rpms/mysql/F-13 mysql-chain-certs.patch, NONE, 1.1 mysql-missing-string-code.patch, NONE, 1.1 mysql.spec, 1.151, 1.152
Tom Lane
tgl at fedoraproject.org
Fri Jun 4 21:20:41 UTC 2010
- Previous message: rpms/python/F-12 python.spec,1.158,1.159
- Next message: rpms/python/F-11 python-2.6-CVE-2008-5983.patch, NONE, 1.1 python-2.6.2-CVE-2010-1634.patch, NONE, 1.1 python-2.6.2-CVE-2010-2089.patch, NONE, 1.1 python.spec, 1.151, 1.152
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tgl
Update of /cvs/pkgs/rpms/mysql/F-13
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv32618
Modified Files:
mysql.spec
Added Files:
mysql-chain-certs.patch mysql-missing-string-code.patch
Log Message:
Fix assorted bugs, see changelog entry
mysql-chain-certs.patch:
extra/yassl/src/ssl.cpp | 6 +++---
vio/viosslfactories.c | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
--- NEW FILE mysql-chain-certs.patch ---
Fix things so that chains of certificates work in the server and client
certificate files.
This only really works for OpenSSL-based builds, as yassl is unable to read
multiple certificates from a file. The patch below to yassl/src/ssl.cpp
doesn't fix that, but just arranges that the viosslfactories.c patch won't
have any ill effects in a yassl build. Since we don't use yassl in Red Hat/
Fedora builds, I'm not feeling motivated to try to fix yassl for this.
See RH bug #598656. Filed upstream at http://bugs.mysql.com/bug.php?id=54158
diff -Naur mysql-5.1.47.orig/vio/viosslfactories.c mysql-5.1.47/vio/viosslfactories.c
--- mysql-5.1.47.orig/vio/viosslfactories.c 2010-05-06 11:28:07.000000000 -0400
+++ mysql-5.1.47/vio/viosslfactories.c 2010-05-26 23:23:46.000000000 -0400
@@ -100,7 +100,7 @@
(long) ctx, cert_file, key_file));
if (cert_file)
{
- if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0)
+ if (SSL_CTX_use_certificate_chain_file(ctx, cert_file) <= 0)
{
*error= SSL_INITERR_CERT;
DBUG_PRINT("error",("%s from file '%s'", sslGetErrString(*error), cert_file));
diff -Naur mysql-5.1.47.orig/extra/yassl/src/ssl.cpp mysql-5.1.47/extra/yassl/src/ssl.cpp
--- mysql-5.1.47.orig/extra/yassl/src/ssl.cpp 2010-05-06 11:24:26.000000000 -0400
+++ mysql-5.1.47/extra/yassl/src/ssl.cpp 2010-05-26 23:29:13.000000000 -0400
@@ -1606,10 +1606,10 @@
}
- int SSL_CTX_use_certificate_chain_file(SSL_CTX*, const char*)
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX* ctx, const char* file)
{
- // TDOD:
- return SSL_SUCCESS;
+ // For the moment, treat like use_certificate_file
+ return read_file(ctx, file, SSL_FILETYPE_PEM, Cert);
}
mysql-missing-string-code.patch:
Makefile.am | 1 +
1 file changed, 1 insertion(+)
--- NEW FILE mysql-missing-string-code.patch ---
Crude workaround for bug #587170. There are probably better ways ...
diff -Naur mysql-5.1.47.orig/storage/federated/Makefile.am mysql-5.1.47/storage/federated/Makefile.am
--- mysql-5.1.47.orig/storage/federated/Makefile.am 2010-05-06 11:27:38.000000000 -0400
+++ mysql-5.1.47/storage/federated/Makefile.am 2010-06-04 14:57:36.000000000 -0400
@@ -38,6 +38,7 @@
ha_federated_la_CXXFLAGS= $(AM_CFLAGS) -DMYSQL_DYNAMIC_PLUGIN
ha_federated_la_CFLAGS = $(AM_CFLAGS) -DMYSQL_DYNAMIC_PLUGIN
ha_federated_la_SOURCES = ha_federated.cc
+ha_federated_la_LIBADD = ../../mysys/string.o
EXTRA_LIBRARIES = libfederated.a
Index: mysql.spec
===================================================================
RCS file: /cvs/pkgs/rpms/mysql/F-13/mysql.spec,v
retrieving revision 1.151
retrieving revision 1.152
diff -u -p -r1.151 -r1.152
--- mysql.spec 24 May 2010 16:21:47 -0000 1.151
+++ mysql.spec 4 Jun 2010 21:20:41 -0000 1.152
@@ -1,6 +1,6 @@
Name: mysql
Version: 5.1.47
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: MySQL client programs and shared libraries
Group: Applications/Databases
URL: http://www.mysql.com
@@ -41,7 +41,9 @@ Patch9: mysql-no-docs.patch
Patch10: mysql-strmov.patch
Patch12: mysql-cve-2008-7247.patch
Patch13: mysql-expired-certs.patch
+Patch14: mysql-missing-string-code.patch
Patch15: mysql-lowercase-bug.patch
+Patch16: mysql-chain-certs.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: gperf, perl, readline-devel, openssl-devel
@@ -179,7 +181,9 @@ the MySQL sources.
%patch10 -p1
%patch12 -p1
%patch13 -p1
+%patch14 -p1
%patch15 -p1
+%patch16 -p1
libtoolize --force
aclocal
@@ -232,6 +236,7 @@ export CFLAGS CXXFLAGS
--with-pic \
--with-plugin-innobase \
--without-plugin-innodb_plugin \
+ --with-plugin-partition \
--enable-local-infile \
--enable-largefile \
--enable-thread-safe-client \
@@ -569,6 +574,14 @@ fi
%{_mandir}/man1/mysql_client_test.1*
%changelog
+* Fri Jun 4 2010 Tom Lane <tgl at redhat.com> 5.1.47-2
+- Add back "partition" storage engine
+Resolves: #597390
+- Fix broken "federated" storage engine plugin
+Related: #587170
+- Read all certificates in SSL certificate files, to support chained certs
+Related: #598656
+
* Mon May 24 2010 Tom Lane <tgl at redhat.com> 5.1.47-1
- Update to MySQL 5.1.47, for various fixes described at
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html
- Previous message: rpms/python/F-12 python.spec,1.158,1.159
- Next message: rpms/python/F-11 python-2.6-CVE-2008-5983.patch, NONE, 1.1 python-2.6.2-CVE-2010-1634.patch, NONE, 1.1 python-2.6.2-CVE-2010-2089.patch, NONE, 1.1 python.spec, 1.151, 1.152
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list