summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Deutschmann <whissi@gentoo.org>2017-10-28 20:10:07 +0200
committerThomas Deutschmann <whissi@gentoo.org>2017-10-28 20:10:57 +0200
commitf83155f18d53fdead7a4cd3679b612d112897252 (patch)
tree871b7903bb14ac4e871db7ec6e129269d3b3e182
parentdev-db/mysql: Security cleanup (bug #635706) (diff)
downloadgentoo-f83155f18d53fdead7a4cd3679b612d112897252.tar.gz
gentoo-f83155f18d53fdead7a4cd3679b612d112897252.tar.bz2
gentoo-f83155f18d53fdead7a4cd3679b612d112897252.zip
dev-db/mysql-cluster: Rev bump to fix CVE-2017-15945
Bug: https://bugs.gentoo.org/635708 Package-Manager: Portage-2.3.13, Repoman-2.3.4
-rw-r--r--dev-db/mysql-cluster/mysql-cluster-7.2.22-r1.ebuild124
-rw-r--r--dev-db/mysql-cluster/mysql-cluster-7.3.11-r1.ebuild143
2 files changed, 267 insertions, 0 deletions
diff --git a/dev-db/mysql-cluster/mysql-cluster-7.2.22-r1.ebuild b/dev-db/mysql-cluster/mysql-cluster-7.2.22-r1.ebuild
new file mode 100644
index 00000000000..09d32b5a664
--- /dev/null
+++ b/dev-db/mysql-cluster/mysql-cluster-7.2.22-r1.ebuild
@@ -0,0 +1,124 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+MY_EXTRAS_VER="20151117-2040Z"
+BUILD="cmake"
+
+inherit toolchain-funcs java-pkg-opt-2 mysql-v2
+# only to make repoman happy. it is really set in the eclass
+IUSE="$IUSE"
+
+# REMEMBER: also update eclass/mysql*.eclass before committing!
+KEYWORDS="~amd64 ~x86"
+
+# When MY_EXTRAS is bumped, the index should be revised to exclude these.
+# This is often broken still
+#EPATCH_EXCLUDE=''
+
+DEPEND="|| ( >=sys-devel/gcc-3.4.6 >=sys-devel/gcc-apple-4.0 )"
+RDEPEND="!media-sound/amarok[embedded]"
+
+# Please do not add a naive src_unpack to this ebuild
+# If you want to add a single patch, copy the ebuild to an overlay
+# and create your own mysql-extras tarball, looking at 000_index.txt
+
+# Official test instructions:
+# USE='cluster extraengine perl ssl community' \
+# FEATURES='test userpriv -usersandbox' \
+# ebuild mysql-cluster-X.X.XX.ebuild \
+# digest clean package
+src_test() {
+
+ local TESTDIR="${CMAKE_BUILD_DIR}/mysql-test"
+ local retstatus_unit
+ local retstatus_tests
+
+ # Bug #213475 - MySQL _will_ object strenously if your machine is named
+ # localhost. Also causes weird failures.
+ [[ "${HOSTNAME}" == "localhost" ]] && die "Your machine must NOT be named localhost"
+
+ if ! use "minimal" ; then
+
+ if [[ $UID -eq 0 ]]; then
+ die "Testing with FEATURES=-userpriv is no longer supported by upstream. Tests MUST be run as non-root."
+ fi
+ has usersandbox $FEATURES && eerror "Some tests may fail with FEATURES=usersandbox"
+
+ einfo ">>> Test phase [test]: ${CATEGORY}/${PF}"
+ addpredict /this-dir-does-not-exist/t9.MYI
+
+ # Run CTest (test-units)
+ cmake-utils_src_test
+ retstatus_unit=$?
+ [[ $retstatus_unit -eq 0 ]] || eerror "test-unit failed"
+
+ # Ensure that parallel runs don't die
+ export MTR_BUILD_THREAD="$((${RANDOM} % 100))"
+
+ # create directories because mysqladmin might right out of order
+ mkdir -p "${T}"/var-tests{,/log}
+
+ # These are failing in MySQL 5.5 for now and are believed to be
+ # false positives:
+ #
+ # main.information_schema, binlog.binlog_statement_insert_delayed,
+ # main.mysqld--help-notwin, ndb.ndbinfo, ndb_binlog.ndb_binlog_index
+ # fails due to USE=-latin1 / utf8 default
+ #
+ # main.mysql_client_test:
+ # segfaults at random under Portage only, suspect resource limits.
+ #
+ # sys_vars.plugin_dir_basic
+ # fails because PLUGIN_DIR is set to MYSQL_LIBDIR64/plugin
+ # instead of MYSQL_LIBDIR/plugin
+ #
+ # main.flush_read_lock_kill
+ # fails because of unknown system variable 'DEBUG_SYNC'
+ #
+ # main.openssl_1
+ # error message changing
+ # -mysqltest: Could not open connection 'default': 2026 SSL connection
+ # error: ASN: bad other signature confirmation
+ # +mysqltest: Could not open connection 'default': 2026 SSL connection
+ # error: error:00000001:lib(0):func(0):reason(1)
+ #
+
+ for t in main.mysql_client_test \
+ binlog.binlog_statement_insert_delayed main.information_schema \
+ main.mysqld--help-notwin main.flush_read_lock_kill \
+ sys_vars.plugin_dir_basic main.openssl_1 \
+ main.mysqlhotcopy_archive main.mysqlhotcopy_myisam \
+ ndb.ndbinfo ndb_binlog.ndb_binlog_index ; do
+ mysql-v2_disable_test "$t" "False positives in Gentoo"
+ done
+
+ # Run mysql tests
+ pushd "${TESTDIR}"
+
+ # run mysql-test tests
+ perl mysql-test-run.pl --force --vardir="${T}/var-tests" \
+ --parallel=auto
+ retstatus_tests=$?
+ [[ $retstatus_tests -eq 0 ]] || eerror "tests failed"
+ has usersandbox $FEATURES && eerror "Some tests may fail with FEATURES=usersandbox"
+
+ popd
+
+ # Cleanup is important for these testcases.
+ pkill -9 -f "${S}/ndb" 2>/dev/null
+ pkill -9 -f "${S}/sql" 2>/dev/null
+
+ failures=""
+ [[ $retstatus_unit -eq 0 ]] || failures="${failures} test-unit"
+ [[ $retstatus_tests -eq 0 ]] || failures="${failures} tests"
+ has usersandbox $FEATURES && eerror "Some tests may fail with FEATURES=usersandbox"
+
+ [[ -z "$failures" ]] || die "Test failures: $failures"
+ einfo "Tests successfully completed"
+
+ else
+
+ einfo "Skipping server tests due to minimal build."
+ fi
+}
diff --git a/dev-db/mysql-cluster/mysql-cluster-7.3.11-r1.ebuild b/dev-db/mysql-cluster/mysql-cluster-7.3.11-r1.ebuild
new file mode 100644
index 00000000000..f8fb8c1896a
--- /dev/null
+++ b/dev-db/mysql-cluster/mysql-cluster-7.3.11-r1.ebuild
@@ -0,0 +1,143 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+MY_EXTRAS_VER="20151117-2040Z"
+SUBSLOT="18"
+
+inherit toolchain-funcs java-pkg-opt-2 mysql-multilib
+# only to make repoman happy. it is really set in the eclass
+IUSE="$IUSE"
+
+# REMEMBER: also update eclass/mysql*.eclass before committing!
+KEYWORDS="~amd64 ~x86"
+
+# When MY_EXTRAS is bumped, the index should be revised to exclude these.
+# This is often broken still
+#EPATCH_EXCLUDE=''
+
+DEPEND="|| ( >=sys-devel/gcc-3.4.6 >=sys-devel/gcc-apple-4.0 )"
+RDEPEND="!media-sound/amarok[embedded]"
+
+# Please do not add a naive src_unpack to this ebuild
+# If you want to add a single patch, copy the ebuild to an overlay
+# and create your own mysql-extras tarball, looking at 000_index.txt
+
+src_prepare() {
+ mysql-multilib_src_prepare
+ if use libressl ; then
+ sed -i 's/OPENSSL_MAJOR_VERSION STREQUAL "1"/OPENSSL_MAJOR_VERSION STREQUAL "2"/' \
+ "${S}/cmake/ssl.cmake" || die
+ fi
+}
+
+# Official test instructions:
+# USE='extraengine perl openssl' \
+# FEATURES='test userpriv -usersandbox' \
+# ebuild mysql-cluster-X.X.XX.ebuild \
+# digest clean package
+multilib_src_test() {
+
+ if ! multilib_is_native_abi ; then
+ einfo "Server tests not available on non-native abi".
+ return 0;
+ fi
+
+ local TESTDIR="${CMAKE_BUILD_DIR}/mysql-test"
+ local retstatus_unit
+ local retstatus_tests
+
+ # Bug #213475 - MySQL _will_ object strenously if your machine is named
+ # localhost. Also causes weird failures.
+ [[ "${HOSTNAME}" == "localhost" ]] && die "Your machine must NOT be named localhost"
+
+ if ! use "minimal" ; then
+
+ if [[ $UID -eq 0 ]]; then
+ die "Testing with FEATURES=-userpriv is no longer supported by upstream. Tests MUST be run as non-root."
+ fi
+ has usersandbox $FEATURES && eerror "Some tests may fail with FEATURES=usersandbox"
+
+ einfo ">>> Test phase [test]: ${CATEGORY}/${PF}"
+ addpredict /this-dir-does-not-exist/t9.MYI
+
+ # Run CTest (test-units)
+ cmake-utils_src_test
+ retstatus_unit=$?
+ [[ $retstatus_unit -eq 0 ]] || eerror "test-unit failed"
+
+ # Ensure that parallel runs don't die
+ export MTR_BUILD_THREAD="$((${RANDOM} % 100))"
+ # Enable parallel testing, auto will try to detect number of cores
+ # You may set this by hand.
+ # The default maximum is 8 unless MTR_MAX_PARALLEL is increased
+ export MTR_PARALLEL="${MTR_PARALLEL:-auto}"
+
+ # create directories because mysqladmin might right out of order
+ mkdir -p "${T}"/var-tests{,/log}
+
+ # These are failing in MySQL 5.5/5.6 for now and are believed to be
+ # false positives:
+ #
+ # main.information_schema, binlog.binlog_statement_insert_delayed,
+ # main.mysqld--help-notwin, funcs_1.is_triggers funcs_1.is_tables_mysql,
+ # funcs_1.is_columns_mysql, binlog.binlog_mysqlbinlog_filter,
+ # perfschema.binlog_edge_mix, perfschema.binlog_edge_stmt,
+ # mysqld--help-notwin, funcs_1.is_triggers, funcs_1.is_tables_mysql, funcs_1.is_columns_mysql
+ # perfschema.binlog_edge_stmt, perfschema.binlog_edge_mix, binlog.binlog_mysqlbinlog_filter
+ # fails due to USE=-latin1 / utf8 default
+ #
+ # main.mysql_client_test:
+ # segfaults at random under Portage only, suspect resource limits.
+ #
+ for t in \
+ binlog.binlog_mysqlbinlog_filter \
+ binlog.binlog_statement_insert_delayed \
+ funcs_1.is_columns_mysql \
+ funcs_1.is_tables_mysql \
+ funcs_1.is_triggers \
+ main.information_schema \
+ main.mysqld--help-notwinfuncs_1.is_triggers \
+ main.mysql_client_test \
+ mysqld--help-notwin \
+ main.mysqlhotcopy_archive main.mysqlhotcopy_myisam \
+ perfschema.binlog_edge_mix \
+ perfschema.binlog_edge_stmt \
+ ; do
+ mysql-multilib_disable_test "$t" "False positives in Gentoo"
+ done
+ # ndb.ndbinfo, ndb_binlog.ndb_binlog_index: latin1/utf8
+ for t in \
+ ndb.ndbinfo \
+ ndb_binlog.ndb_binlog_index ; do
+ mysql-multilib_disable_test "$t" "False positives in Gentoo (NDB)"
+ done
+
+ # Run mysql tests
+ pushd "${TESTDIR}"
+
+ # run mysql-test tests
+ perl mysql-test-run.pl --force --vardir="${T}/var-tests"
+ retstatus_tests=$?
+ [[ $retstatus_tests -eq 0 ]] || eerror "tests failed"
+ has usersandbox $FEATURES && eerror "Some tests may fail with FEATURES=usersandbox"
+
+ popd
+
+ # Cleanup is important for these testcases.
+ pkill -9 -f "${S}/ndb" 2>/dev/null
+ pkill -9 -f "${S}/sql" 2>/dev/null
+
+ failures=""
+ [[ $retstatus_unit -eq 0 ]] || failures="${failures} test-unit"
+ [[ $retstatus_tests -eq 0 ]] || failures="${failures} tests"
+ has usersandbox $FEATURES && eerror "Some tests may fail with FEATURES=usersandbox"
+
+ [[ -z "$failures" ]] || die "Test failures: $failures"
+ einfo "Tests successfully completed"
+
+ else
+
+ einfo "Skipping server tests due to minimal build."
+ fi
+}