diff options
author | Sam James <sam@gentoo.org> | 2022-06-06 01:36:03 +0100 |
---|---|---|
committer | Sam James <sam@gentoo.org> | 2022-06-06 01:36:23 +0100 |
commit | f8a6c534218755943cb627f0ccb960947851b060 (patch) | |
tree | 95a047163a21c7ff13c03ee75164799f3882d520 /dev-db/mariadb | |
parent | app-office/libreoffice-l10n: add 7.3.4.2 (unkeyworded) (diff) | |
download | gentoo-f8a6c534218755943cb627f0ccb960947851b060.tar.gz gentoo-f8a6c534218755943cb627f0ccb960947851b060.tar.bz2 gentoo-f8a6c534218755943cb627f0ccb960947851b060.zip |
dev-db/mariadb: apply upstream 10.6.x OpenSSL 3 patches (to 10.6.8-r1)
These are already queued on the upstream 10.6.x branch. Having a version
of MariaDB that's OpenSSL 3 capable is important given it unblocks
other packages and more wide testing.
(Also, while this isn't what we're doing, Fedora has been using
a bunch of OpenSSL 3 patches on top of 10.5.x for a while.)
Closes: https://bugs.gentoo.org/849593
Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'dev-db/mariadb')
-rw-r--r-- | dev-db/mariadb/files/mariadb-10.6.8-openssl3.patch | 461 | ||||
-rw-r--r-- | dev-db/mariadb/mariadb-10.6.8-r1.ebuild | 1318 |
2 files changed, 1779 insertions, 0 deletions
diff --git a/dev-db/mariadb/files/mariadb-10.6.8-openssl3.patch b/dev-db/mariadb/files/mariadb-10.6.8-openssl3.patch new file mode 100644 index 000000000000..378ae6bae082 --- /dev/null +++ b/dev-db/mariadb/files/mariadb-10.6.8-openssl3.patch @@ -0,0 +1,461 @@ +https://bugs.gentoo.org/849593 +https://github.com/MariaDB/server/commit/f0fa40efada3f46d76b735fa61e9f20cc9ce18fc +https://github.com/MariaDB/server/commit/987d16a0b43c163264ab37d3e01795577f97d83b +https://github.com/MariaDB/server/commit/78412ab028509f07a801c9bf1f3792ad77bcfac6 +https://github.com/MariaDB/server/commit/babb803222d4a5d5a3256720c59d056cc8ba7dc3 + +From: Vladislav Vaintroub <wlad@mariadb.com> +Date: Mon, 8 Nov 2021 18:48:19 +0100 +Subject: [PATCH] MDEV-25785 Add support for OpenSSL 3.0 + +Summary of changes + +- MD_CTX_SIZE is increased + +- EVP_CIPHER_CTX_buf_noconst(ctx) does not work anymore, points + to nobody knows where. The assumption made previously was that + (since the function does not seem to be documented) + was that it points to the last partial source block. + Add own partial block buffer for NOPAD encryption instead + +- SECLEVEL in CipherString in openssl.cnf + had been downgraded to 0, from 1, to make TLSv1.0 and TLSv1.1 possible + (according to https://github.com/openssl/openssl/blob/openssl-3.0.0/NEWS.md + even though the manual for SSL_CTX_get_security_level claims that it + should not be necessary) + +- Workaround Ssl_cipher_list issue, it now returns TLSv1.3 ciphers, + in addition to what was set in --ssl-cipher + +- ctx_buf buffer now must be aligned to 16 bytes with openssl( + previously with WolfSSL only), ot crashes will happen + +- updated aes-t , to be better debuggable + using function, rather than a huge multiline macro + added test that does "nopad" encryption piece-wise, to test + replacement of EVP_CIPHER_CTX_buf_noconst + +part of MDEV-28133 +--- a/cmake/ssl.cmake ++++ b/cmake/ssl.cmake +@@ -139,6 +139,13 @@ MACRO (MYSQL_CHECK_SSL) + SET(SSL_INTERNAL_INCLUDE_DIRS "") + SET(SSL_DEFINES "-DHAVE_OPENSSL") + ++ # Silence "deprecated in OpenSSL 3.0" ++ IF((NOT OPENSSL_VERSION) # 3.0 not determined by older cmake ++ OR NOT(OPENSSL_VERSION VERSION_LESS "3.0.0")) ++ SET(SSL_DEFINES "${SSL_DEFINES} -DOPENSSL_API_COMPAT=0x10100000L") ++ SET(CMAKE_REQUIRED_DEFINITIONS -DOPENSSL_API_COMPAT=0x10100000L) ++ ENDIF() ++ + SET(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR}) + SET(CMAKE_REQUIRED_LIBRARIES ${SSL_LIBRARIES}) + SET(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR}) +@@ -152,6 +159,7 @@ MACRO (MYSQL_CHECK_SSL) + HAVE_X509_check_host) + SET(CMAKE_REQUIRED_INCLUDES) + SET(CMAKE_REQUIRED_LIBRARIES) ++ SET(CMAKE_REQUIRED_DEFINITIONS) + ELSE() + IF(WITH_SSL STREQUAL "system") + MESSAGE(FATAL_ERROR "Cannot find appropriate system libraries for SSL. Use WITH_SSL=bundled to enable SSL support") +--- a/include/mysql/service_my_crypt.h ++++ b/include/mysql/service_my_crypt.h +@@ -45,7 +45,7 @@ extern "C" { + /* The max key length of all supported algorithms */ + #define MY_AES_MAX_KEY_LENGTH 32 + +-#define MY_AES_CTX_SIZE 656 ++#define MY_AES_CTX_SIZE 672 + + enum my_aes_mode { + MY_AES_ECB, MY_AES_CBC +--- a/include/ssl_compat.h ++++ b/include/ssl_compat.h +@@ -24,7 +24,7 @@ + #define SSL_LIBRARY OpenSSL_version(OPENSSL_VERSION) + #define ERR_remove_state(X) ERR_clear_error() + #define EVP_CIPHER_CTX_SIZE 176 +-#define EVP_MD_CTX_SIZE 48 ++#define EVP_MD_CTX_SIZE 72 + #undef EVP_MD_CTX_init + #define EVP_MD_CTX_init(X) do { memset((X), 0, EVP_MD_CTX_SIZE); EVP_MD_CTX_reset(X); } while(0) + #undef EVP_CIPHER_CTX_init +@@ -77,7 +77,6 @@ + #define DH_set0_pqg(D,P,Q,G) ((D)->p= (P), (D)->g= (G)) + #endif + +-#define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf) + #define EVP_CIPHER_CTX_encrypting(ctx) ((ctx)->encrypt) + #define EVP_CIPHER_CTX_SIZE sizeof(EVP_CIPHER_CTX) + +--- a/mysql-test/lib/openssl.cnf ++++ b/mysql-test/lib/openssl.cnf +@@ -9,4 +9,4 @@ ssl_conf = ssl_section + system_default = system_default_section + + [system_default_section] +-CipherString = ALL:@SECLEVEL=1 ++CipherString = ALL:@SECLEVEL=0 +--- a/mysql-test/main/ssl_cipher.result ++++ b/mysql-test/main/ssl_cipher.result +@@ -61,8 +61,8 @@ connect ssl_con,localhost,root,,,,,SSL; + SHOW STATUS LIKE 'Ssl_cipher'; + Variable_name Value + Ssl_cipher AES128-SHA +-SHOW STATUS LIKE 'Ssl_cipher_list'; +-Variable_name Value +-Ssl_cipher_list AES128-SHA ++SELECT VARIABLE_VALUE like '%AES128-SHA%' FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher_list'; ++VARIABLE_VALUE like '%AES128-SHA%' ++1 + disconnect ssl_con; + connection default; +--- a/mysql-test/main/ssl_cipher.test ++++ b/mysql-test/main/ssl_cipher.test +@@ -98,6 +98,6 @@ let $restart_parameters=--ssl-cipher=AES128-SHA; + source include/restart_mysqld.inc; + connect (ssl_con,localhost,root,,,,,SSL); + SHOW STATUS LIKE 'Ssl_cipher'; +-SHOW STATUS LIKE 'Ssl_cipher_list'; ++SELECT VARIABLE_VALUE like '%AES128-SHA%' FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher_list'; + disconnect ssl_con; + connection default; +--- a/mysys_ssl/my_crypt.cc ++++ b/mysys_ssl/my_crypt.cc +@@ -29,11 +29,7 @@ + #include <ssl_compat.h> + #include <cstdint> + +-#ifdef HAVE_WOLFSSL + #define CTX_ALIGN 16 +-#else +-#define CTX_ALIGN 0 +-#endif + + class MyCTX + { +@@ -100,8 +96,9 @@ class MyCTX_nopad : public MyCTX + { + public: + const uchar *key; +- uint klen, buf_len; ++ uint klen, source_tail_len; + uchar oiv[MY_AES_BLOCK_SIZE]; ++ uchar source_tail[MY_AES_BLOCK_SIZE]; + + MyCTX_nopad() : MyCTX() { } + ~MyCTX_nopad() { } +@@ -112,7 +109,7 @@ class MyCTX_nopad : public MyCTX + compile_time_assert(MY_AES_CTX_SIZE >= sizeof(MyCTX_nopad)); + this->key= key; + this->klen= klen; +- this->buf_len= 0; ++ this->source_tail_len= 0; + if (ivlen) + memcpy(oiv, iv, ivlen); + DBUG_ASSERT(ivlen == 0 || ivlen == sizeof(oiv)); +@@ -123,26 +120,41 @@ class MyCTX_nopad : public MyCTX + return res; + } + ++ /** Update last partial source block, stored in source_tail array. */ ++ void update_source_tail(const uchar* src, uint slen) ++ { ++ if (!slen) ++ return; ++ uint new_tail_len= (source_tail_len + slen) % MY_AES_BLOCK_SIZE; ++ if (new_tail_len) ++ { ++ if (slen + source_tail_len < MY_AES_BLOCK_SIZE) ++ { ++ memcpy(source_tail + source_tail_len, src, slen); ++ } ++ else ++ { ++ DBUG_ASSERT(slen > new_tail_len); ++ memcpy(source_tail, src + slen - new_tail_len, new_tail_len); ++ } ++ } ++ source_tail_len= new_tail_len; ++ } ++ + int update(const uchar *src, uint slen, uchar *dst, uint *dlen) + { +- buf_len+= slen; ++ update_source_tail(src, slen); + return MyCTX::update(src, slen, dst, dlen); + } + + int finish(uchar *dst, uint *dlen) + { +- buf_len %= MY_AES_BLOCK_SIZE; +- if (buf_len) ++ if (source_tail_len) + { +- uchar *buf= EVP_CIPHER_CTX_buf_noconst(ctx); + /* + Not much we can do, block ciphers cannot encrypt data that aren't + a multiple of the block length. At least not without padding. + Let's do something CTR-like for the last partial block. +- +- NOTE this assumes that there are only buf_len bytes in the buf. +- If OpenSSL will change that, we'll need to change the implementation +- of this class too. + */ + uchar mask[MY_AES_BLOCK_SIZE]; + uint mlen; +@@ -154,10 +166,10 @@ class MyCTX_nopad : public MyCTX + return rc; + DBUG_ASSERT(mlen == sizeof(mask)); + +- for (uint i=0; i < buf_len; i++) +- dst[i]= buf[i] ^ mask[i]; ++ for (uint i=0; i < source_tail_len; i++) ++ dst[i]= source_tail[i] ^ mask[i]; + } +- *dlen= buf_len; ++ *dlen= source_tail_len; + return MY_AES_OK; + } + }; +--- a/unittest/mysys/aes-t.c ++++ b/unittest/mysys/aes-t.c +@@ -21,27 +21,96 @@ + #include <string.h> + #include <ctype.h> + +-#define DO_TEST(mode, nopad, slen, fill, dlen, hash) \ +- SKIP_BLOCK_IF(mode == 0xDEADBEAF, nopad ? 4 : 5, #mode " not supported") \ +- { \ +- memset(src, fill, src_len= slen); \ +- ok(my_aes_crypt(mode, nopad | ENCRYPTION_FLAG_ENCRYPT, \ +- src, src_len, dst, &dst_len, \ +- key, sizeof(key), iv, sizeof(iv)) == MY_AES_OK, \ +- "encrypt " #mode " %u %s", src_len, nopad ? "nopad" : "pad"); \ +- if (!nopad) \ +- ok (dst_len == my_aes_get_size(mode, src_len), "my_aes_get_size");\ +- my_md5(md5, (char*)dst, dst_len); \ +- ok(dst_len == dlen && memcmp(md5, hash, sizeof(md5)) == 0, "md5"); \ +- ok(my_aes_crypt(mode, nopad | ENCRYPTION_FLAG_DECRYPT, \ +- dst, dst_len, ddst, &ddst_len, \ +- key, sizeof(key), iv, sizeof(iv)) == MY_AES_OK, \ +- "decrypt " #mode " %u", dst_len); \ +- ok(ddst_len == src_len && memcmp(src, ddst, src_len) == 0, "memcmp"); \ ++ ++/** Test streaming encryption, bytewise update.*/ ++static int aes_crypt_bytewise(enum my_aes_mode mode, int flags, const unsigned char *src, ++ unsigned int slen, unsigned char *dst, unsigned int *dlen, ++ const unsigned char *key, unsigned int klen, ++ const unsigned char *iv, unsigned int ivlen) ++{ ++ /* Allocate context on odd address on stack, in order to ++ catch misalignment errors.*/ ++ void *ctx= (char *)alloca(MY_AES_CTX_SIZE+1)+1; ++ ++ int res1, res2; ++ uint d1= 0, d2; ++ uint i; ++ ++ if ((res1= my_aes_crypt_init(ctx, mode, flags, key, klen, iv, ivlen))) ++ return res1; ++ for (i= 0; i < slen; i++) ++ { ++ uint tmp_d1=0; ++ res1= my_aes_crypt_update(ctx, src+i,1, dst, &tmp_d1); ++ if (res1) ++ return res1; ++ d1+= tmp_d1; ++ dst+= tmp_d1; ++ } ++ res2= my_aes_crypt_finish(ctx, dst, &d2); ++ *dlen= d1 + d2; ++ return res1 ? res1 : res2; ++} ++ ++ ++#ifndef HAVE_EncryptAes128Ctr ++const uint MY_AES_CTR=0xDEADBEAF; ++#endif ++#ifndef HAVE_EncryptAes128Gcm ++const uint MY_AES_GCM=0xDEADBEAF; ++#endif ++ ++#define MY_AES_UNSUPPORTED(x) (x == 0xDEADBEAF) ++ ++static void do_test(uint mode, const char *mode_str, int nopad, uint slen, ++ char fill, size_t dlen, const char *hash) ++{ ++ uchar key[16]= {1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6}; ++ uchar iv[16]= {2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7}; ++ uchar src[1000], dst[1100], dst2[1100], ddst[1000]; ++ uchar md5[MY_MD5_HASH_SIZE]; ++ uint src_len, dst_len, dst_len2, ddst_len; ++ int result; ++ ++ if (MY_AES_UNSUPPORTED(mode)) ++ { ++ skip(nopad?7:6, "%s not supported", mode_str); ++ return; ++ } ++ memset(src, fill, src_len= slen); ++ result= my_aes_crypt(mode, nopad | ENCRYPTION_FLAG_ENCRYPT, src, src_len, ++ dst, &dst_len, key, sizeof(key), iv, sizeof(iv)); ++ ok(result == MY_AES_OK, "encrypt %s %u %s", mode_str, src_len, ++ nopad ? "nopad" : "pad"); ++ ++ if (nopad) ++ { ++ result= aes_crypt_bytewise(mode, nopad | ENCRYPTION_FLAG_ENCRYPT, src, ++ src_len, dst2, &dst_len2, key, sizeof(key), ++ iv, sizeof(iv)); ++ ok(result == MY_AES_OK, "encrypt bytewise %s %u", mode_str, src_len); ++ /* Compare with non-bytewise encryption result*/ ++ ok(dst_len == dst_len2 && memcmp(dst, dst2, dst_len) == 0, ++ "memcmp bytewise %s %u", mode_str, src_len); ++ } ++ else ++ { ++ int dst_len_real= my_aes_get_size(mode, src_len); ++ ok(dst_len_real= dst_len, "my_aes_get_size"); + } ++ my_md5(md5, (char *) dst, dst_len); ++ ok(dst_len == dlen, "md5 len"); ++ ok(memcmp(md5, hash, sizeof(md5)) == 0, "md5"); ++ result= my_aes_crypt(mode, nopad | ENCRYPTION_FLAG_DECRYPT, ++ dst, dst_len, ddst, &ddst_len, key, sizeof(key), iv, ++ sizeof(iv)); ++ ++ ok(result == MY_AES_OK, "decrypt %s %u", mode_str, dst_len); ++ ok(ddst_len == src_len && memcmp(src, ddst, src_len) == 0, "memcmp"); ++} + +-#define DO_TEST_P(M,S,F,D,H) DO_TEST(M,0,S,F,D,H) +-#define DO_TEST_N(M,S,F,D,H) DO_TEST(M,ENCRYPTION_FLAG_NOPAD,S,F,D,H) ++#define DO_TEST_P(M, S, F, D, H) do_test(M, #M, 0, S, F, D, H) ++#define DO_TEST_N(M, S, F, D, H) do_test(M, #M, ENCRYPTION_FLAG_NOPAD, S, F, D, H) + + /* useful macro for debugging */ + #define PRINT_MD5() \ +@@ -53,25 +122,15 @@ + printf("\"\n"); \ + } while(0); + +-#ifndef HAVE_EncryptAes128Ctr +-const uint MY_AES_CTR=0xDEADBEAF; +-#endif +-#ifndef HAVE_EncryptAes128Gcm +-const uint MY_AES_GCM=0xDEADBEAF; +-#endif + + int + main(int argc __attribute__((unused)),char *argv[]) + { +- uchar key[16]= {1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6}; +- uchar iv[16]= {2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7}; +- uchar src[1000], dst[1100], ddst[1000]; +- uchar md5[MY_MD5_HASH_SIZE]; +- uint src_len, dst_len, ddst_len; + + MY_INIT(argv[0]); + +- plan(87); ++ plan(122); ++ + DO_TEST_P(MY_AES_ECB, 200, '.', 208, "\xd8\x73\x8e\x3a\xbc\x66\x99\x13\x7f\x90\x23\x52\xee\x97\x6f\x9a"); + DO_TEST_P(MY_AES_ECB, 128, '?', 144, "\x19\x58\x33\x85\x4c\xaa\x7f\x06\xd1\xb2\xec\xd7\xb7\x6a\xa9\x5b"); + DO_TEST_P(MY_AES_CBC, 159, '%', 160, "\x4b\x03\x18\x3d\xf1\xa7\xcd\xa1\x46\xb3\xc6\x8a\x92\xc0\x0f\xc9"); + +From: Oleksandr Byelkin <sanja@mariadb.com> +Date: Fri, 4 Feb 2022 14:52:03 +0100 +Subject: [PATCH] Revert "don't build with OpenSSL 3.0, it doesn't work before + MDEV-25785" + +This reverts commit c9beef43154a199bfcd9f71049c011a2ed77ca74, because +we have OpenSSL 3.0 support here. + +part of MDEV-28133 +--- a/cmake/ssl.cmake ++++ b/cmake/ssl.cmake +@@ -118,7 +118,7 @@ MACRO (MYSQL_CHECK_SSL) + ENDIF() + FIND_PACKAGE(OpenSSL) + SET_PACKAGE_PROPERTIES(OpenSSL PROPERTIES TYPE RECOMMENDED) +- IF(OPENSSL_FOUND AND OPENSSL_VERSION AND OPENSSL_VERSION VERSION_LESS "3.0.0") ++ IF(OPENSSL_FOUND) + SET(OPENSSL_LIBRARY ${OPENSSL_SSL_LIBRARY}) + INCLUDE(CheckSymbolExists) + SET(SSL_SOURCES "") + +From: Honza Horak <hhorak@redhat.com> +Date: Tue, 8 Feb 2022 16:39:10 +0100 +Subject: [PATCH] MDEV-27778 md5 in FIPS crashes with OpenSSL 3.0.0 + +OpenSSL 3.0.0+ does not support EVP_MD_CTX_FLAG_NON_FIPS_ALLOW any longer. +In OpenSSL 1.1.1 the non FIPS allowed flag is context specific, while +in 3.0.0+ it is a different EVP_MD provider. + +Fixes #2010 + +part of MDEV-28133 +--- a/mysys_ssl/my_md5.cc ++++ b/mysys_ssl/my_md5.cc +@@ -52,12 +52,23 @@ static void md5_result(EVP_MD_CTX *context, uchar digest[MD5_HASH_SIZE]) + + static void md5_init(EVP_MD_CTX *context) + { ++#if OPENSSL_VERSION_NUMBER >= 0x30000000L ++ EVP_MD *md5; ++ EVP_MD_CTX_init(context); ++ /* Ok to ignore FIPS: MD5 is not used for crypto here */ ++ /* In OpenSSL 3.0.0+ it is a different EVP_MD provider */ ++ md5 = EVP_MD_fetch(NULL, "MD5", "fips=no"); ++ EVP_DigestInit_ex(context, md5, NULL); ++ EVP_MD_free(md5); ++#else + EVP_MD_CTX_init(context); + #ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW + /* Ok to ignore FIPS: MD5 is not used for crypto here */ ++ /* In OpenSSL 1.1.1 the non FIPS allowed flag is context specific */ + EVP_MD_CTX_set_flags(context, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); + #endif + EVP_DigestInit_ex(context, EVP_md5(), NULL); ++#endif + } + + static void md5_input(EVP_MD_CTX *context, const uchar *buf, unsigned len) + +From: Vladislav Vaintroub <wlad@mariadb.com> +Date: Mon, 23 May 2022 14:38:56 +0200 +Subject: [PATCH] MDEV-28648 main.ssl_timeout fails with OpenSSL 3.0.3 + +Depending on OpenSSL version, and at least in 3.0.3, the client-side socket +timeout is reported as generic error (SSL_ERROR_SYSCALL), losing further +details (both errno and GetLastError() return 0). This results in client +reporting "Unknown OpenSSL error" 2026, instead of another generic +"Lost connection to server during query" 2013 + +Adjusted test case. +--- a/mysql-test/main/ssl_timeout.result ++++ b/mysql-test/main/ssl_timeout.result +@@ -5,6 +5,6 @@ SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS + have_ssl + 1 + SELECT SLEEP(600); +-ERROR HY000: Lost connection to server during query ++Got one of the listed errors + connection default; + disconnect ssl_con; +--- a/mysql-test/main/ssl_timeout.test ++++ b/mysql-test/main/ssl_timeout.test +@@ -10,7 +10,7 @@ connect (ssl_con,localhost,root,,,,,SSL read_timeout=5); + SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; + + # --error CR_SERVER_LOST +---error 2013 ++--error 2013,2026 + SELECT SLEEP(600); + + connection default; + diff --git a/dev-db/mariadb/mariadb-10.6.8-r1.ebuild b/dev-db/mariadb/mariadb-10.6.8-r1.ebuild new file mode 100644 index 000000000000..c78a89ef581a --- /dev/null +++ b/dev-db/mariadb/mariadb-10.6.8-r1.ebuild @@ -0,0 +1,1318 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" +SUBSLOT="18" + +JAVA_PKG_OPT_USE="jdbc" + +inherit eutils systemd flag-o-matic prefix toolchain-funcs \ + multiprocessing java-pkg-opt-2 cmake + +# Patch version +PATCH_SET="https://github.com/hydrapolic/gentoo-dist/raw/master/mariadb/mariadb-10.6.8-patches-01.tar.xz" + +SRC_URI="mirror://mariadb/${PN}-${PV}/source/${P}.tar.gz + ${PATCH_SET[@]}" + +HOMEPAGE="https://mariadb.org/" +DESCRIPTION="An enhanced, drop-in replacement for MySQL" +LICENSE="GPL-2 LGPL-2.1+" +SLOT="$(ver_cut 1-2)/${SUBSLOT:-0}" +IUSE="+backup bindist columnstore cracklib debug extraengine galera innodb-lz4 + innodb-lzo innodb-snappy jdbc jemalloc kerberos latin1 mroonga + numa odbc oqgraph pam +perl profiling rocksdb selinux +server sphinx + sst-rsync sst-mariabackup static systemd systemtap s3 tcmalloc + test xml yassl" + +RESTRICT="!bindist? ( bindist ) !test? ( test )" + +REQUIRED_USE="jdbc? ( extraengine server !static ) + ?? ( tcmalloc jemalloc ) + static? ( yassl !pam )" + +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris ~x86-solaris" + +# Shorten the path because the socket path length must be shorter than 107 chars +# and we will run a mysql server during test phase +S="${WORKDIR}/mysql" + +# Be warned, *DEPEND are version-dependant +# These are used for both runtime and compiletime +COMMON_DEPEND=" + >=dev-libs/libpcre2-10.34:= + >=sys-apps/sed-4 + >=sys-apps/texinfo-4.7-r1 + sys-libs/ncurses:0= + >=sys-libs/zlib-1.2.3:0= + virtual/libcrypt:= + !bindist? ( + sys-libs/binutils-libs:0= + >=sys-libs/readline-4.1:0= + ) + jemalloc? ( dev-libs/jemalloc:0= ) + kerberos? ( virtual/krb5 ) + kernel_linux? ( + sys-process/procps:0= + dev-libs/libaio:0= + ) + server? ( + app-arch/bzip2 + app-arch/xz-utils + backup? ( app-arch/libarchive:0= ) + columnstore? ( + app-arch/snappy + dev-libs/boost:0= + dev-libs/libxml2:2= + ) + cracklib? ( sys-libs/cracklib:0= ) + extraengine? ( + odbc? ( dev-db/unixODBC:0= ) + xml? ( dev-libs/libxml2:2= ) + ) + innodb-lz4? ( app-arch/lz4 ) + innodb-lzo? ( dev-libs/lzo ) + innodb-snappy? ( app-arch/snappy ) + mroonga? ( app-text/groonga-normalizer-mysql >=app-text/groonga-7.0.4 ) + numa? ( sys-process/numactl ) + oqgraph? ( >=dev-libs/boost-1.40.0:0= dev-libs/judy:0= ) + pam? ( sys-libs/pam:0= ) + s3? ( net-misc/curl ) + systemd? ( sys-apps/systemd:= ) + ) + systemtap? ( >=dev-util/systemtap-1.3:0= ) + tcmalloc? ( dev-util/google-perftools:0= ) + yassl? ( net-libs/gnutls:0= ) + !yassl? ( + >=dev-libs/openssl-1.0.0:0= + ) +" +BDEPEND="virtual/yacc" +DEPEND="${COMMON_DEPEND} + server? ( + extraengine? ( jdbc? ( >=virtual/jdk-1.8 ) ) + test? ( acct-group/mysql acct-user/mysql ) + ) + static? ( sys-libs/ncurses[static-libs] ) +" +RDEPEND="${COMMON_DEPEND} + !dev-db/mysql !dev-db/mariadb-galera !dev-db/percona-server !dev-db/mysql-cluster + !dev-db/mariadb:0 + !dev-db/mariadb:5.5 + !dev-db/mariadb:10.1 + !dev-db/mariadb:10.2 + !dev-db/mariadb:10.3 + !dev-db/mariadb:10.4 + !dev-db/mariadb:10.5 + !dev-db/mariadb:10.7 + !dev-db/mariadb:10.8 + !<virtual/mysql-5.6-r11 + !<virtual/libmysqlclient-18-r1 + selinux? ( sec-policy/selinux-mysql ) + server? ( + columnstore? ( dev-db/mariadb-connector-c ) + extraengine? ( jdbc? ( >=virtual/jre-1.8 ) ) + galera? ( + sys-apps/iproute2 + =sys-cluster/galera-26* + sst-rsync? ( sys-process/lsof ) + sst-mariabackup? ( net-misc/socat[ssl] ) + ) + !prefix? ( dev-db/mysql-init-scripts acct-group/mysql acct-user/mysql ) + ) +" +# For other stuff to bring us in +# dev-perl/DBD-mysql is needed by some scripts installed by MySQL +PDEPEND="perl? ( >=dev-perl/DBD-mysql-2.9004 )" + +mysql_init_vars() { + MY_SHAREDSTATEDIR=${MY_SHAREDSTATEDIR="${EPREFIX}/usr/share/mariadb"} + MY_SYSCONFDIR=${MY_SYSCONFDIR="${EPREFIX}/etc/mysql"} + MY_LOCALSTATEDIR=${MY_LOCALSTATEDIR="${EPREFIX}/var/lib/mysql"} + MY_LOGDIR=${MY_LOGDIR="${EPREFIX}/var/log/mysql"} + + if [[ -z "${MY_DATADIR}" ]] ; then + MY_DATADIR="" + if [[ -f "${MY_SYSCONFDIR}/my.cnf" ]] ; then + MY_DATADIR=$(my_print_defaults mysqld 2>/dev/null \ + | sed -ne '/datadir/s|^--datadir=||p' \ + | tail -n1) + if [[ -z "${MY_DATADIR}" ]] ; then + MY_DATADIR=$(grep ^datadir "${MY_SYSCONFDIR}/my.cnf" \ + | sed -e 's/.*=\s*//' \ + | tail -n1) + fi + fi + if [[ -z "${MY_DATADIR}" ]] ; then + MY_DATADIR="${MY_LOCALSTATEDIR}" + einfo "Using default MY_DATADIR" + fi + elog "MySQL MY_DATADIR is ${MY_DATADIR}" + + if [[ -z "${PREVIOUS_DATADIR}" ]] ; then + if [[ -e "${MY_DATADIR}" ]] ; then + # If you get this and you're wondering about it, see bug #207636 + elog "MySQL datadir found in ${MY_DATADIR}" + elog "A new one will not be created." + PREVIOUS_DATADIR="yes" + else + PREVIOUS_DATADIR="no" + fi + export PREVIOUS_DATADIR + fi + else + if [[ ${EBUILD_PHASE} == "config" ]]; then + local new_MY_DATADIR + new_MY_DATADIR=$(my_print_defaults mysqld 2>/dev/null \ + | sed -ne '/datadir/s|^--datadir=||p' \ + | tail -n1) + + if [[ ( -n "${new_MY_DATADIR}" ) && ( "${new_MY_DATADIR}" != "${MY_DATADIR}" ) ]]; then + ewarn "MySQL MY_DATADIR has changed" + ewarn "from ${MY_DATADIR}" + ewarn "to ${new_MY_DATADIR}" + MY_DATADIR="${new_MY_DATADIR}" + fi + fi + fi + + export MY_SHAREDSTATEDIR MY_SYSCONFDIR + export MY_LOCALSTATEDIR MY_LOGDIR + export MY_DATADIR +} + +pkg_setup() { + if [[ ${MERGE_TYPE} != binary ]] ; then + if has test ${FEATURES} ; then + # Bug #213475 - MySQL _will_ object strenuously if your machine is named + # localhost. Also causes weird failures. + [[ "${HOSTNAME}" == "localhost" ]] && die "Your machine must NOT be named localhost" + + if ! has userpriv ${FEATURES} ; then + die "Testing with FEATURES=-userpriv is no longer supported by upstream. Tests MUST be run as non-root." + fi + fi + fi + + java-pkg-opt-2_pkg_setup +} + +src_unpack() { + unpack ${A} + + mv -f "${WORKDIR}/${P/_rc/}" "${S}" || die +} + +src_prepare() { + eapply "${WORKDIR}"/mariadb-patches + + eapply "${FILESDIR}"/${P}-openssl3.patch + + eapply_user + + _disable_plugin() { + echo > "${S}/plugin/${1}/CMakeLists.txt" || die + } + _disable_engine() { + echo > "${S}/storage/${1}/CMakeLists.txt" || die + } + + if use jemalloc; then + echo "TARGET_LINK_LIBRARIES(mariadbd LINK_PUBLIC jemalloc)" >> "${S}/sql/CMakeLists.txt" + elif use tcmalloc; then + echo "TARGET_LINK_LIBRARIES(mariadbd LINK_PUBLIC tcmalloc)" >> "${S}/sql/CMakeLists.txt" + fi + + local plugin + local server_plugins=( handler_socket auth_socket feedback metadata_lock_info + locale_info qc_info server_audit sql_errlog auth_ed25519 ) + local test_plugins=( audit_null auth_examples daemon_example fulltext + debug_key_management example_key_management versioning ) + if ! use server; then # These plugins are for the server + for plugin in "${server_plugins[@]}" ; do + _disable_plugin "${plugin}" + done + fi + + if ! use test; then # These plugins are only used during testing + for plugin in "${test_plugins[@]}" ; do + _disable_plugin "${plugin}" + done + _disable_engine test_sql_discovery + echo > "${S}/plugin/auth_pam/testing/CMakeLists.txt" || die + fi + + _disable_engine example + + if ! use oqgraph ; then # avoids extra library checks + _disable_engine oqgraph + fi + + if use mroonga ; then + # Remove the bundled groonga + # There is no CMake flag, it simply checks for existance + rm -r "${S}"/storage/mroonga/vendor/groonga || die "could not remove packaged groonga" + else + _disable_engine mroonga + fi + + # Fix static bindings in galera replication + sed -i -e 's~add_library(wsrep_api_v26$~add_library(wsrep_api_v26 STATIC~' \ + "${S}"/wsrep-lib/wsrep-API/CMakeLists.txt || die + sed -i -e 's~add_library(wsrep-lib$~add_library(wsrep-lib STATIC~' \ + "${S}"/wsrep-lib/src/CMakeLists.txt || die + + # Fix galera_recovery.sh script + sed -i -e "s~@bindir@/my_print_defaults~${EPREFIX}/usr/libexec/mariadb/my_print_defaults~" \ + scripts/galera_recovery.sh || die + + sed -i -e 's~ \$basedir/lib/\*/mariadb19/plugin~~' \ + "${S}"/scripts/mysql_install_db.sh || die + + cmake_src_prepare + java-pkg-opt-2_src_prepare +} + +src_configure() { + # bug 508724 mariadb cannot use ld.gold + tc-ld-disable-gold + # Bug #114895, bug #110149 + filter-flags "-O" "-O[01]" + + # It fails on alpha without this + use alpha && append-ldflags "-Wl,--no-relax" + + append-cxxflags -felide-constructors + + # bug #283926, with GCC4.4, this is required to get correct behavior. + append-flags -fno-strict-aliasing + + CMAKE_BUILD_TYPE="RelWithDebInfo" + + # debug hack wrt #497532 + mycmakeargs=( + -DCMAKE_C_FLAGS_RELWITHDEBINFO="$(usex debug '' '-DNDEBUG')" + -DCMAKE_CXX_FLAGS_RELWITHDEBINFO="$(usex debug '' '-DNDEBUG')" + -DMYSQL_DATADIR="${EPREFIX}/var/lib/mysql" + -DSYSCONFDIR="${EPREFIX}/etc/mysql" + -DINSTALL_BINDIR=bin + -DINSTALL_DOCDIR=share/doc/${PF} + -DINSTALL_DOCREADMEDIR=share/doc/${PF} + -DINSTALL_INCLUDEDIR=include/mysql + -DINSTALL_INFODIR=share/info + -DINSTALL_LIBDIR=$(get_libdir) + -DINSTALL_MANDIR=share/man + -DINSTALL_MYSQLSHAREDIR=share/mariadb + -DINSTALL_PLUGINDIR=$(get_libdir)/mariadb/plugin + -DINSTALL_SCRIPTDIR=bin + -DINSTALL_MYSQLDATADIR="${EPREFIX}/var/lib/mysql" + -DINSTALL_SBINDIR=sbin + -DINSTALL_SUPPORTFILESDIR="${EPREFIX}/usr/share/mariadb" + -DWITH_COMMENT="Gentoo Linux ${PF}" + -DWITH_UNIT_TESTS=$(usex test ON OFF) + -DWITH_LIBEDIT=0 + -DWITH_ZLIB=system + -DWITHOUT_LIBWRAP=1 + -DENABLED_LOCAL_INFILE=1 + -DMYSQL_UNIX_ADDR="${EPREFIX}/var/run/mysqld/mysqld.sock" + -DINSTALL_UNIX_ADDRDIR="${EPREFIX}/var/run/mysqld/mysqld.sock" + -DWITH_DEFAULT_COMPILER_OPTIONS=0 + -DWITH_DEFAULT_FEATURE_SET=0 + -DINSTALL_SYSTEMD_UNITDIR="$(systemd_get_systemunitdir)" + # The build forces this to be defined when cross-compiling. We pass it + # all the time for simplicity and to make sure it is actually correct. + -DSTACK_DIRECTION=$(tc-stack-grows-down && echo -1 || echo 1) + -DPKG_CONFIG_EXECUTABLE="${EPREFIX}/usr/bin/$(tc-getPKG_CONFIG)" + -DPLUGIN_AUTH_GSSAPI=$(usex kerberos DYNAMIC NO) + -DAUTH_GSSAPI_PLUGIN_TYPE=$(usex kerberos DYNAMIC OFF) + -DCONC_WITH_EXTERNAL_ZLIB=YES + -DWITH_EXTERNAL_ZLIB=YES + -DSUFFIX_INSTALL_DIR="" + -DWITH_UNITTEST=OFF + -DWITHOUT_CLIENTLIBS=YES + -DCLIENT_PLUGIN_DIALOG=OFF + -DCLIENT_PLUGIN_AUTH_GSSAPI_CLIENT=OFF + -DCLIENT_PLUGIN_CLIENT_ED25519=OFF + -DCLIENT_PLUGIN_MYSQL_CLEAR_PASSWORD=STATIC + -DCLIENT_PLUGIN_CACHING_SHA2_PASSWORD=OFF + ) + if use test ; then + mycmakeargs+=( -DINSTALL_MYSQLTESTDIR=share/mariadb/mysql-test ) + else + mycmakeargs+=( -DINSTALL_MYSQLTESTDIR='' ) + fi + + if ! use yassl ; then + mycmakeargs+=( -DWITH_SSL=system -DCLIENT_PLUGIN_SHA256_PASSWORD=STATIC ) + else + mycmakeargs+=( -DWITH_SSL=bundled ) + fi + + # bfd.h is only used starting with 10.1 and can be controlled by NOT_FOR_DISTRIBUTION + mycmakeargs+=( + -DWITH_READLINE=$(usex bindist 1 0) + -DNOT_FOR_DISTRIBUTION=$(usex bindist 0 1) + -DENABLE_DTRACE=$(usex systemtap) + ) + + if use server ; then + # Connect and Federated{,X} must be treated special + # otherwise they will not be built as plugins + if ! use extraengine ; then + mycmakeargs+=( + -DPLUGIN_CONNECT=NO + -DPLUGIN_FEDERATED=NO + -DPLUGIN_FEDERATEDX=NO + ) + fi + + mycmakeargs+=( + -DWITH_PCRE=system + -DPLUGIN_OQGRAPH=$(usex oqgraph DYNAMIC NO) + -DPLUGIN_SPHINX=$(usex sphinx YES NO) + -DPLUGIN_AUTH_PAM=$(usex pam YES NO) + -DPLUGIN_AWS_KEY_MANAGEMENT=NO + -DPLUGIN_CRACKLIB_PASSWORD_CHECK=$(usex cracklib YES NO) + -DPLUGIN_SEQUENCE=$(usex extraengine YES NO) + -DPLUGIN_SPIDER=$(usex extraengine YES NO) + -DPLUGIN_S3=$(usex s3 YES NO) + -DPLUGIN_COLUMNSTORE=$(usex columnstore YES NO) + -DCONNECT_WITH_MYSQL=1 + -DCONNECT_WITH_LIBXML2=$(usex xml) + -DCONNECT_WITH_ODBC=$(usex odbc) + -DCONNECT_WITH_JDBC=$(usex jdbc) + # Build failure and autodep wrt bug 639144 + -DCONNECT_WITH_MONGO=OFF + -DWITH_WSREP=$(usex galera) + -DWITH_INNODB_LZ4=$(usex innodb-lz4 ON OFF) + -DWITH_INNODB_LZO=$(usex innodb-lzo ON OFF) + -DWITH_INNODB_SNAPPY=$(usex innodb-snappy ON OFF) + -DPLUGIN_MROONGA=$(usex mroonga DYNAMIC NO) + -DPLUGIN_AUTH_GSSAPI=$(usex kerberos DYNAMIC NO) + -DWITH_MARIABACKUP=$(usex backup ON OFF) + -DWITH_LIBARCHIVE=$(usex backup ON OFF) + -DINSTALL_SQLBENCHDIR="" + -DPLUGIN_ROCKSDB=$(usex rocksdb DYNAMIC NO) + # systemd is only linked to for server notification + -DWITH_SYSTEMD=$(usex systemd yes no) + -DWITH_NUMA=$(usex numa ON OFF) + ) + + if use test ; then + # This is needed for the new client lib which tests a real, open server + mycmakeargs+=( -DSKIP_TESTS=ON ) + fi + + if [[ ( -n ${MYSQL_DEFAULT_CHARSET} ) && ( -n ${MYSQL_DEFAULT_COLLATION} ) ]]; then + ewarn "You are using a custom charset of ${MYSQL_DEFAULT_CHARSET}" + ewarn "and a collation of ${MYSQL_DEFAULT_COLLATION}." + ewarn "You MUST file bugs without these variables set." + + mycmakeargs+=( + -DDEFAULT_CHARSET=${MYSQL_DEFAULT_CHARSET} + -DDEFAULT_COLLATION=${MYSQL_DEFAULT_COLLATION} + ) + + elif ! use latin1 ; then + mycmakeargs+=( + -DDEFAULT_CHARSET=utf8mb4 + -DDEFAULT_COLLATION=utf8mb4_unicode_520_ci + ) + else + mycmakeargs+=( + -DDEFAULT_CHARSET=latin1 + -DDEFAULT_COLLATION=latin1_swedish_ci + ) + fi + mycmakeargs+=( + -DEXTRA_CHARSETS=all + -DMYSQL_USER=mysql + -DDISABLE_SHARED=$(usex static YES NO) + -DWITH_DEBUG=$(usex debug) + -DWITH_EMBEDDED_SERVER=OFF + -DWITH_PROFILING=$(usex profiling) + ) + + if use static; then + mycmakeargs+=( -DWITH_PIC=1 ) + fi + + if use jemalloc || use tcmalloc ; then + mycmakeargs+=( -DWITH_SAFEMALLOC=OFF ) + fi + + # Storage engines + mycmakeargs+=( + -DWITH_ARCHIVE_STORAGE_ENGINE=1 + -DWITH_BLACKHOLE_STORAGE_ENGINE=1 + -DWITH_CSV_STORAGE_ENGINE=1 + -DWITH_HEAP_STORAGE_ENGINE=1 + -DWITH_INNOBASE_STORAGE_ENGINE=1 + -DWITH_MYISAMMRG_STORAGE_ENGINE=1 + -DWITH_MYISAM_STORAGE_ENGINE=1 + -DWITH_PARTITION_STORAGE_ENGINE=1 + ) + else + mycmakeargs+=( + -DWITHOUT_SERVER=1 + -DWITH_EMBEDDED_SERVER=OFF + -DEXTRA_CHARSETS=none + -DINSTALL_SQLBENCHDIR= + -DWITH_SYSTEMD=no + ) + fi + + cmake_src_configure +} + +src_compile() { + cmake_src_compile +} + +# Official test instructions: +# USE='extraengine perl server' \ +# FEATURES='test userpriv' \ +# ebuild mariadb-X.X.XX.ebuild \ +# digest clean package +src_test() { + _disable_test() { + local rawtestname bug reason + rawtestname="${1}" ; shift + bug="${1}" ; shift + reason="${@}" + ewarn "test '${rawtestname}' disabled: '${reason}' (BUG#${bug})" + echo "${rawtestname} : BUG#${bug} ${reason}" >> "${T}/disabled.def" + } + + local TESTDIR="${BUILD_DIR}/mysql-test" + local retstatus_tests + + if ! use server ; then + einfo "Skipping server tests due to minimal build." + return 0 + fi + + # Ensure that parallel runs don't die + export MTR_BUILD_THREAD="$((${RANDOM} % 100))" + + if [[ -z "${MTR_PARALLEL}" ]] ; then + local -x MTR_PARALLEL=$(makeopts_jobs) + + if [[ ${MTR_PARALLEL} -gt 4 ]] ; then + # Running multiple tests in parallel usually require higher ulimit + # and fs.aio-max-nr setting. In addition, tests like main.multi_update + # are known to hit timeout when system is busy. + # To avoid test failure we will limit MTR_PARALLEL to 4 instead of + # using "auto". + local info_msg="Parallel MySQL test suite jobs limited to 4 (MAKEOPTS=${MTR_PARALLEL})" + info_msg+=" to avoid test failures. Set MTR_PARALLEL if you know what you are doing!" + einfo "${info_msg}" + unset info_msg + MTR_PARALLEL=4 + fi + else + einfo "MTR_PARALLEL is set to '${MTR_PARALLEL}'" + fi + + # Try to increase file limits to increase test coverage + if ! ulimit -n 16500 1>/dev/null 2>&1 ; then + # Upper limit comes from parts.partition_* tests + ewarn "For maximum test coverage please raise open file limit to 16500 (ulimit -n 16500) before calling the package manager." + + if ! ulimit -n 4162 1>/dev/null 2>&1 ; then + # Medium limit comes from '[Warning] Buffered warning: Could not increase number of max_open_files to more than 3000 (request: 4162)' + ewarn "For medium test coverage please raise open file limit to 4162 (ulimit -n 4162) before calling the package manager." + + if ! ulimit -n 3000 1>/dev/null 2>&1 ; then + ewarn "For minimum test coverage please raise open file limit to 3000 (ulimit -n 3000) before calling the package manager." + else + einfo "Will run test suite with open file limit set to 3000 (minimum test coverage)." + fi + else + einfo "Will run test suite with open file limit set to 4162 (medium test coverage)." + fi + else + einfo "Will run test suite with open file limit set to 16500 (best test coverage)." + fi + + # create directories because mysqladmin might run out of order + mkdir -p "${T}"/var-tests{,/log} || die + + if [[ ! -f "${S}/mysql-test/unstable-tests" ]] ; then + touch "${S}"/mysql-test/unstable-tests || die + fi + + cp "${S}"/mysql-test/unstable-tests "${T}/disabled.def" || die + + local -a disabled_tests + disabled_tests+=( "compat/oracle.plugin;0;Needs example plugin which Gentoo disables" ) + disabled_tests+=( "innodb_gis.1;25095;Known rounding error with latest AMD processors" ) + disabled_tests+=( "innodb_gis.gis;25095;Known rounding error with latest AMD processors" ) + disabled_tests+=( "main.gis;25095;Known rounding error with latest AMD processors" ) + disabled_tests+=( "main.explain_non_select;0;Sporadically failing test" ) + disabled_tests+=( "main.func_time;0;Dependent on time test was written" ) + disabled_tests+=( "main.mysql_upgrade;27044;Sporadically failing test" ) + disabled_tests+=( "main.plugin_auth;0;Needs client libraries built" ) + disabled_tests+=( "main.selectivity_no_engine;26320;Sporadically failing test" ) + disabled_tests+=( "main.stat_tables;0;Sporadically failing test" ) + disabled_tests+=( "main.stat_tables_innodb;0;Sporadically failing test" ) + disabled_tests+=( "main.upgrade_MDEV-19650;25096;Known to be broken" ) + disabled_tests+=( "mariabackup.*;0;Broken test suite" ) + disabled_tests+=( "perfschema.nesting;23458;Known to be broken" ) + disabled_tests+=( "perfschema.prepared_statements;0;Broken test suite" ) + disabled_tests+=( "perfschema.privilege_table_io;27045;Sporadically failing test" ) + disabled_tests+=( "plugins.auth_ed25519;0;Needs client libraries built" ) + disabled_tests+=( "plugins.cracklib_password_check;0;False positive due to varying policies" ) + disabled_tests+=( "plugins.two_password_validations;0;False positive due to varying policies" ) + disabled_tests+=( "roles.acl_statistics;0;False positive due to a user count mismatch caused by previous test" ) + disabled_tests+=( "spider.*;0;Fails with network sandbox" ) + disabled_tests+=( "sys_vars.wsrep_on_without_provider;25625;Known to be broken" ) + + if ! use latin1 ; then + disabled_tests+=( "funcs_1.is_columns_mysql;0;Requires USE=latin1" ) + disabled_tests+=( "main.information_schema;0;Requires USE=latin1" ) + disabled_tests+=( "main.sp2;24177;Requires USE=latin1" ) + disabled_tests+=( "main.system_mysql_db;0;Requires USE=latin1" ) + disabled_tests+=( "main.upgrade_MDEV-19650;24178;Requires USE=latin1" ) + fi + + local test_infos_str test_infos_arr + for test_infos_str in "${disabled_tests[@]}" ; do + IFS=';' read -r -a test_infos_arr <<< "${test_infos_str}" + + if [[ ${#test_infos_arr[@]} != 3 ]] ; then + die "Invalid test data set, not matching format: ${test_infos_str}" + fi + + _disable_test "${test_infos_arr[0]}" "${test_infos_arr[1]}" "${test_infos_arr[2]}" + done + unset test_infos_str test_infos_arr + + # run mysql-test tests + pushd "${TESTDIR}" &>/dev/null || die + perl mysql-test-run.pl --force --vardir="${T}/var-tests" --reorder --skip-test-list="${T}/disabled.def" + retstatus_tests=$? + + popd &>/dev/null || die + + # Cleanup is important for these testcases. + pkill -9 -f "${S}/ndb" 2>/dev/null + pkill -9 -f "${S}/sql" 2>/dev/null + + local failures="" + [[ ${retstatus_tests} -eq 0 ]] || failures="${failures} tests" + + [[ -z "${failures}" ]] || die "Test failures: ${failures}" + einfo "Tests successfully completed" +} + +src_install() { + cmake_src_install + + # Remove an unnecessary, private config header which will never match between ABIs and is not meant to be used + if [[ -f "${ED}/usr/include/mysql/server/private/config.h" ]] ; then + rm "${ED}/usr/include/mysql/server/private/config.h" || die + fi + + # Make sure the vars are correctly initialized + mysql_init_vars + + # Convenience links + einfo "Making Convenience links for mysqlcheck multi-call binary" + dosym "mysqlcheck" "/usr/bin/mysqlanalyze" + dosym "mysqlcheck" "/usr/bin/mysqlrepair" + dosym "mysqlcheck" "/usr/bin/mysqloptimize" + + # INSTALL_LAYOUT=STANDALONE causes cmake to create a /usr/data dir + if [[ -d "${ED}/usr/data" ]] ; then + rm -Rf "${ED}/usr/data" || die + fi + + # Unless they explicitly specific USE=test, then do not install the + # testsuite. It DOES have a use to be installed, esp. when you want to do a + # validation of your database configuration after tuning it. + if ! use test ; then + rm -rf "${D}/${MY_SHAREDSTATEDIR}/mysql-test" + fi + + # Configuration stuff + einfo "Building default configuration ..." + insinto "${MY_SYSCONFDIR#${EPREFIX}}" + [[ -f "${S}/scripts/mysqlaccess.conf" ]] && doins "${S}"/scripts/mysqlaccess.conf + cp "${FILESDIR}/my.cnf-10.2" "${TMPDIR}/my.cnf" || die + eprefixify "${TMPDIR}/my.cnf" + doins "${TMPDIR}/my.cnf" + insinto "${MY_SYSCONFDIR#${EPREFIX}}/mariadb.d" + cp "${FILESDIR}/my.cnf.distro-client" "${TMPDIR}/50-distro-client.cnf" || die + eprefixify "${TMPDIR}/50-distro-client.cnf" + doins "${TMPDIR}/50-distro-client.cnf" + + if use server ; then + mycnf_src="my.cnf.distro-server" + sed -e "s!@DATADIR@!${MY_DATADIR}!g" \ + "${FILESDIR}/${mycnf_src}" \ + > "${TMPDIR}/my.cnf.ok" || die + if use prefix ; then + sed -i -r -e '/^user[[:space:]]*=[[:space:]]*mysql$/d' \ + "${TMPDIR}/my.cnf.ok" || die + fi + if use latin1 ; then + sed -i \ + -e "/character-set/s|utf8|latin1|g" \ + "${TMPDIR}/my.cnf.ok" || die + fi + eprefixify "${TMPDIR}/my.cnf.ok" + newins "${TMPDIR}/my.cnf.ok" 50-distro-server.cnf + + einfo "Including support files and sample configurations" + docinto "support-files" + local script + for script in \ + "${S}"/support-files/magic + do + [[ -f "$script" ]] && dodoc "${script}" + done + + docinto "scripts" + for script in "${S}"/scripts/mysql* ; do + [[ ( -f "$script" ) && ( "${script%.sh}" == "${script}" ) ]] && dodoc "${script}" + done + # Manually install supporting files that conflict with other packages + # but are needed for galera and initial installation + exeinto /usr/libexec/mariadb + doexe "${BUILD_DIR}/extra/my_print_defaults" "${BUILD_DIR}/extra/perror" + + if use pam ; then + keepdir /usr/$(get_libdir)/mariadb/plugin/auth_pam_tool_dir + fi + fi + + # Conflicting files + conflicting_files=() + + # We prefer my_print_defaults from dev-db/mysql-connector-c + conflicting_files=( "${ED}/usr/share/man/man1/my_print_defaults.1" ) + + # Remove bundled mytop in favor of dev-db/mytop + conflicting_files+=( "${ED}/usr/bin/mytop" ) + conflicting_files+=( "${ED}/usr/share/man/man1/mytop.1" ) + + local conflicting_file + for conflicting_file in "${conflicting_files[@]}" ; do + if [[ -e "${conflicting_file}" ]] ; then + rm -v "${conflicting_file}" || die + fi + done + + # Fix a dangling symlink when galera is not built + if [[ -L "${ED}/usr/bin/wsrep_sst_rsync_wan" ]] && ! use galera ; then + rm "${ED}/usr/bin/wsrep_sst_rsync_wan" || die + fi + + # Remove dangling symlink + rm "${ED}/usr/$(get_libdir)/libmariadb.a" || die + + # Remove broken SST scripts that are incompatible + local scriptremove + for scriptremove in wsrep_sst_xtrabackup wsrep_sst_xtrabackup-v2 ; do + if [[ -e "${ED}/usr/bin/${scriptremove}" ]] ; then + rm "${ED}/usr/bin/${scriptremove}" || die + fi + done +} + +pkg_preinst() { + java-pkg-opt-2_pkg_preinst +} + +pkg_postinst() { + # Make sure the vars are correctly initialized + mysql_init_vars + + # Create log directory securely if it does not exist + [[ -d "${ROOT}/${MY_LOGDIR}" ]] || install -d -m0750 -o mysql -g mysql "${ROOT}/${MY_LOGDIR}" + + if use server ; then + if use pam; then + einfo + elog "This install includes the PAM authentication plugin." + elog "To activate and configure the PAM plugin, please read:" + elog "https://mariadb.com/kb/en/mariadb/pam-authentication-plugin/" + einfo + chown mysql:mysql "${EROOT}/usr/$(get_libdir)/mariadb/plugin/auth_pam_tool_dir" || die + fi + + if [[ -z "${REPLACING_VERSIONS}" ]] ; then + einfo + elog "You might want to run:" + elog "\"emerge --config =${CATEGORY}/${PF}\"" + elog "if this is a new install." + elog + elog "If you are switching server implentations, you should run the" + elog "mysql_upgrade tool." + einfo + else + einfo + elog "If you are upgrading major versions, you should run the" + elog "mysql_upgrade tool." + einfo + fi + + if use galera ; then + einfo + elog "Be sure to edit the my.cnf file to activate your cluster settings." + elog "This should be done after running \"emerge --config =${CATEGORY}/${PF}\"" + elog "The first time the cluster is activated, you should add" + elog "--wsrep-new-cluster to the options in /etc/conf.d/mysql for one node." + elog "This option should then be removed for subsequent starts." + einfo + if [[ -n "${REPLACING_VERSIONS}" ]] ; then + local rver + for rver in ${REPLACING_VERSIONS} ; do + if ver_test "${rver}" -lt "10.4.0" ; then + ewarn "Upgrading galera from a previous version requires admin restart of the entire cluster." + ewarn "Please refer to https://mariadb.com/kb/en/library/changes-improvements-in-mariadb-104/#galera-4" + ewarn "for more information" + fi + done + fi + fi + fi + + # Note about configuration change + einfo + elog "This version of mariadb reorganizes the configuration from a single my.cnf" + elog "to several files in /etc/mysql/${PN}.d." + elog "Please backup any changes you made to /etc/mysql/my.cnf" + elog "and add them as a new file under /etc/mysql/${PN}.d with a .cnf extension." + elog "You may have as many files as needed and they are read alphabetically." + elog "Be sure the options have the appropriate section headers, i.e. [mysqld]." + einfo +} + +pkg_config() { + _getoptval() { + local section="${1}" + local option="--${2}" + local extra_options="${3}" + local cmd=( + "${my_print_defaults_binary}" + "${extra_options}" + "${section}" + ) + + local values=() + local parameters=( $(eval "${cmd[@]}" 2>/dev/null) ) + for parameter in "${parameters[@]}" + do + # my_print_defaults guarantees output of options, one per line, + # in the form that they would be specified on the command line. + # So checking for --option=* should be safe. + case ${parameter} in + ${option}=*) + values+=( "${parameter#*=}" ) + ;; + esac + done + + if [[ ${#values[@]} -gt 0 ]] ; then + # Option could have been set multiple times + # in which case only the last occurrence + # contains the current value + echo "${values[-1]}" + fi + } + + _mktemp_dry() { + # emktemp has no --dry-run option + local template="${1}" + + if [[ -z "${template}" ]] ; then + if [[ -z "${T}" ]] ; then + template="/tmp/XXXXXXX" + else + template="${T}/XXXXXXX" + fi + fi + + local template_wo_X=${template//X/} + local n_X + let n_X=${#template}-${#template_wo_X} + if [[ ${n_X} -lt 3 ]] ; then + echo "${FUNCNAME[0]}: too few X's in template ‘${template}’" >&2 + return + fi + + local attempts=0 + local character tmpfile + while [[ true ]] ; do + let attempts=attempts+1 + + new_file= + while read -n1 character ; do + if [[ "${character}" == "X" ]] ; then + tmpfile+="${RANDOM:0:1}" + else + tmpfile+="${character}" + fi + done < <(echo -n "${template}") + + if [[ ! -f "${tmpfile}" ]] + then + echo "${tmpfile}" + return + fi + + if [[ ${attempts} -ge 100 ]] ; then + echo "${FUNCNAME[0]}: Cannot create temporary file after 100 attempts." >&2 + return + fi + done + } + + local mysql_binary="${EROOT}/usr/bin/mysql" + if [[ ! -x "${mysql_binary}" ]] ; then + die "'${mysql_binary}' not found! Please re-install ${CATEGORY}/${PN}!" + fi + + local mysqld_binary="${EROOT}/usr/sbin/mysqld" + if [[ ! -x "${mysqld_binary}" ]] ; then + die "'${mysqld_binary}' not found! Please re-install ${CATEGORY}/${PN}!" + fi + + local mysql_install_db_binary="${EROOT}/usr/bin/mysql_install_db" + if [[ ! -x "${mysql_install_db_binary}" ]] ; then + die "'${mysql_install_db_binary}' not found! Please re-install ${CATEGORY}/${PN}!" + fi + + local my_print_defaults_binary="${EROOT}/usr/bin/my_print_defaults" + if [[ ! -x "${my_print_defaults_binary}" ]] ; then + die "'${my_print_defaults_binary}' not found! Please re-install dev-db/mysql-connector-c!" + fi + + if [[ -z "${MYSQL_USER}" ]] ; then + MYSQL_USER=mysql + if use prefix ; then + MYSQL_USER=$(id -u -n 2>/dev/null) + if [[ -z "${MYSQL_USER}" ]] ; then + die "Failed to determine current username!" + fi + fi + fi + + if [[ -z "${MYSQL_GROUP}" ]] ; then + MYSQL_GROUP=mysql + if use prefix ; then + MYSQL_GROUP=$(id -g -n 2>/dev/null) + if [[ -z "${MYSQL_GROUP}" ]] ; then + die "Failed to determine current user groupname!" + fi + fi + fi + + # my_print_defaults needs to read stuff in $HOME/.my.cnf + local -x HOME="${EROOT}/root" + + # Make sure the vars are correctly initialized + mysql_init_vars + + # Read currently set data directory + MY_DATADIR="$(_getoptval mysqld datadir "--defaults-file='${MY_SYSCONFDIR}/my.cnf'")" + + # Bug #213475 - MySQL _will_ object strenously if your machine is named + # localhost. Also causes weird failures. + [[ "${HOSTNAME}" == "localhost" ]] && die "Your machine must NOT be named localhost" + + if [[ -z "${MY_DATADIR}" ]] ; then + die "Sorry, unable to find MY_DATADIR!" + elif [[ -d "${MY_DATADIR}/mysql" ]] ; then + ewarn "Looks like your data directory '${MY_DATADIR}' is already initialized!" + ewarn "Please rename or delete its content if you wish to initialize a new data directory." + die "${PN} data directory at '${MY_DATADIR}' looks already initialized!" + fi + + MYSQL_TMPDIR="$(_getoptval mysqld tmpdir "--defaults-file='${MY_SYSCONFDIR}/my.cnf'")" + MYSQL_TMPDIR=${MYSQL_TMPDIR%/} + # These are dir+prefix + MYSQL_LOG_BIN="$(_getoptval mysqld log-bin "--defaults-file='${MY_SYSCONFDIR}/my.cnf'")" + MYSQL_LOG_BIN=${MYSQL_LOG_BIN%/*} + MYSQL_RELAY_LOG="$(_getoptval mysqld relay-log "--defaults-file='${MY_SYSCONFDIR}/my.cnf'")" + MYSQL_RELAY_LOG=${MYSQL_RELAY_LOG%/*} + + # Create missing directories. + # Always check if mysql user can write to directory even if we just + # created directory because a parent directory might be not + # accessible for that user. + PID_DIR="${EROOT}/run/mysqld" + if [[ ! -d "${PID_DIR}" ]] ; then + einfo "Creating ${PN} PID directory '${PID_DIR}' ..." + install -d -m 755 -o ${MYSQL_USER} -g ${MYSQL_GROUP} "${PID_DIR}" \ + || die "Failed to create PID directory '${PID_DIR}'!" + fi + + local _pid_dir_testfile="$(_mktemp_dry "${PID_DIR}/.pkg_config-access-test.XXXXXXXXX")" + [[ -z "${_pid_dir_testfile}" ]] \ + && die "_mktemp_dry() for '${PID_DIR}/.pkg_config-access-test.XXXXXXXXX' failed!" + + if use prefix ; then + touch "${_pid_dir_testfile}" &>/dev/null + else + su -s /bin/sh -c "touch ${_pid_dir_testfile}" ${MYSQL_USER} &>/dev/null + fi + + if [[ $? -ne 0 ]] ; then + die "${MYSQL_USER} user cannot write into PID dir '${PID_DIR}'!" + else + rm "${_pid_dir_testfile}" || die + unset _pid_dir_testfile + fi + + if [[ ! -d "${MY_DATADIR}" ]] ; then + einfo "Creating ${PN} data directory '${MY_DATADIR}' ..." + install -d -m 770 -o ${MYSQL_USER} -g ${MYSQL_GROUP} "${MY_DATADIR}" \ + || die "Failed to create ${PN} data directory '${MY_DATADIR}'!" + fi + + local _my_datadir_testfile="$(_mktemp_dry "${MY_DATADIR}/.pkg_config-access-test.XXXXXXXXX")" + [[ -z "${_my_datadir_testfile}" ]] \ + && die "_mktemp_dry() for '${MY_DATADIR}/.pkg_config-access-test.XXXXXXXXX' failed!" + + if use prefix ; then + touch "${_my_datadir_testfile}" &>/dev/null + else + su -s /bin/sh -c "touch ${_my_datadir_testfile}" ${MYSQL_USER} &>/dev/null + fi + + if [[ $? -ne 0 ]] ; then + die "${MYSQL_USER} user cannot write into data directory '${MY_DATADIR}'!" + else + rm "${_my_datadir_testfile}" || die + unset _my_datadir_testfile + fi + + if [[ -n "${MYSQL_TMPDIR}" && ! -d "${MYSQL_TMPDIR}" ]] ; then + einfo "Creating ${PN} tmpdir '${MYSQL_TMPDIR}' ..." + install -d -m 770 -o ${MYSQL_USER} -g ${MYSQL_GROUP} "${MYSQL_TMPDIR}" \ + || die "Failed to create ${PN} tmpdir '${MYSQL_TMPDIR}'!" + fi + + if [[ -z "${MYSQL_TMPDIR}" ]] ; then + MYSQL_TMPDIR="$(_mktemp_dry "${EROOT}/tmp/mysqld-tmp.XXXXXXXXX")" + [[ -z "${MYSQL_TMPDIR}" ]] \ + && die "_mktemp_dry() for '${MYSQL_TMPDIR}' failed!" + + mkdir "${MYSQL_TMPDIR}" || die + chown ${MYSQL_USER} "${MYSQL_TMPDIR}" || die + fi + + # Now we need to test MYSQL_TMPDIR... + local _my_tmpdir_testfile="$(_mktemp_dry "${MYSQL_TMPDIR}/.pkg_config-access-test.XXXXXXXXX")" + [[ -z "${_my_tmpdir_testfile}" ]] \ + && die "_mktemp_dry() for '${MYSQL_TMPDIR}/.pkg_config-access-test.XXXXXXXXX' failed!" + + if use prefix ; then + touch "${_my_tmpdir_testfile}" &>/dev/null + else + su -s /bin/sh -c "touch ${_my_tmpdir_testfile}" ${MYSQL_USER} &>/dev/null + fi + + if [[ $? -ne 0 ]] ; then + die "${MYSQL_USER} user cannot write into tmpdir '${MYSQL_TMPDIR}'!" + else + rm "${_my_tmpdir_testfile}" || die + unset _my_tmpdir_testfile + fi + + if [[ "${MYSQL_LOG_BIN}" == /* && ! -d "${MYSQL_LOG_BIN}" ]] ; then + # Only create directory when MYSQL_LOG_BIN is an absolute path + einfo "Creating ${PN} log-bin directory '${MYSQL_LOG_BIN}' ..." + install -d -m 770 -o ${MYSQL_USER} -g ${MYSQL_GROUP} "${MYSQL_LOG_BIN}" \ + || die "Failed to create ${PN} log-bin directory '${MYSQL_LOG_BIN}'" + fi + + if [[ "${MYSQL_LOG_BIN}" == /* ]] ; then + # Only test when MYSQL_LOG_BIN is an absolute path + local _my_logbin_testfile="$(_mktemp_dry "${MYSQL_LOG_BIN}/.pkg_config-access-test.XXXXXXXXX")" + [[ -z "${_my_logbin_testfile}" ]] \ + && die "_mktemp_dry() for '${MYSQL_LOG_BIN}/.pkg_config-access-test.XXXXXXXXX' failed!" + + if use prefix ; then + touch "${_my_logbin_testfile}" &>/dev/null + else + su -s /bin/sh -c "touch ${_my_logbin_testfile}" ${MYSQL_USER} &>/dev/null + fi + + if [[ $? -ne 0 ]] ; then + die "${MYSQL_USER} user cannot write into log-bin directory '${MYSQL_LOG_BIN}'!" + else + rm "${_my_logbin_testfile}" || die + unset _my_logbin_testfile + fi + fi + + if [[ "${MYSQL_RELAY_LOG}" == /* && ! -d "${MYSQL_RELAY_LOG}" ]] ; then + # Only create directory when MYSQL_RELAY_LOG is an absolute path + einfo "Creating ${PN} relay-log directory '${MYSQL_RELAY_LOG}' ..." + install -d -m 770 -o ${MYSQL_USER} -g ${MYSQL_GROUP} "${MYSQL_RELAY_LOG}" \ + || die "Failed to create ${PN} relay-log directory '${MYSQL_RELAY_LOG}'!" + fi + + if [[ "${MYSQL_RELAY_LOG}" == /* ]] ; then + # Only test when MYSQL_RELAY_LOG is an absolute path + local _my_relaylog_testfile="$(_mktemp_dry "${MYSQL_RELAY_LOG}/.pkg_config-access-test.XXXXXXXXX")" + [[ -z "${_my_relaylog_testfile}" ]] \ + && die "_mktemp_dry() for '${MYSQL_RELAY_LOG}/.pkg_config-access-test.XXXXXXXXX' failed!" + + if use prefix ; then + touch "${_my_relaylog_testfile}" &>/dev/null + else + su -s /bin/sh -c "touch ${_my_relaylog_testfile}" ${MYSQL_USER} &>/dev/null + fi + + if [[ $? -ne 0 ]] ; then + die "${MYSQL_USER} user cannot write into relay-log directory '${MYSQL_RELAY_LOG}'!" + else + rm "${_my_relaylog_testfile}" || die + unset _my_relaylog_testfile + fi + fi + + local SETUP_TMPDIR=$(mktemp -d "/tmp/${PN}-config.XXXXXXXXX" 2>/dev/null) + [[ -z "${SETUP_TMPDIR}" ]] && die "Failed to create setup tmpdir" + + # Limit access + chmod 0770 "${SETUP_TMPDIR}" || die + chown ${MYSQL_USER} "${SETUP_TMPDIR}" || die + + local mysql_install_log="${SETUP_TMPDIR}/install_db.log" + local mysqld_logfile="${SETUP_TMPDIR}/mysqld.log" + + echo "" + einfo "Detected settings:" + einfo "==================" + einfo "MySQL User:\t\t\t\t${MYSQL_USER}" + einfo "MySQL Group:\t\t\t\t${MYSQL_GROUP}" + einfo "MySQL DATA directory:\t\t${MY_DATADIR}" + einfo "MySQL TMP directory:\t\t\t${MYSQL_TMPDIR}" + + if [[ "${MYSQL_LOG_BIN}" == /* ]] ; then + # Absolute path for binary log files specified + einfo "MySQL Binary Log File location:\t${MYSQL_LOG_BIN}" + fi + + if [[ "${MYSQL_RELAY_LOG}" == /* ]] ; then + # Absolute path for relay log files specified + einfo "MySQL Relay Log File location:\t${MYSQL_RELAY_LOG}" + fi + + einfo "PID DIR:\t\t\t\t${PID_DIR}" + einfo "Install db log:\t\t\t${mysql_install_log}" + einfo "Install server log:\t\t\t${mysqld_logfile}" + + echo + + if [[ -z "${MYSQL_ROOT_PASSWORD}" ]] ; then + local tmp_mysqld_password_source= + + for tmp_mysqld_password_source in mysql client ; do + einfo "Trying to get password for mysql 'root' user from '${tmp_mysqld_password_source}' section ..." + MYSQL_ROOT_PASSWORD="$(_getoptval "${tmp_mysqld_password_source}" password)" + if [[ -n "${MYSQL_ROOT_PASSWORD}" ]] ; then + if [[ ${MYSQL_ROOT_PASSWORD} == *$'\n'* ]] ; then + ewarn "Ignoring password from '${tmp_mysqld_password_source}' section due to newline character (do you have multiple password options set?)!" + MYSQL_ROOT_PASSWORD= + continue + fi + + einfo "Found password in '${tmp_mysqld_password_source}' section!" + break + fi + done + + # Sometimes --show is required to display passwords in some implementations of my_print_defaults + if [[ "${MYSQL_ROOT_PASSWORD}" == '*****' ]] ; then + MYSQL_ROOT_PASSWORD="$(_getoptval "${tmp_mysqld_password_source}" password --show)" + fi + + unset tmp_mysqld_password_source + fi + + if [[ -z "${MYSQL_ROOT_PASSWORD}" ]] ; then + local pwd1="a" + local pwd2="b" + + echo + einfo "No password for mysql 'root' user was specified via environment" + einfo "variable MYSQL_ROOT_PASSWORD and no password was found in config" + einfo "file like '${HOME}/.my.cnf'." + einfo "To continue please provide a password for the mysql 'root' user" + einfo "now on console:" + ewarn "NOTE: Please avoid [\"'\\_%] characters in the password!" + read -rsp " >" pwd1 ; echo + + einfo "Retype the password" + read -rsp " >" pwd2 ; echo + + if [[ "x${pwd1}" != "x${pwd2}" ]] ; then + die "Passwords are not the same!" + fi + + MYSQL_ROOT_PASSWORD="${pwd1}" + unset pwd1 pwd2 + + echo + fi + + local -a mysqld_options + + # Fix bug 446200. Don't reference host my.cnf, needs to come first, + # see http://bugs.mysql.com/bug.php?id=31312 + use prefix && mysqld_options+=( "--defaults-file='${MY_SYSCONFDIR}/my.cnf'" ) + + # Figure out which options we need to disable to do the setup + local helpfile="${TMPDIR}/mysqld-help" + "${EROOT}/usr/sbin/mysqld" --verbose --help >"${helpfile}" 2>/dev/null + + local opt optexp optfull + for opt in host-cache name-resolve networking slave-start \ + federated ssl log-bin relay-log slow-query-log external-locking \ + log-slave-updates \ + ; do + optexp="--(skip-)?${opt}" optfull="--loose-skip-${opt}" + grep -E -sq -- "${optexp}" "${helpfile}" && mysqld_options+=( "${optfull}" ) + done + + # Prepare timezones, see + # https://dev.mysql.com/doc/mysql/en/time-zone-support.html + local tz_sql="${SETUP_TMPDIR}/tz.sql" + + echo "USE mysql;" >"${tz_sql}" + "${EROOT}/usr/bin/mysql_tzinfo_to_sql" "${EROOT}/usr/share/zoneinfo" >> "${tz_sql}" 2>/dev/null + if [[ $? -ne 0 ]] ; then + die "mysql_tzinfo_to_sql failed!" + fi + + local cmd=( + "${mysql_install_db_binary}" + "${mysqld_options[@]}" + "--init-file='${tz_sql}'" + "--basedir='${EROOT}/usr'" + "--datadir='${MY_DATADIR}'" + "--tmpdir='${MYSQL_TMPDIR}'" + "--log-error='${mysql_install_log}'" + "--rpm" + "--cross-bootstrap" + "--skip-test-db" + "--user=${MYSQL_USER}" + ) + + einfo "Initializing ${PN} data directory: ${cmd[@]}" + eval "${cmd[@]}" >>"${mysql_install_log}" 2>&1 + + if [[ $? -ne 0 || ! -f "${MY_DATADIR}/mysql/user.frm" ]] ; then + grep -B5 -A999 -iE "(Aborting|ERROR|errno)" "${mysql_install_log}" 1>&2 + die "Failed to initialize ${PN} data directory. Please review '${mysql_install_log}'!" + fi + + local x=${RANDOM} + local socket="${PID_DIR}/mysqld.${x}.sock" + [[ -f "${socket}" ]] && die "Randomness failed; Socket ${socket} already exists!" + local pidfile="${PID_DIR}/mysqld.${x}.pid" + [[ -f "${pidfile}" ]] && die "Randomness failed; Pidfile ${pidfile} already exists!" + unset x + + cmd=( + "${mysqld_binary}" + "${mysqld_options[@]}" + "--basedir='${EROOT}/usr'" + "--datadir='${MY_DATADIR}'" + "--tmpdir='${MYSQL_TMPDIR}'" + --max_allowed_packet=8M + --net_buffer_length=16K + "--socket='${socket}'" + "--pid-file='${pidfile}'" + "--log-error='${mysqld_logfile}'" + "--user=${MYSQL_USER}" + ) + + einfo "Starting mysqld to finalize initialization: ${cmd[@]}" + eval "${cmd[@]}" >>"${mysqld_logfile}" 2>&1 & + + echo -n "Waiting for mysqld to accept connections " + local maxtry=15 + while [[ ! -S "${socket}" && "${maxtry}" -gt 1 ]] ; do + maxtry=$((${maxtry}-1)) + echo -n "." + sleep 1 + done + + if [[ -S "${socket}" ]] ; then + # Even with a socket we don't know if mysqld will abort + # start due to an error so just wait a little bit more... + maxtry=5 + while [[ -S "${socket}" && "${maxtry}" -gt 1 ]] ; do + maxtry=$((${maxtry}-1)) + echo -n "." + sleep 1 + done + fi + + echo + + if [[ ! -S "${socket}" ]] ; then + grep -B5 -A999 -iE "(Aborting|ERROR|errno)" "${mysqld_logfile}" 1>&2 + die "mysqld was unable to start from initialized data directory. Please review '${mysqld_logfile}'!" + fi + + local mysql_logfile="${SETUP_TMPDIR}/set_root_pw.log" + touch "${mysql_logfile}" || die + + ebegin "Setting root password" + # Do this from memory, as we don't want clear text passwords in temp files + local sql="ALTER USER 'root'@'localhost' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}'" + cmd=( + "${mysql_binary}" + --no-defaults + "--socket='${socket}'" + -hlocalhost + "-e \"${sql}\"" + ) + eval "${cmd[@]}" >"${mysql_logfile}" 2>&1 + local rc=$? + eend ${rc} + + if [[ ${rc} -ne 0 ]] ; then + # Poor man's solution which tries to avoid having password + # in log. NOTE: sed can fail if user didn't follow advice + # and included character which will require escaping... + sed -i -e "s/${MYSQL_ROOT_PASSWORD}/*****/" "${mysql_logfile}" 2>/dev/null + + grep -B5 -A999 -iE "(Aborting|ERROR|errno)" "${mysql_logfile}" + die "Failed to set ${PN} root password. Please review '${mysql_logfile}'!" + fi + + # Stop the server + if [[ -f "${pidfile}" ]] && pgrep -F "${pidfile}" &>/dev/null ; then + echo -n "Stopping the server " + pkill -F "${pidfile}" &>/dev/null + + maxtry=10 + while [[ -f "${pidfile}" ]] && pgrep -F "${pidfile}" &>/dev/null ; do + maxtry=$((${maxtry}-1)) + echo -n "." + sleep 1 + done + + echo + + if [[ -f "${pidfile}" ]] && pgrep -F "${pidfile}" &>/dev/null ; then + # We somehow failed to stop server. + # However, not a fatal error. Just warn the user. + ewarn "WARNING: mysqld[$(cat "${pidfile}")] is still running!" + fi + fi + + rm -r "${SETUP_TMPDIR}" || die + + einfo "${PN} data directory at '${MY_DATADIR}' successfully initialized!" +} |