subject:"\[arch\-commits\] Commit in mariadb\/repos \(4 files\)"

[arch-commits] Commit in mariadb/repos (4 files)

2020-11-11 Thread Christian Hesse via arch-commits

Date: Wednesday, November 11, 2020 @ 11:57:12
  Author: eworm
Revision: 400361

archrelease: copy trunk to testing-x86_64

Added:
  mariadb/repos/testing-x86_64/
  mariadb/repos/testing-x86_64/0001-arch-specific.patch
(from rev 400360, mariadb/trunk/0001-arch-specific.patch)
  mariadb/repos/testing-x86_64/PKGBUILD
(from rev 400360, mariadb/trunk/PKGBUILD)
  mariadb/repos/testing-x86_64/mariadb.install
(from rev 400360, mariadb/trunk/mariadb.install)

--+
 0001-arch-specific.patch |   94 ++
 PKGBUILD |  223 +
 mariadb.install  |   15 +++
 3 files changed, 332 insertions(+)

Copied: mariadb/repos/testing-x86_64/0001-arch-specific.patch (from rev 400360, 
mariadb/trunk/0001-arch-specific.patch)
===
--- testing-x86_64/0001-arch-specific.patch (rev 0)
+++ testing-x86_64/0001-arch-specific.patch 2020-11-11 11:57:12 UTC (rev 
400361)
@@ -0,0 +1,94 @@
+From bf66e7d610de0d7d3651742342c01ed9ff93f363 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:10:17 +0100
+Subject: [PATCH 1/3] enable PrivateTmp for a little bit more security
+---
+ support-files/mariadb.service.in  | 2 +-
+ support-files/mari...@.service.in | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/support-files/mariadb.service.in 
b/support-files/mariadb.service.in
+index e7665ed1219..a1fe69d61c4 100644
+--- a/support-files/mariadb.service.in
 b/support-files/mariadb.service.in
+@@ -129,7 +129,7 @@ UMask=007
+ 
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+ 
+ # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
+ # this is the same value as used in SysV init scripts in the past
+diff --git a/support-files/mari...@.service.in 
b/support-files/mari...@.service.in
+index ffefc2f22d8..f8b0b8aad8d 100644
+--- a/support-files/mari...@.service.in
 b/support-files/mari...@.service.in
+@@ -241,7 +241,7 @@ UMask=007
+ 
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+ 
+ # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
+ # this is the same value as used in SysV init scripts in the past
+
+From 00aab78891a19a14a92039fcc6a73e391a3bb471 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:10:46 +0100
+Subject: [PATCH 2/3] force preloading jemalloc for memory management
+---
+ support-files/mariadb.service.in  | 1 +
+ support-files/mari...@.service.in | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/support-files/mariadb.service.in 
b/support-files/mariadb.service.in
+index a1fe69d61c4..9a2941ae917 100644
+--- a/support-files/mariadb.service.in
 b/support-files/mariadb.service.in
+@@ -159,6 +159,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit 
paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+ 
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+diff --git a/support-files/mari...@.service.in 
b/support-files/mari...@.service.in
+index f8b0b8aad8d..3309127330c 100644
+--- a/support-files/mari...@.service.in
 b/support-files/mari...@.service.in
+@@ -282,6 +282,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit 
paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+ 
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+
+From a78ff18c83a5eb2556d4f3716f13786dcd8395d2 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:11:31 +0100
+Subject: [PATCH 3/3] Make systemd-tmpfiles create MYSQL_DATADIR
+
+This is a no-op if the directory exists, but makes sure it is created by
+systemd-tmpfiles with proper permissions otherwise.
+
+This solves packaging issues when the user MYSQLD_USER is created by
+systemd-sysusers and uid is not known in advance.
+
+Also this now sets the No_COW attribute.
+---
+ support-files/tmpfiles.conf.in | 2 +
+ 1 file changed, 2 insertion(+)
+
+diff --git a/support-files/tmpfiles.conf.in b/support-files/tmpfiles.conf.in
+index 03d66abc0c7..3c89cb258c9 100644
+--- a/support-files/tmpfiles.conf.in
 b/support-files/tmpfiles.conf.in
+@@ -1 +1,3 @@
+ d @MYSQL_UNIX_DIR@ 0755 @MYSQLD_USER@ @MYSQLD_USER@ -
++d @MYSQL_DATADIR@ 0700 @MYSQLD_USER@ @MYSQLD_USER@ -
++h @MYSQL_DATADIR@ - - - - +C

Copied:

[arch-commits] Commit in mariadb/repos (4 files)

2020-11-03 Thread Christian Hesse via arch-commits

Date: Wednesday, November 4, 2020 @ 06:58:03
  Author: eworm
Revision: 399239

archrelease: copy trunk to testing-x86_64

Added:
  mariadb/repos/testing-x86_64/
  mariadb/repos/testing-x86_64/0001-arch-specific.patch
(from rev 399238, mariadb/trunk/0001-arch-specific.patch)
  mariadb/repos/testing-x86_64/PKGBUILD
(from rev 399238, mariadb/trunk/PKGBUILD)
  mariadb/repos/testing-x86_64/mariadb.install
(from rev 399238, mariadb/trunk/mariadb.install)

--+
 0001-arch-specific.patch |   94 ++
 PKGBUILD |  223 +
 mariadb.install  |   25 +
 3 files changed, 342 insertions(+)

Copied: mariadb/repos/testing-x86_64/0001-arch-specific.patch (from rev 399238, 
mariadb/trunk/0001-arch-specific.patch)
===
--- testing-x86_64/0001-arch-specific.patch (rev 0)
+++ testing-x86_64/0001-arch-specific.patch 2020-11-04 06:58:03 UTC (rev 
399239)
@@ -0,0 +1,94 @@
+From bf66e7d610de0d7d3651742342c01ed9ff93f363 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:10:17 +0100
+Subject: [PATCH 1/3] enable PrivateTmp for a little bit more security
+---
+ support-files/mariadb.service.in  | 2 +-
+ support-files/mari...@.service.in | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/support-files/mariadb.service.in 
b/support-files/mariadb.service.in
+index e7665ed1219..a1fe69d61c4 100644
+--- a/support-files/mariadb.service.in
 b/support-files/mariadb.service.in
+@@ -129,7 +129,7 @@ UMask=007
+ 
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+ 
+ # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
+ # this is the same value as used in SysV init scripts in the past
+diff --git a/support-files/mari...@.service.in 
b/support-files/mari...@.service.in
+index ffefc2f22d8..f8b0b8aad8d 100644
+--- a/support-files/mari...@.service.in
 b/support-files/mari...@.service.in
+@@ -241,7 +241,7 @@ UMask=007
+ 
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+ 
+ # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
+ # this is the same value as used in SysV init scripts in the past
+
+From 00aab78891a19a14a92039fcc6a73e391a3bb471 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:10:46 +0100
+Subject: [PATCH 2/3] force preloading jemalloc for memory management
+---
+ support-files/mariadb.service.in  | 1 +
+ support-files/mari...@.service.in | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/support-files/mariadb.service.in 
b/support-files/mariadb.service.in
+index a1fe69d61c4..9a2941ae917 100644
+--- a/support-files/mariadb.service.in
 b/support-files/mariadb.service.in
+@@ -159,6 +159,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit 
paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+ 
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+diff --git a/support-files/mari...@.service.in 
b/support-files/mari...@.service.in
+index f8b0b8aad8d..3309127330c 100644
+--- a/support-files/mari...@.service.in
 b/support-files/mari...@.service.in
+@@ -282,6 +282,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit 
paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+ 
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+
+From a78ff18c83a5eb2556d4f3716f13786dcd8395d2 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:11:31 +0100
+Subject: [PATCH 3/3] Make systemd-tmpfiles create MYSQL_DATADIR
+
+This is a no-op if the directory exists, but makes sure it is created by
+systemd-tmpfiles with proper permissions otherwise.
+
+This solves packaging issues when the user MYSQLD_USER is created by
+systemd-sysusers and uid is not known in advance.
+
+Also this now sets the No_COW attribute.
+---
+ support-files/tmpfiles.conf.in | 2 +
+ 1 file changed, 2 insertion(+)
+
+diff --git a/support-files/tmpfiles.conf.in b/support-files/tmpfiles.conf.in
+index 03d66abc0c7..3c89cb258c9 100644
+--- a/support-files/tmpfiles.conf.in
 b/support-files/tmpfiles.conf.in
+@@ -1 +1,3 @@
+ d @MYSQL_UNIX_DIR@ 0755 @MYSQLD_USER@ @MYSQLD_USER@ -
++d @MYSQL_DATADIR@ 0700 @MYSQLD_USER@ @MYSQLD_USER@ -
++h @MYSQL_DATADIR@ - - - - +C

Copied:

[arch-commits] Commit in mariadb/repos (4 files)

2020-10-07 Thread Christian Hesse via arch-commits

Date: Wednesday, October 7, 2020 @ 19:21:16
  Author: eworm
Revision: 397493

archrelease: copy trunk to testing-x86_64

Added:
  mariadb/repos/testing-x86_64/
  mariadb/repos/testing-x86_64/0001-arch-specific.patch
(from rev 397492, mariadb/trunk/0001-arch-specific.patch)
  mariadb/repos/testing-x86_64/PKGBUILD
(from rev 397492, mariadb/trunk/PKGBUILD)
  mariadb/repos/testing-x86_64/mariadb.install
(from rev 397492, mariadb/trunk/mariadb.install)

--+
 0001-arch-specific.patch |   94 ++
 PKGBUILD |  223 +
 mariadb.install  |   25 +
 3 files changed, 342 insertions(+)

Copied: mariadb/repos/testing-x86_64/0001-arch-specific.patch (from rev 397492, 
mariadb/trunk/0001-arch-specific.patch)
===
--- testing-x86_64/0001-arch-specific.patch (rev 0)
+++ testing-x86_64/0001-arch-specific.patch 2020-10-07 19:21:16 UTC (rev 
397493)
@@ -0,0 +1,94 @@
+From bf66e7d610de0d7d3651742342c01ed9ff93f363 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:10:17 +0100
+Subject: [PATCH 1/3] enable PrivateTmp for a little bit more security
+---
+ support-files/mariadb.service.in  | 2 +-
+ support-files/mari...@.service.in | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/support-files/mariadb.service.in 
b/support-files/mariadb.service.in
+index e7665ed1219..a1fe69d61c4 100644
+--- a/support-files/mariadb.service.in
 b/support-files/mariadb.service.in
+@@ -129,7 +129,7 @@ UMask=007
+ 
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+ 
+ # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
+ # this is the same value as used in SysV init scripts in the past
+diff --git a/support-files/mari...@.service.in 
b/support-files/mari...@.service.in
+index ffefc2f22d8..f8b0b8aad8d 100644
+--- a/support-files/mari...@.service.in
 b/support-files/mari...@.service.in
+@@ -241,7 +241,7 @@ UMask=007
+ 
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+ 
+ # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
+ # this is the same value as used in SysV init scripts in the past
+
+From 00aab78891a19a14a92039fcc6a73e391a3bb471 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:10:46 +0100
+Subject: [PATCH 2/3] force preloading jemalloc for memory management
+---
+ support-files/mariadb.service.in  | 1 +
+ support-files/mari...@.service.in | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/support-files/mariadb.service.in 
b/support-files/mariadb.service.in
+index a1fe69d61c4..9a2941ae917 100644
+--- a/support-files/mariadb.service.in
 b/support-files/mariadb.service.in
+@@ -159,6 +159,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit 
paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+ 
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+diff --git a/support-files/mari...@.service.in 
b/support-files/mari...@.service.in
+index f8b0b8aad8d..3309127330c 100644
+--- a/support-files/mari...@.service.in
 b/support-files/mari...@.service.in
+@@ -282,6 +282,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit 
paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+ 
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+
+From a78ff18c83a5eb2556d4f3716f13786dcd8395d2 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:11:31 +0100
+Subject: [PATCH 3/3] Make systemd-tmpfiles create MYSQL_DATADIR
+
+This is a no-op if the directory exists, but makes sure it is created by
+systemd-tmpfiles with proper permissions otherwise.
+
+This solves packaging issues when the user MYSQLD_USER is created by
+systemd-sysusers and uid is not known in advance.
+
+Also this now sets the No_COW attribute.
+---
+ support-files/tmpfiles.conf.in | 2 +
+ 1 file changed, 2 insertion(+)
+
+diff --git a/support-files/tmpfiles.conf.in b/support-files/tmpfiles.conf.in
+index 03d66abc0c7..3c89cb258c9 100644
+--- a/support-files/tmpfiles.conf.in
 b/support-files/tmpfiles.conf.in
+@@ -1 +1,3 @@
+ d @MYSQL_UNIX_DIR@ 0755 @MYSQLD_USER@ @MYSQLD_USER@ -
++d @MYSQL_DATADIR@ 0700 @MYSQLD_USER@ @MYSQLD_USER@ -
++h @MYSQL_DATADIR@ - - - - +C

Copied:

[arch-commits] Commit in mariadb/repos (4 files)

2020-10-07 Thread Christian Hesse via arch-commits

Date: Wednesday, October 7, 2020 @ 07:22:56
  Author: eworm
Revision: 397463

archrelease: copy trunk to testing-x86_64

Added:
  mariadb/repos/testing-x86_64/
  mariadb/repos/testing-x86_64/0001-arch-specific.patch
(from rev 397462, mariadb/trunk/0001-arch-specific.patch)
  mariadb/repos/testing-x86_64/PKGBUILD
(from rev 397462, mariadb/trunk/PKGBUILD)
  mariadb/repos/testing-x86_64/mariadb.install
(from rev 397462, mariadb/trunk/mariadb.install)

--+
 0001-arch-specific.patch |   94 ++
 PKGBUILD |  223 +
 mariadb.install  |   25 +
 3 files changed, 342 insertions(+)

Copied: mariadb/repos/testing-x86_64/0001-arch-specific.patch (from rev 397462, 
mariadb/trunk/0001-arch-specific.patch)
===
--- testing-x86_64/0001-arch-specific.patch (rev 0)
+++ testing-x86_64/0001-arch-specific.patch 2020-10-07 07:22:56 UTC (rev 
397463)
@@ -0,0 +1,94 @@
+From bf66e7d610de0d7d3651742342c01ed9ff93f363 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:10:17 +0100
+Subject: [PATCH 1/3] enable PrivateTmp for a little bit more security
+---
+ support-files/mariadb.service.in  | 2 +-
+ support-files/mari...@.service.in | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/support-files/mariadb.service.in 
b/support-files/mariadb.service.in
+index e7665ed1219..a1fe69d61c4 100644
+--- a/support-files/mariadb.service.in
 b/support-files/mariadb.service.in
+@@ -129,7 +129,7 @@ UMask=007
+ 
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+ 
+ # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
+ # this is the same value as used in SysV init scripts in the past
+diff --git a/support-files/mari...@.service.in 
b/support-files/mari...@.service.in
+index ffefc2f22d8..f8b0b8aad8d 100644
+--- a/support-files/mari...@.service.in
 b/support-files/mari...@.service.in
+@@ -241,7 +241,7 @@ UMask=007
+ 
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+ 
+ # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
+ # this is the same value as used in SysV init scripts in the past
+
+From 00aab78891a19a14a92039fcc6a73e391a3bb471 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:10:46 +0100
+Subject: [PATCH 2/3] force preloading jemalloc for memory management
+---
+ support-files/mariadb.service.in  | 1 +
+ support-files/mari...@.service.in | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/support-files/mariadb.service.in 
b/support-files/mariadb.service.in
+index a1fe69d61c4..9a2941ae917 100644
+--- a/support-files/mariadb.service.in
 b/support-files/mariadb.service.in
+@@ -159,6 +159,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit 
paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+ 
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+diff --git a/support-files/mari...@.service.in 
b/support-files/mari...@.service.in
+index f8b0b8aad8d..3309127330c 100644
+--- a/support-files/mari...@.service.in
 b/support-files/mari...@.service.in
+@@ -282,6 +282,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit 
paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+ 
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+
+From a78ff18c83a5eb2556d4f3716f13786dcd8395d2 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:11:31 +0100
+Subject: [PATCH 3/3] Make systemd-tmpfiles create MYSQL_DATADIR
+
+This is a no-op if the directory exists, but makes sure it is created by
+systemd-tmpfiles with proper permissions otherwise.
+
+This solves packaging issues when the user MYSQLD_USER is created by
+systemd-sysusers and uid is not known in advance.
+
+Also this now sets the No_COW attribute.
+---
+ support-files/tmpfiles.conf.in | 2 +
+ 1 file changed, 2 insertion(+)
+
+diff --git a/support-files/tmpfiles.conf.in b/support-files/tmpfiles.conf.in
+index 03d66abc0c7..3c89cb258c9 100644
+--- a/support-files/tmpfiles.conf.in
 b/support-files/tmpfiles.conf.in
+@@ -1 +1,3 @@
+ d @MYSQL_UNIX_DIR@ 0755 @MYSQLD_USER@ @MYSQLD_USER@ -
++d @MYSQL_DATADIR@ 0700 @MYSQLD_USER@ @MYSQLD_USER@ -
++h @MYSQL_DATADIR@ - - - - +C

Copied:

[arch-commits] Commit in mariadb/repos (4 files)

2020-08-20 Thread Christian Hesse via arch-commits

Date: Thursday, August 20, 2020 @ 08:35:19
  Author: eworm
Revision: 394429

archrelease: copy trunk to testing-x86_64

Added:
  mariadb/repos/testing-x86_64/
  mariadb/repos/testing-x86_64/0001-arch-specific.patch
(from rev 394428, mariadb/trunk/0001-arch-specific.patch)
  mariadb/repos/testing-x86_64/PKGBUILD
(from rev 394428, mariadb/trunk/PKGBUILD)
  mariadb/repos/testing-x86_64/mariadb.install
(from rev 394428, mariadb/trunk/mariadb.install)

--+
 0001-arch-specific.patch |   94 ++
 PKGBUILD |  224 +
 mariadb.install  |   25 +
 3 files changed, 343 insertions(+)

Copied: mariadb/repos/testing-x86_64/0001-arch-specific.patch (from rev 394428, 
mariadb/trunk/0001-arch-specific.patch)
===
--- testing-x86_64/0001-arch-specific.patch (rev 0)
+++ testing-x86_64/0001-arch-specific.patch 2020-08-20 08:35:19 UTC (rev 
394429)
@@ -0,0 +1,94 @@
+From bf66e7d610de0d7d3651742342c01ed9ff93f363 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:10:17 +0100
+Subject: [PATCH 1/3] enable PrivateTmp for a little bit more security
+---
+ support-files/mariadb.service.in  | 2 +-
+ support-files/mari...@.service.in | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/support-files/mariadb.service.in 
b/support-files/mariadb.service.in
+index e7665ed1219..a1fe69d61c4 100644
+--- a/support-files/mariadb.service.in
 b/support-files/mariadb.service.in
+@@ -129,7 +129,7 @@ UMask=007
+ 
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+ 
+ # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
+ # this is the same value as used in SysV init scripts in the past
+diff --git a/support-files/mari...@.service.in 
b/support-files/mari...@.service.in
+index ffefc2f22d8..f8b0b8aad8d 100644
+--- a/support-files/mari...@.service.in
 b/support-files/mari...@.service.in
+@@ -241,7 +241,7 @@ UMask=007
+ 
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+ 
+ # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
+ # this is the same value as used in SysV init scripts in the past
+
+From 00aab78891a19a14a92039fcc6a73e391a3bb471 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:10:46 +0100
+Subject: [PATCH 2/3] force preloading jemalloc for memory management
+---
+ support-files/mariadb.service.in  | 1 +
+ support-files/mari...@.service.in | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/support-files/mariadb.service.in 
b/support-files/mariadb.service.in
+index a1fe69d61c4..9a2941ae917 100644
+--- a/support-files/mariadb.service.in
 b/support-files/mariadb.service.in
+@@ -159,6 +159,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit 
paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+ 
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+diff --git a/support-files/mari...@.service.in 
b/support-files/mari...@.service.in
+index f8b0b8aad8d..3309127330c 100644
+--- a/support-files/mari...@.service.in
 b/support-files/mari...@.service.in
+@@ -282,6 +282,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit 
paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+ 
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+
+From a78ff18c83a5eb2556d4f3716f13786dcd8395d2 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:11:31 +0100
+Subject: [PATCH 3/3] Make systemd-tmpfiles create MYSQL_DATADIR
+
+This is a no-op if the directory exists, but makes sure it is created by
+systemd-tmpfiles with proper permissions otherwise.
+
+This solves packaging issues when the user MYSQLD_USER is created by
+systemd-sysusers and uid is not known in advance.
+
+Also this now sets the No_COW attribute.
+---
+ support-files/tmpfiles.conf.in | 2 +
+ 1 file changed, 2 insertion(+)
+
+diff --git a/support-files/tmpfiles.conf.in b/support-files/tmpfiles.conf.in
+index 03d66abc0c7..3c89cb258c9 100644
+--- a/support-files/tmpfiles.conf.in
 b/support-files/tmpfiles.conf.in
+@@ -1 +1,3 @@
+ d @MYSQL_UNIX_DIR@ 0755 @MYSQLD_USER@ @MYSQLD_USER@ -
++d @MYSQL_DATADIR@ 0700 @MYSQLD_USER@ @MYSQLD_USER@ -
++h @MYSQL_DATADIR@ - - - - +C

Copied:

[arch-commits] Commit in mariadb/repos (4 files)

2020-08-10 Thread Christian Hesse via arch-commits

Date: Monday, August 10, 2020 @ 15:04:15
  Author: eworm
Revision: 393517

archrelease: copy trunk to testing-x86_64

Added:
  mariadb/repos/testing-x86_64/
  mariadb/repos/testing-x86_64/0001-arch-specific.patch
(from rev 393516, mariadb/trunk/0001-arch-specific.patch)
  mariadb/repos/testing-x86_64/PKGBUILD
(from rev 393516, mariadb/trunk/PKGBUILD)
  mariadb/repos/testing-x86_64/mariadb.install
(from rev 393516, mariadb/trunk/mariadb.install)

--+
 0001-arch-specific.patch |   94 ++
 PKGBUILD |  223 +
 mariadb.install  |   25 +
 3 files changed, 342 insertions(+)

Copied: mariadb/repos/testing-x86_64/0001-arch-specific.patch (from rev 393516, 
mariadb/trunk/0001-arch-specific.patch)
===
--- testing-x86_64/0001-arch-specific.patch (rev 0)
+++ testing-x86_64/0001-arch-specific.patch 2020-08-10 15:04:15 UTC (rev 
393517)
@@ -0,0 +1,94 @@
+From bf66e7d610de0d7d3651742342c01ed9ff93f363 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:10:17 +0100
+Subject: [PATCH 1/3] enable PrivateTmp for a little bit more security
+---
+ support-files/mariadb.service.in  | 2 +-
+ support-files/mari...@.service.in | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/support-files/mariadb.service.in 
b/support-files/mariadb.service.in
+index e7665ed1219..a1fe69d61c4 100644
+--- a/support-files/mariadb.service.in
 b/support-files/mariadb.service.in
+@@ -129,7 +129,7 @@ UMask=007
+ 
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+ 
+ # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
+ # this is the same value as used in SysV init scripts in the past
+diff --git a/support-files/mari...@.service.in 
b/support-files/mari...@.service.in
+index ffefc2f22d8..f8b0b8aad8d 100644
+--- a/support-files/mari...@.service.in
 b/support-files/mari...@.service.in
+@@ -241,7 +241,7 @@ UMask=007
+ 
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+ 
+ # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
+ # this is the same value as used in SysV init scripts in the past
+
+From 00aab78891a19a14a92039fcc6a73e391a3bb471 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:10:46 +0100
+Subject: [PATCH 2/3] force preloading jemalloc for memory management
+---
+ support-files/mariadb.service.in  | 1 +
+ support-files/mari...@.service.in | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/support-files/mariadb.service.in 
b/support-files/mariadb.service.in
+index a1fe69d61c4..9a2941ae917 100644
+--- a/support-files/mariadb.service.in
 b/support-files/mariadb.service.in
+@@ -159,6 +159,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit 
paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+ 
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+diff --git a/support-files/mari...@.service.in 
b/support-files/mari...@.service.in
+index f8b0b8aad8d..3309127330c 100644
+--- a/support-files/mari...@.service.in
 b/support-files/mari...@.service.in
+@@ -282,6 +282,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit 
paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+ 
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+
+From a78ff18c83a5eb2556d4f3716f13786dcd8395d2 Mon Sep 17 00:00:00 2001
+From: Christian Hesse 
+Date: Wed, 19 Feb 2020 13:11:31 +0100
+Subject: [PATCH 3/3] Make systemd-tmpfiles create MYSQL_DATADIR
+
+This is a no-op if the directory exists, but makes sure it is created by
+systemd-tmpfiles with proper permissions otherwise.
+
+This solves packaging issues when the user MYSQLD_USER is created by
+systemd-sysusers and uid is not known in advance.
+
+Also this now sets the No_COW attribute.
+---
+ support-files/tmpfiles.conf.in | 2 +
+ 1 file changed, 2 insertion(+)
+
+diff --git a/support-files/tmpfiles.conf.in b/support-files/tmpfiles.conf.in
+index 03d66abc0c7..3c89cb258c9 100644
+--- a/support-files/tmpfiles.conf.in
 b/support-files/tmpfiles.conf.in
+@@ -1 +1,3 @@
+ d @MYSQL_UNIX_DIR@ 0755 @MYSQLD_USER@ @MYSQLD_USER@ -
++d @MYSQL_DATADIR@ 0700 @MYSQLD_USER@ @MYSQLD_USER@ -
++h @MYSQL_DATADIR@ - - - - +C

Copied:

[arch-commits] Commit in mariadb/repos (4 files)

2019-01-23 Thread Christian Hesse via arch-commits

Date: Wednesday, January 23, 2019 @ 23:32:28
  Author: eworm
Revision: 344639

archrelease: copy trunk to testing-x86_64

Added:
  mariadb/repos/testing-x86_64/
  mariadb/repos/testing-x86_64/0001-systemd-240.patch
(from rev 344638, mariadb/trunk/0001-systemd-240.patch)
  mariadb/repos/testing-x86_64/PKGBUILD
(from rev 344638, mariadb/trunk/PKGBUILD)
  mariadb/repos/testing-x86_64/mariadb.install
(from rev 344638, mariadb/trunk/mariadb.install)

+
 0001-systemd-240.patch |   18 +++
 PKGBUILD   |  233 +++
 mariadb.install|   15 +++
 3 files changed, 266 insertions(+)

Copied: mariadb/repos/testing-x86_64/0001-systemd-240.patch (from rev 344638, 
mariadb/trunk/0001-systemd-240.patch)
===
--- testing-x86_64/0001-systemd-240.patch   (rev 0)
+++ testing-x86_64/0001-systemd-240.patch   2019-01-23 23:32:28 UTC (rev 
344639)
@@ -0,0 +1,18 @@
+diff --git a/mysys/my_file.c b/mysys/my_file.c
+index a23ab487d00..23226595b2e 100644
+--- a/mysys/my_file.c
 b/mysys/my_file.c
+@@ -52,10 +52,9 @@ static uint set_max_open_files(uint max_file_limit)
+ DBUG_PRINT("info", ("rlim_cur: %u  rlim_max: %u",
+   (uint) rlimit.rlim_cur,
+   (uint) rlimit.rlim_max));
+-if ((ulonglong) rlimit.rlim_cur == (ulonglong) RLIM_INFINITY)
+-  rlimit.rlim_cur = max_file_limit;
+-if (rlimit.rlim_cur >= max_file_limit)
+-  DBUG_RETURN(rlimit.rlim_cur);   /* purecov: inspected */
++if ((ulonglong) rlimit.rlim_cur == (ulonglong) RLIM_INFINITY ||
++rlimit.rlim_cur >= max_file_limit)
++  DBUG_RETURN(max_file_limit);
+ rlimit.rlim_cur= rlimit.rlim_max= max_file_limit;
+ if (setrlimit(RLIMIT_NOFILE, ))
+   max_file_limit= old_cur;/* Use original value */

Copied: mariadb/repos/testing-x86_64/PKGBUILD (from rev 344638, 
mariadb/trunk/PKGBUILD)
===
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2019-01-23 23:32:28 UTC (rev 344639)
@@ -0,0 +1,233 @@
+# Maintainer: Bartłomiej Piotrowski 
+# Maintainer: Christian Hesse 
+
+pkgbase=mariadb
+pkgname=('mariadb-libs' 'mariadb-clients' 'mariadb' 'mytop')
+pkgdesc='Fast SQL database server, derived from MySQL'
+pkgver=10.3.12
+pkgrel=4
+arch=('x86_64')
+license=('GPL')
+url='https://mariadb.org/'
+makedepends=('boost' 'bzip2' 'cmake' 'jemalloc' 'libaio' 'libxml2' 'lz4' 'lzo'
+ 'openssl' 'systemd' 'zlib' 'zstd')
+validpgpkeys=('199369E5404BD5FC7D2FE43BCBCB082A1BB943DB') # MariaDB Package 
Signing Key 
+source=("https://ftp.heanet.ie/mirrors/mariadb/mariadb-$pkgver/source/mariadb-$pkgver.tar.gz"{,.asc}
+'0001-systemd-240.patch')
+sha256sums=('f7449a34c25e0455928d7983dae83fd2069fe1f16c4c5f4aeed9ed9d3f081ff6'
+'SKIP'
+'d57500014f50d73fe7f35a4503488fb1008bbd15cbcc6ec9aa927fc801e816f4')
+
+prepare() {
+  cd $pkgbase-$pkgver/
+
+  # Changes to the upstream unit files:
+  #  * remove the alias from unit files, we install symlinks in package 
function
+  #  * enable PrivateTmp for a little bit more security
+  #  * force preloading jemalloc for memory management
+  sed -i -e '/^Alias/d' \
+-e '/^PrivateTmp/c PrivateTmp=true' \
+-e '/# Environment="LD_/a 
Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"' \
+support-files/mariadb{,@}.service.in
+
+  # let's create the datadir from tmpfiles
+  echo 'd @MYSQL_DATADIR@ 0700 @MYSQLD_USER@ @MYSQLD_USER@ -' >> 
support-files/tmpfiles.conf.in
+
+  # instantiated configs are not subject to be included from main config
+  sed -i 's|@sysconf2dir@|@sysconfdir@|' support-files/mari...@.service.in
+
+  # fix path to our config
+  sed -i 's|my.cnf.d|mysql/my.cnf.d|' 
support-files/rpm/{my.cnf,enable_encryption.preset}
+
+  # fix memory allocation and OOM with systemd >= 240
+  # https://bugs.archlinux.org/task/61433
+  # https://github.com/systemd/systemd/issues/11510
+  # https://jira.mariadb.org/browse/MDEV-18360
+  patch -Np1 < ../0001-systemd-240.patch
+}
+
+build() {
+  local _cmake_options=(
+# build options
+-DCMAKE_BUILD_TYPE=RelWithDebInfo
+-Wno-dev
+
+# file paths
+# /etc
+-DINSTALL_SYSCONFDIR=/etc/mysql
+-DINSTALL_SYSCONF2DIR=/etc/mysql/my.cnf.d
+# /run
+-DINSTALL_UNIX_ADDRDIR=/run/mysqld/mysqld.sock
+# /usr
+-DCMAKE_INSTALL_PREFIX=/usr
+# /usr/bin /usr/include
+-DINSTALL_SCRIPTDIR=bin
+-DINSTALL_INCLUDEDIR=include/mysql
+# /usr/lib
+-DINSTALL_PLUGINDIR=lib/mysql/plugin
+-DINSTALL_SYSTEMD_UNITDIR=/usr/lib/systemd/system/
+-DINSTALL_SYSTEMD_SYSUSERSDIR=/usr/lib/sysusers.d/
+-DINSTALL_SYSTEMD_TMPFILESDIR=/usr/lib/tmpfiles.d/
+# /usr/share
+-DINSTALL_SHAREDIR=share
+-DINSTALL_SUPPORTFILESDIR=share/mysql
+

[arch-commits] Commit in mariadb/repos (4 files)

2018-11-02 Thread Christian Hesse via arch-commits

Date: Friday, November 2, 2018 @ 09:25:02
  Author: eworm
Revision: 337729

archrelease: copy trunk to testing-x86_64

Added:
  mariadb/repos/testing-x86_64/
  mariadb/repos/testing-x86_64/0001-openssl-1-1-0.patch
(from rev 337728, mariadb/trunk/0001-openssl-1-1-0.patch)
  mariadb/repos/testing-x86_64/PKGBUILD
(from rev 337728, mariadb/trunk/PKGBUILD)
  mariadb/repos/testing-x86_64/mariadb.install
(from rev 337728, mariadb/trunk/mariadb.install)

--+
 0001-openssl-1-1-0.patch | 1008 +
 PKGBUILD |  194 
 mariadb.install  |   11 
 3 files changed, 1213 insertions(+)

Copied: mariadb/repos/testing-x86_64/0001-openssl-1-1-0.patch (from rev 337728, 
mariadb/trunk/0001-openssl-1-1-0.patch)
===
--- testing-x86_64/0001-openssl-1-1-0.patch (rev 0)
+++ testing-x86_64/0001-openssl-1-1-0.patch 2018-11-02 09:25:02 UTC (rev 
337729)
@@ -0,0 +1,1008 @@
+diff --git a/cmake/ssl.cmake b/cmake/ssl.cmake
+index 24e18600402..6fac749fd13 100644
+--- a/cmake/ssl.cmake
 b/cmake/ssl.cmake
+@@ -182,7 +182,7 @@ MACRO (MYSQL_CHECK_SSL)
+ HAVE_SHA512_DIGEST_LENGTH)
+ SET(CMAKE_REQUIRED_INCLUDES)
+ IF(OPENSSL_INCLUDE_DIR AND OPENSSL_LIBRARIES AND
+-   OPENSSL_MAJOR_VERSION STRLESS "101" AND
++   OPENSSL_MAJOR_VERSION STRLESS "102" AND
+CRYPTO_LIBRARY AND HAVE_SHA512_DIGEST_LENGTH)
+ 
+   SET(SSL_SOURCES "")
+diff --git a/include/ssl_compat.h b/include/ssl_compat.h
+new file mode 100644
+index 000..b0e3ed4
+--- /dev/null
 b/include/ssl_compat.h
+@@ -0,0 +1,75 @@
++/*
++ Copyright (c) 2016, 2017 MariaDB Corporation
++
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; version 2 of the License.
++
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with this program; if not, write to the Free Software
++ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
++
++#include 
++
++/* OpenSSL version specific definitions */
++#if !defined(HAVE_YASSL) && defined(OPENSSL_VERSION_NUMBER)
++
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
++#define HAVE_X509_check_host 1
++#endif
++
++#if OPENSSL_VERSION_NUMBER >= 0x1010L && !defined(LIBRESSL_VERSION_NUMBER)
++#define HAVE_OPENSSL11 1
++#define ERR_remove_state(X) ERR_clear_error()
++#define EVP_MD_CTX_cleanup(X) EVP_MD_CTX_reset(X)
++#define EVP_CIPHER_CTX_SIZE 168
++#define EVP_MD_CTX_SIZE 48
++#undef EVP_MD_CTX_init
++#define EVP_MD_CTX_init(X) do { bzero((X), EVP_MD_CTX_SIZE); 
EVP_MD_CTX_reset(X); } while(0)
++#undef EVP_CIPHER_CTX_init
++#define EVP_CIPHER_CTX_init(X) do { bzero((X), EVP_CIPHER_CTX_SIZE); 
EVP_CIPHER_CTX_reset(X); } while(0)
++
++#else
++#define HAVE_OPENSSL10 1
++/*
++  Unfortunately RAND_bytes manual page does not provide any guarantees
++  in relation to blocking behavior. Here we explicitly use SSLeay random
++  instead of whatever random engine is currently set in OpenSSL. That way
++  we are guaranteed to have a non-blocking random.
++*/
++#define RAND_OpenSSL() RAND_SSLeay()
++
++#ifdef HAVE_ERR_remove_thread_state
++#define ERR_remove_state(X) ERR_remove_thread_state(NULL)
++#endif /* HAVE_ERR_remove_thread_state */
++
++#endif /* HAVE_OPENSSL11 */
++
++#elif defined(HAVE_YASSL)
++#define BN_free(X) do { } while(0)
++#endif /* !defined(HAVE_YASSL) */
++
++#ifndef HAVE_OPENSSL11
++#define ASN1_STRING_get0_data(X)ASN1_STRING_data(X)
++#define OPENSSL_init_ssl(X,Y)   SSL_library_init()
++#define DH_set0_pqg(D,P,Q,G)((D)->p= (P), (D)->g= (G))
++#define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf)
++#define EVP_CIPHER_CTX_encrypting(ctx)  ((ctx)->encrypt)
++#define EVP_CIPHER_CTX_SIZE sizeof(EVP_CIPHER_CTX)
++#define EVP_MD_CTX_SIZE sizeof(EVP_MD_CTX)
++#endif
++
++#ifdef__cplusplus
++extern "C" {
++#endif /* __cplusplus */
++
++int check_openssl_compatibility();
++
++#ifdef__cplusplus
++}
++#endif
+diff --git a/include/violite.h b/include/violite.h
+index a7165ca..572d474 100644
+--- a/include/violite.h
 b/include/violite.h
+@@ -123,13 +123,6 @@ int vio_getnameinfo(const struct sockaddr *sa,
+ int flags);
+ 
+ #ifdef HAVE_OPENSSL
+-#include 
+-#if OPENSSL_VERSION_NUMBER < 0x0090700f
+-#define DES_cblock des_cblock
+-#define DES_key_schedule des_key_schedule
+-#define DES_set_key_unchecked(k,ks) des_set_key_unchecked((k),*(ks))
+-#define

[arch-commits] Commit in mariadb/repos (4 files)

2018-09-08 Thread Christian Hesse via arch-commits

Date: Saturday, September 8, 2018 @ 19:34:37
  Author: eworm
Revision: 334145

archrelease: copy trunk to testing-x86_64

Added:
  mariadb/repos/testing-x86_64/
  mariadb/repos/testing-x86_64/0001-openssl-1-1-0.patch
(from rev 334144, mariadb/trunk/0001-openssl-1-1-0.patch)
  mariadb/repos/testing-x86_64/PKGBUILD
(from rev 334144, mariadb/trunk/PKGBUILD)
  mariadb/repos/testing-x86_64/mariadb.install
(from rev 334144, mariadb/trunk/mariadb.install)

--+
 0001-openssl-1-1-0.patch |  995 +
 PKGBUILD |  195 
 mariadb.install  |   11 
 3 files changed, 1201 insertions(+)

Copied: mariadb/repos/testing-x86_64/0001-openssl-1-1-0.patch (from rev 334144, 
mariadb/trunk/0001-openssl-1-1-0.patch)
===
--- testing-x86_64/0001-openssl-1-1-0.patch (rev 0)
+++ testing-x86_64/0001-openssl-1-1-0.patch 2018-09-08 19:34:37 UTC (rev 
334145)
@@ -0,0 +1,995 @@
+diff --git a/include/ssl_compat.h b/include/ssl_compat.h
+new file mode 100644
+index 000..b0e3ed4
+--- /dev/null
 b/include/ssl_compat.h
+@@ -0,0 +1,75 @@
++/*
++ Copyright (c) 2016, 2017 MariaDB Corporation
++
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; version 2 of the License.
++
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with this program; if not, write to the Free Software
++ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
++
++#include 
++
++/* OpenSSL version specific definitions */
++#if !defined(HAVE_YASSL) && defined(OPENSSL_VERSION_NUMBER)
++
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
++#define HAVE_X509_check_host 1
++#endif
++
++#if OPENSSL_VERSION_NUMBER >= 0x1010L && !defined(LIBRESSL_VERSION_NUMBER)
++#define HAVE_OPENSSL11 1
++#define ERR_remove_state(X) ERR_clear_error()
++#define EVP_MD_CTX_cleanup(X) EVP_MD_CTX_reset(X)
++#define EVP_CIPHER_CTX_SIZE 168
++#define EVP_MD_CTX_SIZE 48
++#undef EVP_MD_CTX_init
++#define EVP_MD_CTX_init(X) do { bzero((X), EVP_MD_CTX_SIZE); 
EVP_MD_CTX_reset(X); } while(0)
++#undef EVP_CIPHER_CTX_init
++#define EVP_CIPHER_CTX_init(X) do { bzero((X), EVP_CIPHER_CTX_SIZE); 
EVP_CIPHER_CTX_reset(X); } while(0)
++
++#else
++#define HAVE_OPENSSL10 1
++/*
++  Unfortunately RAND_bytes manual page does not provide any guarantees
++  in relation to blocking behavior. Here we explicitly use SSLeay random
++  instead of whatever random engine is currently set in OpenSSL. That way
++  we are guaranteed to have a non-blocking random.
++*/
++#define RAND_OpenSSL() RAND_SSLeay()
++
++#ifdef HAVE_ERR_remove_thread_state
++#define ERR_remove_state(X) ERR_remove_thread_state(NULL)
++#endif /* HAVE_ERR_remove_thread_state */
++
++#endif /* HAVE_OPENSSL11 */
++
++#elif defined(HAVE_YASSL)
++#define BN_free(X) do { } while(0)
++#endif /* !defined(HAVE_YASSL) */
++
++#ifndef HAVE_OPENSSL11
++#define ASN1_STRING_get0_data(X)ASN1_STRING_data(X)
++#define OPENSSL_init_ssl(X,Y)   SSL_library_init()
++#define DH_set0_pqg(D,P,Q,G)((D)->p= (P), (D)->g= (G))
++#define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf)
++#define EVP_CIPHER_CTX_encrypting(ctx)  ((ctx)->encrypt)
++#define EVP_CIPHER_CTX_SIZE sizeof(EVP_CIPHER_CTX)
++#define EVP_MD_CTX_SIZE sizeof(EVP_MD_CTX)
++#endif
++
++#ifdef__cplusplus
++extern "C" {
++#endif /* __cplusplus */
++
++int check_openssl_compatibility();
++
++#ifdef__cplusplus
++}
++#endif
+diff --git a/include/violite.h b/include/violite.h
+index a7165ca..572d474 100644
+--- a/include/violite.h
 b/include/violite.h
+@@ -123,13 +123,6 @@ int vio_getnameinfo(const struct sockaddr *sa,
+ int flags);
+ 
+ #ifdef HAVE_OPENSSL
+-#include 
+-#if OPENSSL_VERSION_NUMBER < 0x0090700f
+-#define DES_cblock des_cblock
+-#define DES_key_schedule des_key_schedule
+-#define DES_set_key_unchecked(k,ks) des_set_key_unchecked((k),*(ks))
+-#define DES_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e) 
des_ede3_cbc_encrypt((i),(o),(l),*(k1),*(k2),*(k3),(iv),(e))
+-#endif
+ /* apple deprecated openssl in MacOSX Lion */
+ #ifdef __APPLE__
+ #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+@@ -146,14 +139,10 @@ typedef my_socket YASSL_SOCKET_T;
+ #include 
+ #include 
+ 
+-#ifdef HAVE_ERR_remove_thread_state
+-#define ERR_remove_state(X) ERR_remove_thread_state(NULL)
+-#endif
+-
+ enum enum_ssl_init_error
+ {
+-  SSL_INITERR_NOERROR= 0, SSL_INITERR_CERT,

[arch-commits] Commit in mariadb/repos (4 files)

2018-08-07 Thread Christian Hesse via arch-commits

Date: Tuesday, August 7, 2018 @ 18:44:07
  Author: eworm
Revision: 331125

archrelease: copy trunk to testing-x86_64

Added:
  mariadb/repos/testing-x86_64/
  mariadb/repos/testing-x86_64/0001-openssl-1-1-0.patch
(from rev 331124, mariadb/trunk/0001-openssl-1-1-0.patch)
  mariadb/repos/testing-x86_64/PKGBUILD
(from rev 331124, mariadb/trunk/PKGBUILD)
  mariadb/repos/testing-x86_64/mariadb.install
(from rev 331124, mariadb/trunk/mariadb.install)

--+
 0001-openssl-1-1-0.patch |  995 +
 PKGBUILD |  195 
 mariadb.install  |   11 
 3 files changed, 1201 insertions(+)

Copied: mariadb/repos/testing-x86_64/0001-openssl-1-1-0.patch (from rev 331124, 
mariadb/trunk/0001-openssl-1-1-0.patch)
===
--- testing-x86_64/0001-openssl-1-1-0.patch (rev 0)
+++ testing-x86_64/0001-openssl-1-1-0.patch 2018-08-07 18:44:07 UTC (rev 
331125)
@@ -0,0 +1,995 @@
+diff --git a/include/ssl_compat.h b/include/ssl_compat.h
+new file mode 100644
+index 000..b0e3ed4
+--- /dev/null
 b/include/ssl_compat.h
+@@ -0,0 +1,75 @@
++/*
++ Copyright (c) 2016, 2017 MariaDB Corporation
++
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; version 2 of the License.
++
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with this program; if not, write to the Free Software
++ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
++
++#include 
++
++/* OpenSSL version specific definitions */
++#if !defined(HAVE_YASSL) && defined(OPENSSL_VERSION_NUMBER)
++
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
++#define HAVE_X509_check_host 1
++#endif
++
++#if OPENSSL_VERSION_NUMBER >= 0x1010L && !defined(LIBRESSL_VERSION_NUMBER)
++#define HAVE_OPENSSL11 1
++#define ERR_remove_state(X) ERR_clear_error()
++#define EVP_MD_CTX_cleanup(X) EVP_MD_CTX_reset(X)
++#define EVP_CIPHER_CTX_SIZE 168
++#define EVP_MD_CTX_SIZE 48
++#undef EVP_MD_CTX_init
++#define EVP_MD_CTX_init(X) do { bzero((X), EVP_MD_CTX_SIZE); 
EVP_MD_CTX_reset(X); } while(0)
++#undef EVP_CIPHER_CTX_init
++#define EVP_CIPHER_CTX_init(X) do { bzero((X), EVP_CIPHER_CTX_SIZE); 
EVP_CIPHER_CTX_reset(X); } while(0)
++
++#else
++#define HAVE_OPENSSL10 1
++/*
++  Unfortunately RAND_bytes manual page does not provide any guarantees
++  in relation to blocking behavior. Here we explicitly use SSLeay random
++  instead of whatever random engine is currently set in OpenSSL. That way
++  we are guaranteed to have a non-blocking random.
++*/
++#define RAND_OpenSSL() RAND_SSLeay()
++
++#ifdef HAVE_ERR_remove_thread_state
++#define ERR_remove_state(X) ERR_remove_thread_state(NULL)
++#endif /* HAVE_ERR_remove_thread_state */
++
++#endif /* HAVE_OPENSSL11 */
++
++#elif defined(HAVE_YASSL)
++#define BN_free(X) do { } while(0)
++#endif /* !defined(HAVE_YASSL) */
++
++#ifndef HAVE_OPENSSL11
++#define ASN1_STRING_get0_data(X)ASN1_STRING_data(X)
++#define OPENSSL_init_ssl(X,Y)   SSL_library_init()
++#define DH_set0_pqg(D,P,Q,G)((D)->p= (P), (D)->g= (G))
++#define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf)
++#define EVP_CIPHER_CTX_encrypting(ctx)  ((ctx)->encrypt)
++#define EVP_CIPHER_CTX_SIZE sizeof(EVP_CIPHER_CTX)
++#define EVP_MD_CTX_SIZE sizeof(EVP_MD_CTX)
++#endif
++
++#ifdef__cplusplus
++extern "C" {
++#endif /* __cplusplus */
++
++int check_openssl_compatibility();
++
++#ifdef__cplusplus
++}
++#endif
+diff --git a/include/violite.h b/include/violite.h
+index a7165ca..572d474 100644
+--- a/include/violite.h
 b/include/violite.h
+@@ -123,13 +123,6 @@ int vio_getnameinfo(const struct sockaddr *sa,
+ int flags);
+ 
+ #ifdef HAVE_OPENSSL
+-#include 
+-#if OPENSSL_VERSION_NUMBER < 0x0090700f
+-#define DES_cblock des_cblock
+-#define DES_key_schedule des_key_schedule
+-#define DES_set_key_unchecked(k,ks) des_set_key_unchecked((k),*(ks))
+-#define DES_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e) 
des_ede3_cbc_encrypt((i),(o),(l),*(k1),*(k2),*(k3),(iv),(e))
+-#endif
+ /* apple deprecated openssl in MacOSX Lion */
+ #ifdef __APPLE__
+ #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+@@ -146,14 +139,10 @@ typedef my_socket YASSL_SOCKET_T;
+ #include 
+ #include 
+ 
+-#ifdef HAVE_ERR_remove_thread_state
+-#define ERR_remove_state(X) ERR_remove_thread_state(NULL)
+-#endif
+-
+ enum enum_ssl_init_error
+ {
+-  SSL_INITERR_NOERROR= 0, SSL_INITERR_CERT,

[arch-commits] Commit in mariadb/repos (4 files)

2018-06-18 Thread Christian Hesse via arch-commits

Date: Monday, June 18, 2018 @ 09:15:47
  Author: eworm
Revision: 327121

archrelease: copy trunk to testing-x86_64

Added:
  mariadb/repos/testing-x86_64/
  mariadb/repos/testing-x86_64/0001-openssl-1-1-0.patch
(from rev 327120, mariadb/trunk/0001-openssl-1-1-0.patch)
  mariadb/repos/testing-x86_64/PKGBUILD
(from rev 327120, mariadb/trunk/PKGBUILD)
  mariadb/repos/testing-x86_64/mariadb.install
(from rev 327120, mariadb/trunk/mariadb.install)

--+
 0001-openssl-1-1-0.patch |  995 +
 PKGBUILD |  195 
 mariadb.install  |   11 
 3 files changed, 1201 insertions(+)

Copied: mariadb/repos/testing-x86_64/0001-openssl-1-1-0.patch (from rev 327120, 
mariadb/trunk/0001-openssl-1-1-0.patch)
===
--- testing-x86_64/0001-openssl-1-1-0.patch (rev 0)
+++ testing-x86_64/0001-openssl-1-1-0.patch 2018-06-18 09:15:47 UTC (rev 
327121)
@@ -0,0 +1,995 @@
+diff --git a/include/ssl_compat.h b/include/ssl_compat.h
+new file mode 100644
+index 000..b0e3ed4
+--- /dev/null
 b/include/ssl_compat.h
+@@ -0,0 +1,75 @@
++/*
++ Copyright (c) 2016, 2017 MariaDB Corporation
++
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; version 2 of the License.
++
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with this program; if not, write to the Free Software
++ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
++
++#include 
++
++/* OpenSSL version specific definitions */
++#if !defined(HAVE_YASSL) && defined(OPENSSL_VERSION_NUMBER)
++
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
++#define HAVE_X509_check_host 1
++#endif
++
++#if OPENSSL_VERSION_NUMBER >= 0x1010L && !defined(LIBRESSL_VERSION_NUMBER)
++#define HAVE_OPENSSL11 1
++#define ERR_remove_state(X) ERR_clear_error()
++#define EVP_MD_CTX_cleanup(X) EVP_MD_CTX_reset(X)
++#define EVP_CIPHER_CTX_SIZE 168
++#define EVP_MD_CTX_SIZE 48
++#undef EVP_MD_CTX_init
++#define EVP_MD_CTX_init(X) do { bzero((X), EVP_MD_CTX_SIZE); 
EVP_MD_CTX_reset(X); } while(0)
++#undef EVP_CIPHER_CTX_init
++#define EVP_CIPHER_CTX_init(X) do { bzero((X), EVP_CIPHER_CTX_SIZE); 
EVP_CIPHER_CTX_reset(X); } while(0)
++
++#else
++#define HAVE_OPENSSL10 1
++/*
++  Unfortunately RAND_bytes manual page does not provide any guarantees
++  in relation to blocking behavior. Here we explicitly use SSLeay random
++  instead of whatever random engine is currently set in OpenSSL. That way
++  we are guaranteed to have a non-blocking random.
++*/
++#define RAND_OpenSSL() RAND_SSLeay()
++
++#ifdef HAVE_ERR_remove_thread_state
++#define ERR_remove_state(X) ERR_remove_thread_state(NULL)
++#endif /* HAVE_ERR_remove_thread_state */
++
++#endif /* HAVE_OPENSSL11 */
++
++#elif defined(HAVE_YASSL)
++#define BN_free(X) do { } while(0)
++#endif /* !defined(HAVE_YASSL) */
++
++#ifndef HAVE_OPENSSL11
++#define ASN1_STRING_get0_data(X)ASN1_STRING_data(X)
++#define OPENSSL_init_ssl(X,Y)   SSL_library_init()
++#define DH_set0_pqg(D,P,Q,G)((D)->p= (P), (D)->g= (G))
++#define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf)
++#define EVP_CIPHER_CTX_encrypting(ctx)  ((ctx)->encrypt)
++#define EVP_CIPHER_CTX_SIZE sizeof(EVP_CIPHER_CTX)
++#define EVP_MD_CTX_SIZE sizeof(EVP_MD_CTX)
++#endif
++
++#ifdef__cplusplus
++extern "C" {
++#endif /* __cplusplus */
++
++int check_openssl_compatibility();
++
++#ifdef__cplusplus
++}
++#endif
+diff --git a/include/violite.h b/include/violite.h
+index a7165ca..572d474 100644
+--- a/include/violite.h
 b/include/violite.h
+@@ -123,13 +123,6 @@ int vio_getnameinfo(const struct sockaddr *sa,
+ int flags);
+ 
+ #ifdef HAVE_OPENSSL
+-#include 
+-#if OPENSSL_VERSION_NUMBER < 0x0090700f
+-#define DES_cblock des_cblock
+-#define DES_key_schedule des_key_schedule
+-#define DES_set_key_unchecked(k,ks) des_set_key_unchecked((k),*(ks))
+-#define DES_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e) 
des_ede3_cbc_encrypt((i),(o),(l),*(k1),*(k2),*(k3),(iv),(e))
+-#endif
+ /* apple deprecated openssl in MacOSX Lion */
+ #ifdef __APPLE__
+ #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+@@ -146,14 +139,10 @@ typedef my_socket YASSL_SOCKET_T;
+ #include 
+ #include 
+ 
+-#ifdef HAVE_ERR_remove_thread_state
+-#define ERR_remove_state(X) ERR_remove_thread_state(NULL)
+-#endif
+-
+ enum enum_ssl_init_error
+ {
+-  SSL_INITERR_NOERROR= 0, SSL_INITERR_CERT,

[arch-commits] Commit in mariadb/repos (4 files)

[arch-commits] Commit in mariadb/repos (4 files)

[arch-commits] Commit in mariadb/repos (4 files)

[arch-commits] Commit in mariadb/repos (4 files)

[arch-commits] Commit in mariadb/repos (4 files)

[arch-commits] Commit in mariadb/repos (4 files)

[arch-commits] Commit in mariadb/repos (4 files)

[arch-commits] Commit in mariadb/repos (4 files)

[arch-commits] Commit in mariadb/repos (4 files)

[arch-commits] Commit in mariadb/repos (4 files)

[arch-commits] Commit in mariadb/repos (4 files)

11 matches

Site Navigation

Mail list logo

Footer information