H) && defined(HAVE_GETHRTIME)
/* gethrtime may appear as either cycle or nanosecond counter */
return (ulonglong)gethrtime();
@@ -505,6 +512,8 @@ void my_timer_init(MY_TIMER_INFO *mti) {
mti->cycles.routine = MY_TIMER_ROUTINE_ASM_GCC_SPARC32;
#elif defined(__GNUC__) && defined(__aarch64__)
mti->cycles.routine = MY_TIMER_ROUTINE_ASM_AARCH64;
+#elif defined(__GNUC__) && defined(__s390__)
+ mti->cycles.routine = MY_TIMER_ROUTINE_ASM_S390;
#elif defined(HAVE_SYS_TIMES_H) && defined(HAVE_GETHRTIME)
mti->cycles.routine = MY_TIMER_ROUTINE_GETHRTIME;
#else

37
mysql.rpmlintrc
View File

@ -1,37 +0,0 @@
# THIS FILE SERVES FOR WHITELISTING RPMLINT ERRORS AND WARNINGS IN TASKOTRON
# https://fedoraproject.org/wiki/Taskotron/Tasks/dist.rpmlint#Whitelisting_errors
# (same file in python3 package served as a great example)
# Spelling errors
addFilter(r'spelling-error .* en_US (cnf|mysqld|subpackage) ')
# Debug symlinks
addFilter(r'dangling-relative-symlink /usr/lib/.build-id')
# Testsuite
# Some expected tests results are zero-length files
addFilter(r'(zero-length|pem-certificate|hidden-file-or-dir) /usr/share/mysql-test/*')
# Chroot function
# False positive; checked by upstream
addFilter(r'missing-call-to-chdir-with-chroot')
# Missing documentation
# I don't think that's on the upstream priority list
addFilter(r'no-documentation')
addFilter(r'no-manual-page-for-binary')
# Cluster is gone
addFilter("W: obsolete-not-provided mysql-cluster")
addFilter("W: obsolete-not-provided mysql-bench")
addFilter("W: obsolete-not-provided community-mysql-bench")
# Config file without noreplace flag
# Don't replace logs that may contain old entries
addFilter(r'conffile-without-noreplace-flag /var/log/mariadb/mariadb.log')
# Seems pretty standard to me ...
addFilter(r'non-standard-dir-perm /var/log/mysql 750')