[gentoo-commits] repo/gentoo:master commit in: dev-db/mysql-connector-c/, dev-db/mysql-connector-c/files/ - gentoo-commits

From:	Thomas Deutschmann <whissi@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: dev-db/mysql-connector-c/, dev-db/mysql-connector-c/files/
Date:	Fri, 02 Aug 2019 14:38:56
Message-Id:	`1564756725.c6112871c2e83ad7d1bd64b277386eb2c5efa089.whissi@gentoo`

1

commit:     c6112871c2e83ad7d1bd64b277386eb2c5efa089

2

Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

3

AuthorDate: Fri Aug  2 14:22:45 2019 +0000

4

Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

5

CommitDate: Fri Aug  2 14:38:45 2019 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c6112871

7

8

dev-db/mysql-connector-c: bump to v8.0.17

9

10

Package-Manager: Portage-2.3.69, Repoman-2.3.16

11

Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

12

13

 dev-db/mysql-connector-c/Manifest                  |   1 +

14

 .../files/mysql-connector-c-8.0.17-libressl.patch  | 258 +++++++++++++++++++++

15

 .../mysql-connector-c-8.0.17.ebuild                |  92 ++++++++

16

 3 files changed, 351 insertions(+)

17

18

diff --git a/dev-db/mysql-connector-c/Manifest b/dev-db/mysql-connector-c/Manifest

19

index 91a4121bd4d..da74276fc3e 100644

20

--- a/dev-db/mysql-connector-c/Manifest

21

+++ b/dev-db/mysql-connector-c/Manifest

22

@@ -1,2 +1,3 @@

23

 DIST mysql-boost-8.0.16.tar.gz 145939027 BLAKE2B f8e94c6aa686a3f3a2fd231676070760081c6bbf0d652ce09e9bfb6f9dc86fc96dba5739ac8721bfd55c947e44c7de4c37ff5f8bb56db5e08484cf586e143add SHA512 4de08d74637d1fef4f570148e66c8ddf2b59d1c0a49d715ca632da7f572645b65ec5f7c115aaf0bd179b0a9f1ba2bc40357c371f170a674118159d99b2c49516

24

+DIST mysql-boost-8.0.17.tar.gz 189322239 BLAKE2B f9f46e5fdc3e9869b203626bc09edfbcdbabcd68eba43f9c6a33b9a52cffb3a32f39704c6d22a66899aac16fa2efb271c5dc7af7522768b45542ac8dc615cd8a SHA512 a278ee263670cb1f79d67c4b87c4b88632569c3b20a4297a6e77d550155db20902f22992ea851cf59ea523bb97d5e08707e3457f71a678e9f1ac2fa4ca5b7a2d

25

 DIST mysql-connector-c-6.1.11-src.tar.gz 3489345 BLAKE2B 813512520ef660521221565a4466e81d902629d0ee731f746b68eed2b9129ea8361fcabe184537ec8ba91aed5a4b02dfb3450b36524c2e98f81fba148eee0cf1 SHA512 271395c888a93b833e0bbe1840b9987ecdb37d0f1cf89904207cc9aa99ed32e538aee8c9529ff39b6533947159776a8f5aa079da86ed51b1d26b086f4ffdd7c6

26

27

diff --git a/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.17-libressl.patch b/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.17-libressl.patch

28

new file mode 100644

29

index 00000000000..340f894a895

30

--- /dev/null

31

+++ b/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.17-libressl.patch

32

@@ -0,0 +1,258 @@

33

+From: Stefan Strogin <steils@g.o>

34

+Date: Sat, 8 Jun 2019 15:52:26 +0300

35

+Subject: [PATCH] Fix build with LibreSSL

36

+

37

+- Fix version checks as OPENSSL_VERSION_NUMBER in OpenSSL is always

38

+  0x20000000L.

39

+- FIPS support is removed from LibreSSL, do not use it.

40

+- Check for TLS1_3_VERSION define, not OpenSSL/LibreSSL version.

41

+  Theoretically even OpenSSL >=1.1.1 can be built with TLS 1.3 disabled.

42

+

43

+

44

+--- a/cmake/ssl.cmake

45

++++ b/cmake/ssl.cmake

46

+@@ -304,13 +304,14 @@ MACRO (MYSQL_CHECK_SSL)

47

+         OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"

48

+         )

49

+     ENDIF()

50

+-    IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")

51

++    CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)

52

++    IF(HAVE_TLS1_3_VERSION)

53

+        ADD_DEFINITIONS(-DHAVE_TLSv13)

54

+     ENDIF()

55

+     IF(OPENSSL_INCLUDE_DIR AND

56

+        OPENSSL_LIBRARY   AND

57

+        CRYPTO_LIBRARY      AND

58

+-       OPENSSL_MAJOR_VERSION STREQUAL "1"

59

++       OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1"

60

+       )

61

+       SET(OPENSSL_FOUND TRUE)

62

+       FIND_PROGRAM(OPENSSL_EXECUTABLE openssl

63

+--- a/extra/libevent/openssl-compat.h

64

++++ b/extra/libevent/openssl-compat.h

65

+@@ -24,7 +24,6 @@ static inline BIO_METHOD *BIO_meth_new(int type, const char *name)

66

+ #define BIO_set_init(b, val) (b)->init = (val)

67

+ #define BIO_set_data(b, val) (b)->ptr = (val)

68

+ #define BIO_set_shutdown(b, val) (b)->shutdown = (val)

69

+-#define BIO_get_init(b) (b)->init

70

+ #define BIO_get_data(b) (b)->ptr

71

+ #define BIO_get_shutdown(b) (b)->shutdown

72

+

73

+@@ -32,4 +31,8 @@ static inline BIO_METHOD *BIO_meth_new(int type, const char *name)

74

+

75

+ #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */

76

+

77

++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

78

++#define BIO_get_init(b) (b)->init

79

++#endif

80

++

81

+ #endif /* OPENSSL_COMPAT_H */

82

+--- a/mysys/my_md5.cc

83

++++ b/mysys/my_md5.cc

84

+@@ -56,7 +56,7 @@ static void my_md5_hash(unsigned char *digest, unsigned const char *buf,

85

+ int compute_md5_hash(char *digest, const char *buf, int len) {

86

+   int retval = 0;

87

+   int fips_mode = 0;

88

+-#if !defined(HAVE_WOLFSSL)

89

++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)

90

+   fips_mode = FIPS_mode();

91

+ #endif /* HAVE_WOLFSSL */

92

+   /* If fips mode is ON/STRICT restricted method calls will result into abort,

93

+--- a/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c

94

++++ b/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c

95

+@@ -297,7 +297,7 @@ error:

96

+   return 1;

97

+ }

98

+

99

+-#ifndef HAVE_WOLFSSL

100

++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)

101

+ #define OPENSSL_ERROR_LENGTH 512

102

+ static int configure_ssl_fips_mode(const uint fips_mode) {

103

+   int rc = -1;

104

+@@ -521,7 +521,7 @@ int xcom_init_ssl(const char *server_key_file, const char *server_cert_file,

105

+   int verify_server = SSL_VERIFY_NONE;

106

+   int verify_client = SSL_VERIFY_NONE;

107

+

108

+-#ifndef HAVE_WOLFSSL

109

++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)

110

+   if (configure_ssl_fips_mode(ssl_fips_mode) != 1) {

111

+     G_ERROR("Error setting the ssl fips mode");

112

+     goto error;

113

+--- a/plugin/x/client/xconnection_impl.cc

114

++++ b/plugin/x/client/xconnection_impl.cc

115

+@@ -523,7 +523,7 @@ XError Connection_impl::get_ssl_error(const int error_id) {

116

+   return XError(CR_SSL_CONNECTION_ERROR, buffer);

117

+ }

118

+

119

+-#ifndef HAVE_WOLFSSL

120

++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)

121

+ /**

122

+   Set fips mode in openssl library,

123

+   When we set fips mode ON/STRICT, it will perform following operations:

124

+@@ -573,7 +573,7 @@ XError Connection_impl::activate_tls() {

125

+   if (!m_context->m_ssl_config.is_configured())

126

+     return XError{CR_SSL_CONNECTION_ERROR, ER_TEXT_TLS_NOT_CONFIGURATED};

127

+

128

+-#ifndef HAVE_WOLFSSL

129

++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)

130

+   char err_string[OPENSSL_ERROR_LENGTH] = {'\0'};

131

+   if (set_fips_mode((int)m_context->m_ssl_config.m_ssl_fips_mode, err_string) !=

132

+       1) {

133

+--- a/router/src/http/src/tls_client_context.cc

134

++++ b/router/src/http/src/tls_client_context.cc

135

+@@ -54,7 +54,7 @@ void TlsClientContext::verify(TlsVerify verify) {

136

+

137

+ void TlsClientContext::cipher_suites(const std::string &ciphers) {

138

+ // TLSv1.3 ciphers are controlled via SSL_CTX_set_ciphersuites()

139

+-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 1)

140

++#ifdef TLS1_3_VERSION

141

+   if (1 != SSL_CTX_set_ciphersuites(ssl_ctx_.get(), ciphers.c_str())) {

142

+     throw TlsError("set-cipher-suites");

143

+   }

144

+--- a/router/src/http/src/tls_context.cc

145

++++ b/router/src/http/src/tls_context.cc

146

+@@ -93,7 +93,7 @@ static constexpr int o11x_version(TlsVersion version) {

147

+       return TLS1_1_VERSION;

148

+     case TlsVersion::TLS_1_2:

149

+       return TLS1_2_VERSION;

150

+-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 1)

151

++#ifdef TLS1_3_VERSION

152

+     case TlsVersion::TLS_1_3:

153

+       return TLS1_3_VERSION;

154

+ #endif

155

+@@ -123,9 +123,11 @@ void TlsContext::version_range(TlsVersion min_version, TlsVersion max_version) {

156

+     default:

157

+       // unknown, leave all disabled

158

+       // fallthrough

159

++#ifdef TLS1_3_VERSION

160

+     case TlsVersion::TLS_1_3:

161

+       opts |= SSL_OP_NO_TLSv1_2;

162

+       // fallthrough

163

++#endif

164

+     case TlsVersion::TLS_1_2:

165

+       opts |= SSL_OP_NO_TLSv1_1;

166

+       // fallthrough

167

+@@ -172,8 +174,10 @@ TlsVersion TlsContext::min_version() const {

168

+       return TlsVersion::TLS_1_1;

169

+     case TLS1_2_VERSION:

170

+       return TlsVersion::TLS_1_2;

171

++#ifdef TLS1_3_VERSION

172

+     case TLS1_3_VERSION:

173

+       return TlsVersion::TLS_1_3;

174

++#endif

175

+     case 0:

176

+       return TlsVersion::AUTO;

177

+     default:

178

+--- a/router/src/http/src/tls_server_context.cc

179

++++ b/router/src/http/src/tls_server_context.cc

180

+@@ -170,7 +170,8 @@ void TlsServerContext::init_tmp_dh(const std::string &dh_params) {

181

+     }

182

+

183

+   } else {

184

+-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0)

185

++#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0) && \

186

++    !defined(LIBRESSL_VERSION_NUMBER)

187

+     dh2048.reset(DH_get_2048_256());

188

+ #else

189

+     /*

190

+--- a/sql-common/client.cc

191

++++ b/sql-common/client.cc

192

+@@ -7602,7 +7602,8 @@ int STDCALL mysql_options(MYSQL *mysql, enum mysql_option option,

193

+ #endif

194

+       break;

195

+     case MYSQL_OPT_SSL_FIPS_MODE: {

196

+-#if defined(HAVE_OPENSSL) && !defined(HAVE_WOLFSSL)

197

++#if defined(HAVE_OPENSSL) && \

198

++    !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)

199

+       char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};

200

+       ENSURE_EXTENSIONS_PRESENT(&mysql->options);

201

+       mysql->options.extension->ssl_fips_mode = *static_cast<const uint *>(arg);

202

+--- a/sql/mysqld.cc

203

++++ b/sql/mysqld.cc

204

+@@ -4795,7 +4795,7 @@ static int init_thread_environment() {

205

+

206

+ static PSI_memory_key key_memory_openssl = PSI_NOT_INSTRUMENTED;

207

+

208

+-#if OPENSSL_VERSION_NUMBER < 0x10100000L

209

++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

210

+ #define FILE_LINE_ARGS

211

+ #else

212

+ #define FILE_LINE_ARGS , const char *, int

213

+@@ -4831,7 +4831,7 @@ static void init_ssl() {

214

+ }

215

+

216

+ static int init_ssl_communication() {

217

+-#ifndef HAVE_WOLFSSL

218

++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)

219

+   char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};

220

+   int ret_fips_mode = set_fips_mode(opt_ssl_fips_mode, ssl_err_string);

221

+   if (ret_fips_mode != 1) {

222

+--- a/sql/sys_vars.cc

223

++++ b/sql/sys_vars.cc

224

+@@ -4377,7 +4377,7 @@ static Sys_var_ulong Sys_max_execution_time(

225

+     HINT_UPDATEABLE SESSION_VAR(max_execution_time), CMD_LINE(REQUIRED_ARG),

226

+     VALID_RANGE(0, ULONG_MAX), DEFAULT(0), BLOCK_SIZE(1));

227

+

228

+-#ifndef HAVE_WOLFSSL

229

++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)

230

+ static bool update_fips_mode(sys_var *, THD *, enum_var_type) {

231

+   char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};

232

+   if (set_fips_mode(opt_ssl_fips_mode, ssl_err_string) != 1) {

233

+@@ -4390,7 +4390,7 @@ static bool update_fips_mode(sys_var *, THD *, enum_var_type) {

234

+ }

235

+ #endif

236

+

237

+-#ifdef HAVE_WOLFSSL

238

++#if defined(HAVE_WOLFSSL) || defined(LIBRESSL_VERSION_NUMBER)

239

+ static const char *ssl_fips_mode_names[] = {"OFF", 0};

240

+ #else

241

+ static const char *ssl_fips_mode_names[] = {"OFF", "ON", "STRICT", 0};

242

+@@ -4398,7 +4398,7 @@ static const char *ssl_fips_mode_names[] = {"OFF", "ON", "STRICT", 0};

243

+ static Sys_var_enum Sys_ssl_fips_mode(

244

+     "ssl_fips_mode",

245

+     "SSL FIPS mode (applies only for OpenSSL); "

246

+-#ifndef HAVE_WOLFSSL

247

++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)

248

+     "permitted values are: OFF, ON, STRICT",

249

+ #else

250

+     "permitted values are: OFF",

251

+@@ -4406,7 +4406,7 @@ static Sys_var_enum Sys_ssl_fips_mode(

252

+     GLOBAL_VAR(opt_ssl_fips_mode), CMD_LINE(REQUIRED_ARG, OPT_SSL_FIPS_MODE),

253

+     ssl_fips_mode_names, DEFAULT(0), NO_MUTEX_GUARD, NOT_IN_BINLOG,

254

+     ON_CHECK(NULL),

255

+-#ifndef HAVE_WOLFSSL

256

++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)

257

+     ON_UPDATE(update_fips_mode),

258

+ #else

259

+     ON_UPDATE(NULL),

260

+--- a/vio/viossl.cc

261

++++ b/vio/viossl.cc

262

+@@ -507,7 +507,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,

263

+ #if !defined(HAVE_WOLFSSL) && !defined(DBUG_OFF)

264

+     {

265

+       STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;

266

+-      ssl_comp_methods = SSL_COMP_get_compression_methods();

267

++      ssl_comp_methods = (STACK_OF(SSL_COMP) *)SSL_COMP_get_compression_methods();

268

+       n = sk_SSL_COMP_num(ssl_comp_methods);

269

+       DBUG_PRINT("info", ("Available compression methods:\n"));

270

+       if (n == 0)

271

+@@ -515,7 +515,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,

272

+       else

273

+         for (j = 0; j < n; j++) {

274

+           SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);

275

+-#if OPENSSL_VERSION_NUMBER < 0x10100000L

276

++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

277

+           DBUG_PRINT("info", ("  %d: %s\n", c->id, c->name));

278

+ #else  /* OPENSSL_VERSION_NUMBER < 0x10100000L */

279

+           DBUG_PRINT("info",

280

+--- a/vio/viosslfactories.cc

281

++++ b/vio/viosslfactories.cc

282

+@@ -429,7 +429,7 @@ void ssl_start() {

283

+   }

284

+ }

285

+

286

+-#ifndef HAVE_WOLFSSL

287

++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)

288

+ /**

289

+   Set fips mode in openssl library,

290

+   When we set fips mode ON/STRICT, it will perform following operations:

291

292

diff --git a/dev-db/mysql-connector-c/mysql-connector-c-8.0.17.ebuild b/dev-db/mysql-connector-c/mysql-connector-c-8.0.17.ebuild

293

new file mode 100644

294

index 00000000000..db884fd4848

295

--- /dev/null

296

+++ b/dev-db/mysql-connector-c/mysql-connector-c-8.0.17.ebuild

297

@@ -0,0 +1,92 @@

298

+# Copyright 1999-2019 Gentoo Authors

299

+# Distributed under the terms of the GNU General Public License v2

300

+

301

+EAPI=7

302

+

303

+inherit cmake-multilib

304

+

305

+# wrap the config script

306

+MULTILIB_CHOST_TOOLS=( /usr/bin/mysql_config )

307

+

308

+DESCRIPTION="C client library for MariaDB/MySQL"

309

+HOMEPAGE="https://dev.mysql.com/downloads/"

310

+LICENSE="GPL-2"

311

+

312

+SRC_URI="https://dev.mysql.com/get/Downloads/MySQL-8.0/mysql-boost-${PV}.tar.gz"

313

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"

314

+

315

+SLOT="0/21"

316

+IUSE="ldap libressl +ssl static-libs"

317

+

318

+RDEPEND="

319

+	sys-libs/zlib:=[${MULTILIB_USEDEP}]

320

+	ldap? ( dev-libs/cyrus-sasl:=[${MULTILIB_USEDEP}] )

321

+	ssl? (

322

+		libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] )

323

+		!libressl? ( dev-libs/openssl:0=[${MULTILIB_USEDEP}] )

324

+	)

325

+	"

326

+DEPEND="${RDEPEND}"

327

+

328

+DOCS=( README )

329

+

330

+S="${WORKDIR}/mysql-${PV}"

331

+

332

+PATCHES=( "${FILESDIR}"/${PN}-8.0.17-libressl.patch )

333

+

334

+src_prepare() {

335

+	sed -i -e 's/CLIENT_LIBS/CONFIG_CLIENT_LIBS/' "${S}/scripts/CMakeLists.txt" || die

336

+

337

+	# All these are for the server only

338

+	sed -i \

339

+		-e '/MYSQL_CHECK_LIBEVENT/d' \

340

+		-e '/MYSQL_CHECK_RAPIDJSON/d' \

341

+		-e '/MYSQL_CHECK_ICU/d' \

342

+		-e '/MYSQL_CHECK_RE2/d' \

343

+		-e '/MYSQL_CHECK_LZ4/d' \

344

+		-e '/MYSQL_CHECK_EDITLINE/d' \

345

+		-e '/MYSQL_CHECK_CURL/d' \

346

+		-e '/ADD_SUBDIRECTORY(man)/d' \

347

+		-e '/ADD_SUBDIRECTORY(share)/d' \

348

+		-e '/INCLUDE(cmake\/boost/d' \

349

+		CMakeLists.txt || die

350

+

351

+	# Skip building clients

352

+	echo > client/CMakeLists.txt || die

353

+

354

+	# Forcefully disable auth plugin

355

+	if ! use ldap ; then

356

+		sed -i -e '/MYSQL_CHECK_SASL/d' CMakeLists.txt || die

357

+		echo > libmysql/authentication_ldap/CMakeLists.txt || die

358

+	fi

359

+

360

+	cmake-utils_src_prepare

361

+}

362

+

363

+multilib_src_configure() {

364

+	local mycmakeargs=(

365

+		-DINSTALL_LAYOUT=RPM

366

+		-DINSTALL_LIBDIR=$(get_libdir)

367

+		-DWITH_DEFAULT_COMPILER_OPTIONS=OFF

368

+		-DWITH_DEFAULT_FEATURE_SET=OFF

369

+		-DENABLED_LOCAL_INFILE=ON

370

+		-DMYSQL_UNIX_ADDR="${EPREFIX}/run/mysqld/mysqld.sock"

371

+		-DWITH_ZLIB=system

372

+		-DWITH_SSL=$(usex ssl system wolfssl)

373

+		-DLIBMYSQL_OS_OUTPUT_NAME=mysqlclient

374

+		-DSHARED_LIB_PATCH_VERSION="0"

375

+		-DCMAKE_POSITION_INDEPENDENT_CODE=ON

376

+		-DWITHOUT_SERVER=ON

377

+	)

378

+	cmake-utils_src_configure

379

+}

380

+

381

+multilib_src_install() {

382

+	cmake-utils_src_install

383

+}

384

+

385

+multilib_src_install_all() {

386

+	if ! use static-libs ; then

387

+		find "${ED}" -name "*.a" -delete || die

388

+	fi

389

+}

1	commit: c6112871c2e83ad7d1bd64b277386eb2c5efa089
2	Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3	AuthorDate: Fri Aug 2 14:22:45 2019 +0000
4	Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5	CommitDate: Fri Aug 2 14:38:45 2019 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c6112871
7
8	dev-db/mysql-connector-c: bump to v8.0.17
9
10	Package-Manager: Portage-2.3.69, Repoman-2.3.16
11	Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>
12
13	dev-db/mysql-connector-c/Manifest \| 1 +
14	.../files/mysql-connector-c-8.0.17-libressl.patch \| 258 +++++++++++++++++++++
15	.../mysql-connector-c-8.0.17.ebuild \| 92 ++++++++
16	3 files changed, 351 insertions(+)
17
18	diff --git a/dev-db/mysql-connector-c/Manifest b/dev-db/mysql-connector-c/Manifest
19	index 91a4121bd4d..da74276fc3e 100644
20	--- a/dev-db/mysql-connector-c/Manifest
21	+++ b/dev-db/mysql-connector-c/Manifest
22	@@ -1,2 +1,3 @@
23	DIST mysql-boost-8.0.16.tar.gz 145939027 BLAKE2B f8e94c6aa686a3f3a2fd231676070760081c6bbf0d652ce09e9bfb6f9dc86fc96dba5739ac8721bfd55c947e44c7de4c37ff5f8bb56db5e08484cf586e143add SHA512 4de08d74637d1fef4f570148e66c8ddf2b59d1c0a49d715ca632da7f572645b65ec5f7c115aaf0bd179b0a9f1ba2bc40357c371f170a674118159d99b2c49516
24	+DIST mysql-boost-8.0.17.tar.gz 189322239 BLAKE2B f9f46e5fdc3e9869b203626bc09edfbcdbabcd68eba43f9c6a33b9a52cffb3a32f39704c6d22a66899aac16fa2efb271c5dc7af7522768b45542ac8dc615cd8a SHA512 a278ee263670cb1f79d67c4b87c4b88632569c3b20a4297a6e77d550155db20902f22992ea851cf59ea523bb97d5e08707e3457f71a678e9f1ac2fa4ca5b7a2d
25	DIST mysql-connector-c-6.1.11-src.tar.gz 3489345 BLAKE2B 813512520ef660521221565a4466e81d902629d0ee731f746b68eed2b9129ea8361fcabe184537ec8ba91aed5a4b02dfb3450b36524c2e98f81fba148eee0cf1 SHA512 271395c888a93b833e0bbe1840b9987ecdb37d0f1cf89904207cc9aa99ed32e538aee8c9529ff39b6533947159776a8f5aa079da86ed51b1d26b086f4ffdd7c6
26
27	diff --git a/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.17-libressl.patch b/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.17-libressl.patch
28	new file mode 100644
29	index 00000000000..340f894a895
30	--- /dev/null
31	+++ b/dev-db/mysql-connector-c/files/mysql-connector-c-8.0.17-libressl.patch
32	@@ -0,0 +1,258 @@
33	+From: Stefan Strogin <steils@g.o>
34	+Date: Sat, 8 Jun 2019 15:52:26 +0300
35	+Subject: [PATCH] Fix build with LibreSSL
36	+
37	+- Fix version checks as OPENSSL_VERSION_NUMBER in OpenSSL is always
38	+ 0x20000000L.
39	+- FIPS support is removed from LibreSSL, do not use it.
40	+- Check for TLS1_3_VERSION define, not OpenSSL/LibreSSL version.
41	+ Theoretically even OpenSSL >=1.1.1 can be built with TLS 1.3 disabled.
42	+
43	+
44	+--- a/cmake/ssl.cmake
45	++++ b/cmake/ssl.cmake
46	+@@ -304,13 +304,14 @@ MACRO (MYSQL_CHECK_SSL)
47	+ OPENSSL_FIX_VERSION "${OPENSSL_VERSION_NUMBER}"
48	+ )
49	+ ENDIF()
50	+- IF("${OPENSSL_MAJOR_VERSION}.${OPENSSL_MINOR_VERSION}.${OPENSSL_FIX_VERSION}" VERSION_GREATER "1.1.0")
51	++ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
52	++ IF(HAVE_TLS1_3_VERSION)
53	+ ADD_DEFINITIONS(-DHAVE_TLSv13)
54	+ ENDIF()
55	+ IF(OPENSSL_INCLUDE_DIR AND
56	+ OPENSSL_LIBRARY AND
57	+ CRYPTO_LIBRARY AND
58	+- OPENSSL_MAJOR_VERSION STREQUAL "1"
59	++ OPENSSL_MAJOR_VERSION VERSION_GREATER_EQUAL "1"
60	+ )
61	+ SET(OPENSSL_FOUND TRUE)
62	+ FIND_PROGRAM(OPENSSL_EXECUTABLE openssl
63	+--- a/extra/libevent/openssl-compat.h
64	++++ b/extra/libevent/openssl-compat.h
65	+@@ -24,7 +24,6 @@ static inline BIO_METHOD BIO_meth_new(int type, const char name)
66	+ #define BIO_set_init(b, val) (b)->init = (val)
67	+ #define BIO_set_data(b, val) (b)->ptr = (val)
68	+ #define BIO_set_shutdown(b, val) (b)->shutdown = (val)
69	+-#define BIO_get_init(b) (b)->init
70	+ #define BIO_get_data(b) (b)->ptr
71	+ #define BIO_get_shutdown(b) (b)->shutdown
72	+
73	+@@ -32,4 +31,8 @@ static inline BIO_METHOD BIO_meth_new(int type, const char name)
74	+
75	+ #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
76	+
77	++#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
78	++#define BIO_get_init(b) (b)->init
79	++#endif
80	++
81	+ #endif /* OPENSSL_COMPAT_H */
82	+--- a/mysys/my_md5.cc
83	++++ b/mysys/my_md5.cc
84	+@@ -56,7 +56,7 @@ static void my_md5_hash(unsigned char digest, unsigned const char buf,
85	+ int compute_md5_hash(char digest, const char buf, int len) {
86	+ int retval = 0;
87	+ int fips_mode = 0;
88	+-#if !defined(HAVE_WOLFSSL)
89	++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
90	+ fips_mode = FIPS_mode();
91	+ #endif /* HAVE_WOLFSSL */
92	+ /* If fips mode is ON/STRICT restricted method calls will result into abort,
93	+--- a/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
94	++++ b/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_ssl_transport.c
95	+@@ -297,7 +297,7 @@ error:
96	+ return 1;
97	+ }
98	+
99	+-#ifndef HAVE_WOLFSSL
100	++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
101	+ #define OPENSSL_ERROR_LENGTH 512
102	+ static int configure_ssl_fips_mode(const uint fips_mode) {
103	+ int rc = -1;
104	+@@ -521,7 +521,7 @@ int xcom_init_ssl(const char server_key_file, const char server_cert_file,
105	+ int verify_server = SSL_VERIFY_NONE;
106	+ int verify_client = SSL_VERIFY_NONE;
107	+
108	+-#ifndef HAVE_WOLFSSL
109	++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
110	+ if (configure_ssl_fips_mode(ssl_fips_mode) != 1) {
111	+ G_ERROR("Error setting the ssl fips mode");
112	+ goto error;
113	+--- a/plugin/x/client/xconnection_impl.cc
114	++++ b/plugin/x/client/xconnection_impl.cc
115	+@@ -523,7 +523,7 @@ XError Connection_impl::get_ssl_error(const int error_id) {
116	+ return XError(CR_SSL_CONNECTION_ERROR, buffer);
117	+ }
118	+
119	+-#ifndef HAVE_WOLFSSL
120	++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
121	+ /**
122	+ Set fips mode in openssl library,
123	+ When we set fips mode ON/STRICT, it will perform following operations:
124	+@@ -573,7 +573,7 @@ XError Connection_impl::activate_tls() {
125	+ if (!m_context->m_ssl_config.is_configured())
126	+ return XError{CR_SSL_CONNECTION_ERROR, ER_TEXT_TLS_NOT_CONFIGURATED};
127	+
128	+-#ifndef HAVE_WOLFSSL
129	++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
130	+ char err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
131	+ if (set_fips_mode((int)m_context->m_ssl_config.m_ssl_fips_mode, err_string) !=
132	+ 1) {
133	+--- a/router/src/http/src/tls_client_context.cc
134	++++ b/router/src/http/src/tls_client_context.cc
135	+@@ -54,7 +54,7 @@ void TlsClientContext::verify(TlsVerify verify) {
136	+
137	+ void TlsClientContext::cipher_suites(const std::string &ciphers) {
138	+ // TLSv1.3 ciphers are controlled via SSL_CTX_set_ciphersuites()
139	+-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 1)
140	++#ifdef TLS1_3_VERSION
141	+ if (1 != SSL_CTX_set_ciphersuites(ssl_ctx_.get(), ciphers.c_str())) {
142	+ throw TlsError("set-cipher-suites");
143	+ }
144	+--- a/router/src/http/src/tls_context.cc
145	++++ b/router/src/http/src/tls_context.cc
146	+@@ -93,7 +93,7 @@ static constexpr int o11x_version(TlsVersion version) {
147	+ return TLS1_1_VERSION;
148	+ case TlsVersion::TLS_1_2:
149	+ return TLS1_2_VERSION;
150	+-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 1)
151	++#ifdef TLS1_3_VERSION
152	+ case TlsVersion::TLS_1_3:
153	+ return TLS1_3_VERSION;
154	+ #endif
155	+@@ -123,9 +123,11 @@ void TlsContext::version_range(TlsVersion min_version, TlsVersion max_version) {
156	+ default:
157	+ // unknown, leave all disabled
158	+ // fallthrough
159	++#ifdef TLS1_3_VERSION
160	+ case TlsVersion::TLS_1_3:
161	+ opts \|= SSL_OP_NO_TLSv1_2;
162	+ // fallthrough
163	++#endif
164	+ case TlsVersion::TLS_1_2:
165	+ opts \|= SSL_OP_NO_TLSv1_1;
166	+ // fallthrough
167	+@@ -172,8 +174,10 @@ TlsVersion TlsContext::min_version() const {
168	+ return TlsVersion::TLS_1_1;
169	+ case TLS1_2_VERSION:
170	+ return TlsVersion::TLS_1_2;
171	++#ifdef TLS1_3_VERSION
172	+ case TLS1_3_VERSION:
173	+ return TlsVersion::TLS_1_3;
174	++#endif
175	+ case 0:
176	+ return TlsVersion::AUTO;
177	+ default:
178	+--- a/router/src/http/src/tls_server_context.cc
179	++++ b/router/src/http/src/tls_server_context.cc
180	+@@ -170,7 +170,8 @@ void TlsServerContext::init_tmp_dh(const std::string &dh_params) {
181	+ }
182	+
183	+ } else {
184	+-#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0)
185	++#if OPENSSL_VERSION_NUMBER >= ROUTER_OPENSSL_VERSION(1, 1, 0) && \
186	++ !defined(LIBRESSL_VERSION_NUMBER)
187	+ dh2048.reset(DH_get_2048_256());
188	+ #else
189	+ /*
190	+--- a/sql-common/client.cc
191	++++ b/sql-common/client.cc
192	+@@ -7602,7 +7602,8 @@ int STDCALL mysql_options(MYSQL *mysql, enum mysql_option option,
193	+ #endif
194	+ break;
195	+ case MYSQL_OPT_SSL_FIPS_MODE: {
196	+-#if defined(HAVE_OPENSSL) && !defined(HAVE_WOLFSSL)
197	++#if defined(HAVE_OPENSSL) && \
198	++ !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
199	+ char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
200	+ ENSURE_EXTENSIONS_PRESENT(&mysql->options);
201	+ mysql->options.extension->ssl_fips_mode = static_cast<const uint >(arg);
202	+--- a/sql/mysqld.cc
203	++++ b/sql/mysqld.cc
204	+@@ -4795,7 +4795,7 @@ static int init_thread_environment() {
205	+
206	+ static PSI_memory_key key_memory_openssl = PSI_NOT_INSTRUMENTED;
207	+
208	+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
209	++#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
210	+ #define FILE_LINE_ARGS
211	+ #else
212	+ #define FILE_LINE_ARGS , const char *, int
213	+@@ -4831,7 +4831,7 @@ static void init_ssl() {
214	+ }
215	+
216	+ static int init_ssl_communication() {
217	+-#ifndef HAVE_WOLFSSL
218	++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
219	+ char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
220	+ int ret_fips_mode = set_fips_mode(opt_ssl_fips_mode, ssl_err_string);
221	+ if (ret_fips_mode != 1) {
222	+--- a/sql/sys_vars.cc
223	++++ b/sql/sys_vars.cc
224	+@@ -4377,7 +4377,7 @@ static Sys_var_ulong Sys_max_execution_time(
225	+ HINT_UPDATEABLE SESSION_VAR(max_execution_time), CMD_LINE(REQUIRED_ARG),
226	+ VALID_RANGE(0, ULONG_MAX), DEFAULT(0), BLOCK_SIZE(1));
227	+
228	+-#ifndef HAVE_WOLFSSL
229	++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
230	+ static bool update_fips_mode(sys_var , THD , enum_var_type) {
231	+ char ssl_err_string[OPENSSL_ERROR_LENGTH] = {'\0'};
232	+ if (set_fips_mode(opt_ssl_fips_mode, ssl_err_string) != 1) {
233	+@@ -4390,7 +4390,7 @@ static bool update_fips_mode(sys_var , THD , enum_var_type) {
234	+ }
235	+ #endif
236	+
237	+-#ifdef HAVE_WOLFSSL
238	++#if defined(HAVE_WOLFSSL) \|\| defined(LIBRESSL_VERSION_NUMBER)
239	+ static const char *ssl_fips_mode_names[] = {"OFF", 0};
240	+ #else
241	+ static const char *ssl_fips_mode_names[] = {"OFF", "ON", "STRICT", 0};
242	+@@ -4398,7 +4398,7 @@ static const char *ssl_fips_mode_names[] = {"OFF", "ON", "STRICT", 0};
243	+ static Sys_var_enum Sys_ssl_fips_mode(
244	+ "ssl_fips_mode",
245	+ "SSL FIPS mode (applies only for OpenSSL); "
246	+-#ifndef HAVE_WOLFSSL
247	++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
248	+ "permitted values are: OFF, ON, STRICT",
249	+ #else
250	+ "permitted values are: OFF",
251	+@@ -4406,7 +4406,7 @@ static Sys_var_enum Sys_ssl_fips_mode(
252	+ GLOBAL_VAR(opt_ssl_fips_mode), CMD_LINE(REQUIRED_ARG, OPT_SSL_FIPS_MODE),
253	+ ssl_fips_mode_names, DEFAULT(0), NO_MUTEX_GUARD, NOT_IN_BINLOG,
254	+ ON_CHECK(NULL),
255	+-#ifndef HAVE_WOLFSSL
256	++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
257	+ ON_UPDATE(update_fips_mode),
258	+ #else
259	+ ON_UPDATE(NULL),
260	+--- a/vio/viossl.cc
261	++++ b/vio/viossl.cc
262	+@@ -507,7 +507,7 @@ static int ssl_do(struct st_VioSSLFd ptr, Vio vio, long timeout,
263	+ #if !defined(HAVE_WOLFSSL) && !defined(DBUG_OFF)
264	+ {
265	+ STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
266	+- ssl_comp_methods = SSL_COMP_get_compression_methods();
267	++ ssl_comp_methods = (STACK_OF(SSL_COMP) *)SSL_COMP_get_compression_methods();
268	+ n = sk_SSL_COMP_num(ssl_comp_methods);
269	+ DBUG_PRINT("info", ("Available compression methods:\n"));
270	+ if (n == 0)
271	+@@ -515,7 +515,7 @@ static int ssl_do(struct st_VioSSLFd ptr, Vio vio, long timeout,
272	+ else
273	+ for (j = 0; j < n; j++) {
274	+ SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
275	+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
276	++#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
277	+ DBUG_PRINT("info", (" %d: %s\n", c->id, c->name));
278	+ #else /* OPENSSL_VERSION_NUMBER < 0x10100000L */
279	+ DBUG_PRINT("info",
280	+--- a/vio/viosslfactories.cc
281	++++ b/vio/viosslfactories.cc
282	+@@ -429,7 +429,7 @@ void ssl_start() {
283	+ }
284	+ }
285	+
286	+-#ifndef HAVE_WOLFSSL
287	++#if !defined(HAVE_WOLFSSL) && !defined(LIBRESSL_VERSION_NUMBER)
288	+ /**
289	+ Set fips mode in openssl library,
290	+ When we set fips mode ON/STRICT, it will perform following operations:
291
292	diff --git a/dev-db/mysql-connector-c/mysql-connector-c-8.0.17.ebuild b/dev-db/mysql-connector-c/mysql-connector-c-8.0.17.ebuild
293	new file mode 100644
294	index 00000000000..db884fd4848
295	--- /dev/null
296	+++ b/dev-db/mysql-connector-c/mysql-connector-c-8.0.17.ebuild
297	@@ -0,0 +1,92 @@
298	+# Copyright 1999-2019 Gentoo Authors
299	+# Distributed under the terms of the GNU General Public License v2
300	+
301	+EAPI=7
302	+
303	+inherit cmake-multilib
304	+
305	+# wrap the config script
306	+MULTILIB_CHOST_TOOLS=( /usr/bin/mysql_config )
307	+
308	+DESCRIPTION="C client library for MariaDB/MySQL"
309	+HOMEPAGE="https://dev.mysql.com/downloads/"
310	+LICENSE="GPL-2"
311	+
312	+SRC_URI="https://dev.mysql.com/get/Downloads/MySQL-8.0/mysql-boost-${PV}.tar.gz"
313	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
314	+
315	+SLOT="0/21"
316	+IUSE="ldap libressl +ssl static-libs"
317	+
318	+RDEPEND="
319	+ sys-libs/zlib:=[${MULTILIB_USEDEP}]
320	+ ldap? ( dev-libs/cyrus-sasl:=[${MULTILIB_USEDEP}] )
321	+ ssl? (
322	+ libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] )
323	+ !libressl? ( dev-libs/openssl:0=[${MULTILIB_USEDEP}] )
324	+ )
325	+ "
326	+DEPEND="${RDEPEND}"
327	+
328	+DOCS=( README )
329	+
330	+S="${WORKDIR}/mysql-${PV}"
331	+
332	+PATCHES=( "${FILESDIR}"/${PN}-8.0.17-libressl.patch )
333	+
334	+src_prepare() {
335	+ sed -i -e 's/CLIENT_LIBS/CONFIG_CLIENT_LIBS/' "${S}/scripts/CMakeLists.txt" \|\| die
336	+
337	+ # All these are for the server only
338	+ sed -i \
339	+ -e '/MYSQL_CHECK_LIBEVENT/d' \
340	+ -e '/MYSQL_CHECK_RAPIDJSON/d' \
341	+ -e '/MYSQL_CHECK_ICU/d' \
342	+ -e '/MYSQL_CHECK_RE2/d' \
343	+ -e '/MYSQL_CHECK_LZ4/d' \
344	+ -e '/MYSQL_CHECK_EDITLINE/d' \
345	+ -e '/MYSQL_CHECK_CURL/d' \
346	+ -e '/ADD_SUBDIRECTORY(man)/d' \
347	+ -e '/ADD_SUBDIRECTORY(share)/d' \
348	+ -e '/INCLUDE(cmake\/boost/d' \
349	+ CMakeLists.txt \|\| die
350	+
351	+ # Skip building clients
352	+ echo > client/CMakeLists.txt \|\| die
353	+
354	+ # Forcefully disable auth plugin
355	+ if ! use ldap ; then
356	+ sed -i -e '/MYSQL_CHECK_SASL/d' CMakeLists.txt \|\| die
357	+ echo > libmysql/authentication_ldap/CMakeLists.txt \|\| die
358	+ fi
359	+
360	+ cmake-utils_src_prepare
361	+}
362	+
363	+multilib_src_configure() {
364	+ local mycmakeargs=(
365	+ -DINSTALL_LAYOUT=RPM
366	+ -DINSTALL_LIBDIR=$(get_libdir)
367	+ -DWITH_DEFAULT_COMPILER_OPTIONS=OFF
368	+ -DWITH_DEFAULT_FEATURE_SET=OFF
369	+ -DENABLED_LOCAL_INFILE=ON
370	+ -DMYSQL_UNIX_ADDR="${EPREFIX}/run/mysqld/mysqld.sock"
371	+ -DWITH_ZLIB=system
372	+ -DWITH_SSL=$(usex ssl system wolfssl)
373	+ -DLIBMYSQL_OS_OUTPUT_NAME=mysqlclient
374	+ -DSHARED_LIB_PATCH_VERSION="0"
375	+ -DCMAKE_POSITION_INDEPENDENT_CODE=ON
376	+ -DWITHOUT_SERVER=ON
377	+ )
378	+ cmake-utils_src_configure
379	+}
380	+
381	+multilib_src_install() {
382	+ cmake-utils_src_install
383	+}
384	+
385	+multilib_src_install_all() {
386	+ if ! use static-libs ; then
387	+ find "${ED}" -name "*.a" -delete \|\| die
388	+ fi
389	+}

Gentoo Archives: gentoo-commits