| Message ID | 20221223083433.360466-1-mingli.yu@eng.windriver.com |
|---|---|
| State | New |
| Headers | show |
| Series | [kirkstone,meta-oe] mariadb: Upgrade to 10.7.7 | expand |
On 12/23/22 3:34 AM, Yu, Mingli wrote: > From: Mingli Yu <mingli.yu@windriver.com> > > Remove the backported patch mariadb-openssl3.patch. This patch does not apply on top of Kirkstone. ./contrib/pw-am.sh -s 17152 https://patchwork.yoctoproject.org/patch/-s/mbox/: 2022-12-26 14:22:50 ERROR 404: Not Found. Patch format detection failed. 2022-12-26 14:22:51 URL:https://patchwork.yoctoproject.org/project/oe/patch/20221223083433.360466-1-mingli.yu@eng.windriver.com/mbox/ [21744/21744] -> "pw-am-17152.patch" [1] Applying: mariadb: Upgrade to 10.7.7 error: patch failed: meta-oe/recipes-dbs/mysql/mariadb.inc:19 error: meta-oe/recipes-dbs/mysql/mariadb.inc: patch does not apply error: patch failed: meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb:1 error: meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb: patch does not apply Patch failed at 0001 mariadb: Upgrade to 10.7.7 Am I missing a dependency patch? - armin > > Signed-off-by: Mingli Yu <mingli.yu@windriver.com> > --- > ...ive_10.7.4.bb => mariadb-native_10.7.7.bb} | 0 > meta-oe/recipes-dbs/mysql/mariadb.inc | 3 +- > .../mysql/mariadb/mariadb-openssl3.patch | 416 ------------------ > .../{mariadb_10.7.4.bb => mariadb_10.7.7.bb} | 2 +- > 4 files changed, 2 insertions(+), 419 deletions(-) > rename meta-oe/recipes-dbs/mysql/{mariadb-native_10.7.4.bb => mariadb-native_10.7.7.bb} (100%) > delete mode 100644 meta-oe/recipes-dbs/mysql/mariadb/mariadb-openssl3.patch > rename meta-oe/recipes-dbs/mysql/{mariadb_10.7.4.bb => mariadb_10.7.7.bb} (91%) > > diff --git a/meta-oe/recipes-dbs/mysql/mariadb-native_10.7.4.bb b/meta-oe/recipes-dbs/mysql/mariadb-native_10.7.7.bb > similarity index 100% > rename from meta-oe/recipes-dbs/mysql/mariadb-native_10.7.4.bb > rename to meta-oe/recipes-dbs/mysql/mariadb-native_10.7.7.bb > diff --git a/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-oe/recipes-dbs/mysql/mariadb.inc > index 23322cf74..097766e79 100644 > --- a/meta-oe/recipes-dbs/mysql/mariadb.inc > +++ b/meta-oe/recipes-dbs/mysql/mariadb.inc > @@ -19,13 +19,12 @@ SRC_URI = "https://archive.mariadb.org/${BP}/source/${BP}.tar.gz \ > file://ssize_t.patch \ > file://mm_malloc.patch \ > file://sys_futex.patch \ > - file://mariadb-openssl3.patch \ > file://cross-compiling.patch \ > file://0001-sql-CMakeLists.txt-fix-gen_lex_hash-not-found.patch \ > " > SRC_URI:append:libc-musl = " file://ppc-remove-glibc-dep.patch" > > -SRC_URI[sha256sum] = "73dd9c9d325520f20ca5e0ef16f94b7be1146bed7e4a78e735c20daebf3a4173" > +SRC_URI[sha256sum] = "fd2f9fa3f135823c1626c9700e3bd736b829bfc09f61f5557d7313a7c9e02c29" > > UPSTREAM_CHECK_URI = "https://github.com/MariaDB/server/releases" > > diff --git a/meta-oe/recipes-dbs/mysql/mariadb/mariadb-openssl3.patch b/meta-oe/recipes-dbs/mysql/mariadb/mariadb-openssl3.patch > deleted file mode 100644 > index 878675f30..000000000 > --- a/meta-oe/recipes-dbs/mysql/mariadb/mariadb-openssl3.patch > +++ /dev/null > @@ -1,416 +0,0 @@ > -From 1626955f3a2107ec4c7fd927ebfa3c6c1d2b09b8 Mon Sep 17 00:00:00 2001 > -From: Vladislav Vaintroub <wlad@mariadb.com> > -Date: Mon, 8 Nov 2021 18:48:19 +0100 > -Subject: [PATCH] MDEV-25785 Add support for OpenSSL 3.0 > - > -Summary of changes > - > -- MD_CTX_SIZE is increased > - > -- EVP_CIPHER_CTX_buf_noconst(ctx) does not work anymore, points > - to nobody knows where. The assumption made previously was that > - (since the function does not seem to be documented) > - was that it points to the last partial source block. > - Add own partial block buffer for NOPAD encryption instead > - > -- SECLEVEL in CipherString in openssl.cnf > - had been downgraded to 0, from 1, to make TLSv1.0 and TLSv1.1 possible > - > -- Workaround Ssl_cipher_list issue, it now returns TLSv1.3 ciphers, > - in addition to what was set in --ssl-cipher > - > -- ctx_buf buffer now must be aligned to 16 bytes with openssl( > - previously with WolfSSL only), ot crashes will happen > - > -- updated aes-t , to be better debuggable > - using function, rather than a huge multiline macro > - added test that does "nopad" encryption piece-wise, to test > - replacement of EVP_CIPHER_CTX_buf_noconst > - > -Patch from Fedora https://src.fedoraproject.org/rpms/mariadb/raw/rawhide/f/mariadb-openssl3.patch > - > -Upstream-Status: Backport [https://github.com/MariaDB/server/commit/d42c2efbaa06a0307c2f0fd8fa87819ff50bbd7e] > -Signed-off-by: Khem Raj <raj.khem@gmail.com> > -Signed-off-by: Mingli Yu <mingli.yu@windriver.com> > ---- > - cmake/ssl.cmake | 21 +++++- > - include/mysql/service_my_crypt.h | 2 +- > - include/ssl_compat.h | 3 +- > - mysql-test/lib/openssl.cnf | 2 +- > - mysql-test/main/ssl_cipher.result | 6 +- > - mysql-test/main/ssl_cipher.test | 2 +- > - mysys_ssl/my_crypt.cc | 46 +++++++----- > - unittest/mysys/aes-t.c | 121 ++++++++++++++++++++++-------- > - 8 files changed, 143 insertions(+), 60 deletions(-) > - > -diff --git a/cmake/ssl.cmake b/cmake/ssl.cmake > -index a6793cf3..64c93ff9 100644 > ---- a/cmake/ssl.cmake > -+++ b/cmake/ssl.cmake > -@@ -118,7 +118,7 @@ MACRO (MYSQL_CHECK_SSL) > - ENDIF() > - FIND_PACKAGE(OpenSSL) > - SET_PACKAGE_PROPERTIES(OpenSSL PROPERTIES TYPE RECOMMENDED) > -- IF(OPENSSL_FOUND AND OPENSSL_VERSION AND OPENSSL_VERSION VERSION_LESS "3.0.0") > -+ IF(OPENSSL_FOUND) > - SET(OPENSSL_LIBRARY ${OPENSSL_SSL_LIBRARY}) > - INCLUDE(CheckSymbolExists) > - SET(SSL_SOURCES "") > -@@ -139,9 +139,20 @@ MACRO (MYSQL_CHECK_SSL) > - SET(SSL_INTERNAL_INCLUDE_DIRS "") > - SET(SSL_DEFINES "-DHAVE_OPENSSL") > - > -+ FOREACH(x INCLUDES LIBRARIES DEFINITIONS) > -+ SET(SAVE_CMAKE_REQUIRED_${x} ${CMAKE_REQUIRED_${x}}) > -+ ENDFOREACH() > -+ > -+ # Silence "deprecated in OpenSSL 3.0" > -+ IF((NOT OPENSSL_VERSION) # 3.0 not determined by older cmake > -+ OR NOT(OPENSSL_VERSION VERSION_LESS "3.0.0")) > -+ SET(SSL_DEFINES "${SSL_DEFINES} -DOPENSSL_API_COMPAT=0x10100000L") > -+ SET(CMAKE_REQUIRED_DEFINITIONS -DOPENSSL_API_COMPAT=0x10100000L) > -+ ENDIF() > -+ > - SET(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR}) > - SET(CMAKE_REQUIRED_LIBRARIES ${SSL_LIBRARIES}) > -- SET(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR}) > -+ > - CHECK_SYMBOL_EXISTS(ERR_remove_thread_state "openssl/err.h" > - HAVE_ERR_remove_thread_state) > - CHECK_SYMBOL_EXISTS(EVP_aes_128_ctr "openssl/evp.h" > -@@ -150,8 +161,10 @@ MACRO (MYSQL_CHECK_SSL) > - HAVE_EncryptAes128Gcm) > - CHECK_SYMBOL_EXISTS(X509_check_host "openssl/x509v3.h" > - HAVE_X509_check_host) > -- SET(CMAKE_REQUIRED_INCLUDES) > -- SET(CMAKE_REQUIRED_LIBRARIES) > -+ > -+ FOREACH(x INCLUDES LIBRARIES DEFINITIONS) > -+ SET(CMAKE_REQUIRED_${x} ${SAVE_CMAKE_REQUIRED_${x}}) > -+ ENDFOREACH() > - ELSE() > - IF(WITH_SSL STREQUAL "system") > - MESSAGE(FATAL_ERROR "Cannot find appropriate system libraries for SSL. Use WITH_SSL=bundled to enable SSL support") > -diff --git a/include/mysql/service_my_crypt.h b/include/mysql/service_my_crypt.h > -index 2a232117..bb038aaa 100644 > ---- a/include/mysql/service_my_crypt.h > -+++ b/include/mysql/service_my_crypt.h > -@@ -45,7 +45,7 @@ extern "C" { > - /* The max key length of all supported algorithms */ > - #define MY_AES_MAX_KEY_LENGTH 32 > - > --#define MY_AES_CTX_SIZE 656 > -+#define MY_AES_CTX_SIZE 672 > - > - enum my_aes_mode { > - MY_AES_ECB, MY_AES_CBC > -diff --git a/include/ssl_compat.h b/include/ssl_compat.h > -index 8dc12254..6db1baab 100644 > ---- a/include/ssl_compat.h > -+++ b/include/ssl_compat.h > -@@ -24,7 +24,7 @@ > - #define SSL_LIBRARY OpenSSL_version(OPENSSL_VERSION) > - #define ERR_remove_state(X) ERR_clear_error() > - #define EVP_CIPHER_CTX_SIZE 176 > --#define EVP_MD_CTX_SIZE 48 > -+#define EVP_MD_CTX_SIZE 72 > - #undef EVP_MD_CTX_init > - #define EVP_MD_CTX_init(X) do { memset((X), 0, EVP_MD_CTX_SIZE); EVP_MD_CTX_reset(X); } while(0) > - #undef EVP_CIPHER_CTX_init > -@@ -77,7 +77,6 @@ > - #define DH_set0_pqg(D,P,Q,G) ((D)->p= (P), (D)->g= (G)) > - #endif > - > --#define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf) > - #define EVP_CIPHER_CTX_encrypting(ctx) ((ctx)->encrypt) > - #define EVP_CIPHER_CTX_SIZE sizeof(EVP_CIPHER_CTX) > - > -diff --git a/mysql-test/lib/openssl.cnf b/mysql-test/lib/openssl.cnf > -index b9ab37ac..7cd6f748 100644 > ---- a/mysql-test/lib/openssl.cnf > -+++ b/mysql-test/lib/openssl.cnf > -@@ -9,4 +9,4 @@ ssl_conf = ssl_section > - system_default = system_default_section > - > - [system_default_section] > --CipherString = ALL:@SECLEVEL=1 > -+CipherString = ALL:@SECLEVEL=0 > -diff --git a/mysql-test/main/ssl_cipher.result b/mysql-test/main/ssl_cipher.result > -index 930d384e..66d817b7 100644 > ---- a/mysql-test/main/ssl_cipher.result > -+++ b/mysql-test/main/ssl_cipher.result > -@@ -61,8 +61,8 @@ connect ssl_con,localhost,root,,,,,SSL; > - SHOW STATUS LIKE 'Ssl_cipher'; > - Variable_name Value > - Ssl_cipher AES128-SHA > --SHOW STATUS LIKE 'Ssl_cipher_list'; > --Variable_name Value > --Ssl_cipher_list AES128-SHA > -+SELECT VARIABLE_VALUE like '%AES128-SHA%' FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher_list'; > -+VARIABLE_VALUE like '%AES128-SHA%' > -+1 > - disconnect ssl_con; > - connection default; > -diff --git a/mysql-test/main/ssl_cipher.test b/mysql-test/main/ssl_cipher.test > -index 36549d76..d4cdcffb 100644 > ---- a/mysql-test/main/ssl_cipher.test > -+++ b/mysql-test/main/ssl_cipher.test > -@@ -98,6 +98,6 @@ let $restart_parameters=--ssl-cipher=AES128-SHA; > - source include/restart_mysqld.inc; > - connect (ssl_con,localhost,root,,,,,SSL); > - SHOW STATUS LIKE 'Ssl_cipher'; > --SHOW STATUS LIKE 'Ssl_cipher_list'; > -+SELECT VARIABLE_VALUE like '%AES128-SHA%' FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher_list'; > - disconnect ssl_con; > - connection default; > -diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc > -index e512eee9..4d7ebc7b 100644 > ---- a/mysys_ssl/my_crypt.cc > -+++ b/mysys_ssl/my_crypt.cc > -@@ -29,11 +29,7 @@ > - #include <ssl_compat.h> > - #include <cstdint> > - > --#ifdef HAVE_WOLFSSL > - #define CTX_ALIGN 16 > --#else > --#define CTX_ALIGN 0 > --#endif > - > - class MyCTX > - { > -@@ -100,8 +96,9 @@ class MyCTX_nopad : public MyCTX > - { > - public: > - const uchar *key; > -- uint klen, buf_len; > -+ uint klen, source_tail_len; > - uchar oiv[MY_AES_BLOCK_SIZE]; > -+ uchar source_tail[MY_AES_BLOCK_SIZE]; > - > - MyCTX_nopad() : MyCTX() { } > - ~MyCTX_nopad() { } > -@@ -112,7 +109,7 @@ class MyCTX_nopad : public MyCTX > - compile_time_assert(MY_AES_CTX_SIZE >= sizeof(MyCTX_nopad)); > - this->key= key; > - this->klen= klen; > -- this->buf_len= 0; > -+ this->source_tail_len= 0; > - if (ivlen) > - memcpy(oiv, iv, ivlen); > - DBUG_ASSERT(ivlen == 0 || ivlen == sizeof(oiv)); > -@@ -123,26 +120,41 @@ class MyCTX_nopad : public MyCTX > - return res; > - } > - > -+ /** Update last partial source block, stored in source_tail array. */ > -+ void update_source_tail(const uchar* src, uint slen) > -+ { > -+ if (!slen) > -+ return; > -+ uint new_tail_len= (source_tail_len + slen) % MY_AES_BLOCK_SIZE; > -+ if (new_tail_len) > -+ { > -+ if (slen + source_tail_len < MY_AES_BLOCK_SIZE) > -+ { > -+ memcpy(source_tail + source_tail_len, src, slen); > -+ } > -+ else > -+ { > -+ DBUG_ASSERT(slen > new_tail_len); > -+ memcpy(source_tail, src + slen - new_tail_len, new_tail_len); > -+ } > -+ } > -+ source_tail_len= new_tail_len; > -+ } > -+ > - int update(const uchar *src, uint slen, uchar *dst, uint *dlen) > - { > -- buf_len+= slen; > -+ update_source_tail(src, slen); > - return MyCTX::update(src, slen, dst, dlen); > - } > - > - int finish(uchar *dst, uint *dlen) > - { > -- buf_len %= MY_AES_BLOCK_SIZE; > -- if (buf_len) > -+ if (source_tail_len) > - { > -- uchar *buf= EVP_CIPHER_CTX_buf_noconst(ctx); > - /* > - Not much we can do, block ciphers cannot encrypt data that aren't > - a multiple of the block length. At least not without padding. > - Let's do something CTR-like for the last partial block. > -- > -- NOTE this assumes that there are only buf_len bytes in the buf. > -- If OpenSSL will change that, we'll need to change the implementation > -- of this class too. > - */ > - uchar mask[MY_AES_BLOCK_SIZE]; > - uint mlen; > -@@ -154,10 +166,10 @@ class MyCTX_nopad : public MyCTX > - return rc; > - DBUG_ASSERT(mlen == sizeof(mask)); > - > -- for (uint i=0; i < buf_len; i++) > -- dst[i]= buf[i] ^ mask[i]; > -+ for (uint i=0; i < source_tail_len; i++) > -+ dst[i]= source_tail[i] ^ mask[i]; > - } > -- *dlen= buf_len; > -+ *dlen= source_tail_len; > - return MY_AES_OK; > - } > - }; > -diff --git a/unittest/mysys/aes-t.c b/unittest/mysys/aes-t.c > -index 34704e06..cbec2760 100644 > ---- a/unittest/mysys/aes-t.c > -+++ b/unittest/mysys/aes-t.c > -@@ -21,27 +21,96 @@ > - #include <string.h> > - #include <ctype.h> > - > --#define DO_TEST(mode, nopad, slen, fill, dlen, hash) \ > -- SKIP_BLOCK_IF(mode == 0xDEADBEAF, nopad ? 4 : 5, #mode " not supported") \ > -- { \ > -- memset(src, fill, src_len= slen); \ > -- ok(my_aes_crypt(mode, nopad | ENCRYPTION_FLAG_ENCRYPT, \ > -- src, src_len, dst, &dst_len, \ > -- key, sizeof(key), iv, sizeof(iv)) == MY_AES_OK, \ > -- "encrypt " #mode " %u %s", src_len, nopad ? "nopad" : "pad"); \ > -- if (!nopad) \ > -- ok (dst_len == my_aes_get_size(mode, src_len), "my_aes_get_size");\ > -- my_md5(md5, (char*)dst, dst_len); \ > -- ok(dst_len == dlen && memcmp(md5, hash, sizeof(md5)) == 0, "md5"); \ > -- ok(my_aes_crypt(mode, nopad | ENCRYPTION_FLAG_DECRYPT, \ > -- dst, dst_len, ddst, &ddst_len, \ > -- key, sizeof(key), iv, sizeof(iv)) == MY_AES_OK, \ > -- "decrypt " #mode " %u", dst_len); \ > -- ok(ddst_len == src_len && memcmp(src, ddst, src_len) == 0, "memcmp"); \ > -+ > -+/** Test streaming encryption, bytewise update.*/ > -+static int aes_crypt_bytewise(enum my_aes_mode mode, int flags, const unsigned char *src, > -+ unsigned int slen, unsigned char *dst, unsigned int *dlen, > -+ const unsigned char *key, unsigned int klen, > -+ const unsigned char *iv, unsigned int ivlen) > -+{ > -+ /* Allocate context on odd address on stack, in order to > -+ catch misalignment errors.*/ > -+ void *ctx= (char *)alloca(MY_AES_CTX_SIZE+1)+1; > -+ > -+ int res1, res2; > -+ uint d1= 0, d2; > -+ uint i; > -+ > -+ if ((res1= my_aes_crypt_init(ctx, mode, flags, key, klen, iv, ivlen))) > -+ return res1; > -+ for (i= 0; i < slen; i++) > -+ { > -+ uint tmp_d1=0; > -+ res1= my_aes_crypt_update(ctx, src+i,1, dst, &tmp_d1); > -+ if (res1) > -+ return res1; > -+ d1+= tmp_d1; > -+ dst+= tmp_d1; > -+ } > -+ res2= my_aes_crypt_finish(ctx, dst, &d2); > -+ *dlen= d1 + d2; > -+ return res1 ? res1 : res2; > -+} > -+ > -+ > -+#ifndef HAVE_EncryptAes128Ctr > -+const uint MY_AES_CTR=0xDEADBEAF; > -+#endif > -+#ifndef HAVE_EncryptAes128Gcm > -+const uint MY_AES_GCM=0xDEADBEAF; > -+#endif > -+ > -+#define MY_AES_UNSUPPORTED(x) (x == 0xDEADBEAF) > -+ > -+static void do_test(uint mode, const char *mode_str, int nopad, uint slen, > -+ char fill, size_t dlen, const char *hash) > -+{ > -+ uchar key[16]= {1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6}; > -+ uchar iv[16]= {2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7}; > -+ uchar src[1000], dst[1100], dst2[1100], ddst[1000]; > -+ uchar md5[MY_MD5_HASH_SIZE]; > -+ uint src_len, dst_len, dst_len2, ddst_len; > -+ int result; > -+ > -+ if (MY_AES_UNSUPPORTED(mode)) > -+ { > -+ skip(nopad?7:6, "%s not supported", mode_str); > -+ return; > -+ } > -+ memset(src, fill, src_len= slen); > -+ result= my_aes_crypt(mode, nopad | ENCRYPTION_FLAG_ENCRYPT, src, src_len, > -+ dst, &dst_len, key, sizeof(key), iv, sizeof(iv)); > -+ ok(result == MY_AES_OK, "encrypt %s %u %s", mode_str, src_len, > -+ nopad ? "nopad" : "pad"); > -+ > -+ if (nopad) > -+ { > -+ result= aes_crypt_bytewise(mode, nopad | ENCRYPTION_FLAG_ENCRYPT, src, > -+ src_len, dst2, &dst_len2, key, sizeof(key), > -+ iv, sizeof(iv)); > -+ ok(result == MY_AES_OK, "encrypt bytewise %s %u", mode_str, src_len); > -+ /* Compare with non-bytewise encryption result*/ > -+ ok(dst_len == dst_len2 && memcmp(dst, dst2, dst_len) == 0, > -+ "memcmp bytewise %s %u", mode_str, src_len); > -+ } > -+ else > -+ { > -+ int dst_len_real= my_aes_get_size(mode, src_len); > -+ ok(dst_len_real= dst_len, "my_aes_get_size"); > - } > -+ my_md5(md5, (char *) dst, dst_len); > -+ ok(dst_len == dlen, "md5 len"); > -+ ok(memcmp(md5, hash, sizeof(md5)) == 0, "md5"); > -+ result= my_aes_crypt(mode, nopad | ENCRYPTION_FLAG_DECRYPT, > -+ dst, dst_len, ddst, &ddst_len, key, sizeof(key), iv, > -+ sizeof(iv)); > -+ > -+ ok(result == MY_AES_OK, "decrypt %s %u", mode_str, dst_len); > -+ ok(ddst_len == src_len && memcmp(src, ddst, src_len) == 0, "memcmp"); > -+} > - > --#define DO_TEST_P(M,S,F,D,H) DO_TEST(M,0,S,F,D,H) > --#define DO_TEST_N(M,S,F,D,H) DO_TEST(M,ENCRYPTION_FLAG_NOPAD,S,F,D,H) > -+#define DO_TEST_P(M, S, F, D, H) do_test(M, #M, 0, S, F, D, H) > -+#define DO_TEST_N(M, S, F, D, H) do_test(M, #M, ENCRYPTION_FLAG_NOPAD, S, F, D, H) > - > - /* useful macro for debugging */ > - #define PRINT_MD5() \ > -@@ -53,25 +122,15 @@ > - printf("\"\n"); \ > - } while(0); > - > --#ifndef HAVE_EncryptAes128Ctr > --const uint MY_AES_CTR=0xDEADBEAF; > --#endif > --#ifndef HAVE_EncryptAes128Gcm > --const uint MY_AES_GCM=0xDEADBEAF; > --#endif > - > - int > - main(int argc __attribute__((unused)),char *argv[]) > - { > -- uchar key[16]= {1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6}; > -- uchar iv[16]= {2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7}; > -- uchar src[1000], dst[1100], ddst[1000]; > -- uchar md5[MY_MD5_HASH_SIZE]; > -- uint src_len, dst_len, ddst_len; > - > - MY_INIT(argv[0]); > - > -- plan(87); > -+ plan(122); > -+ > - DO_TEST_P(MY_AES_ECB, 200, '.', 208, "\xd8\x73\x8e\x3a\xbc\x66\x99\x13\x7f\x90\x23\x52\xee\x97\x6f\x9a"); > - DO_TEST_P(MY_AES_ECB, 128, '?', 144, "\x19\x58\x33\x85\x4c\xaa\x7f\x06\xd1\xb2\xec\xd7\xb7\x6a\xa9\x5b"); > - DO_TEST_P(MY_AES_CBC, 159, '%', 160, "\x4b\x03\x18\x3d\xf1\xa7\xcd\xa1\x46\xb3\xc6\x8a\x92\xc0\x0f\xc9"); > --- > -2.25.1 > - > diff --git a/meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb b/meta-oe/recipes-dbs/mysql/mariadb_10.7.7.bb > similarity index 91% > rename from meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb > rename to meta-oe/recipes-dbs/mysql/mariadb_10.7.7.bb > index 8dba5c858..87faabfa2 100644 > --- a/meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb > +++ b/meta-oe/recipes-dbs/mysql/mariadb_10.7.7.bb > @@ -1,7 +1,7 @@ > require mariadb.inc > > DEPENDS += "mariadb-native bison-native boost libpcre2 curl ncurses \ > - zlib libaio libedit libevent libxml2 gnutls fmt lzo" > + zlib libaio libedit libevent libxml2 gnutls fmt lzo zstd" > > PROVIDES += "mysql5 libmysqlclient" > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#100198): https://lists.openembedded.org/g/openembedded-devel/message/100198 > Mute This Topic: https://lists.openembedded.org/mt/95841726/3616698 > Group Owner: openembedded-devel+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [akuster808@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- >
diff --git a/meta-oe/recipes-dbs/mysql/mariadb-native_10.7.4.bb b/meta-oe/recipes-dbs/mysql/mariadb-native_10.7.7.bb similarity index 100% rename from meta-oe/recipes-dbs/mysql/mariadb-native_10.7.4.bb rename to meta-oe/recipes-dbs/mysql/mariadb-native_10.7.7.bb diff --git a/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-oe/recipes-dbs/mysql/mariadb.inc index 23322cf74..097766e79 100644 --- a/meta-oe/recipes-dbs/mysql/mariadb.inc +++ b/meta-oe/recipes-dbs/mysql/mariadb.inc @@ -19,13 +19,12 @@ SRC_URI = "https://archive.mariadb.org/${BP}/source/${BP}.tar.gz \ file://ssize_t.patch \ file://mm_malloc.patch \ file://sys_futex.patch \ - file://mariadb-openssl3.patch \ file://cross-compiling.patch \ file://0001-sql-CMakeLists.txt-fix-gen_lex_hash-not-found.patch \ " SRC_URI:append:libc-musl = " file://ppc-remove-glibc-dep.patch" -SRC_URI[sha256sum] = "73dd9c9d325520f20ca5e0ef16f94b7be1146bed7e4a78e735c20daebf3a4173" +SRC_URI[sha256sum] = "fd2f9fa3f135823c1626c9700e3bd736b829bfc09f61f5557d7313a7c9e02c29" UPSTREAM_CHECK_URI = "https://github.com/MariaDB/server/releases" diff --git a/meta-oe/recipes-dbs/mysql/mariadb/mariadb-openssl3.patch b/meta-oe/recipes-dbs/mysql/mariadb/mariadb-openssl3.patch deleted file mode 100644 index 878675f30..000000000 --- a/meta-oe/recipes-dbs/mysql/mariadb/mariadb-openssl3.patch +++ /dev/null @@ -1,416 +0,0 @@ -From 1626955f3a2107ec4c7fd927ebfa3c6c1d2b09b8 Mon Sep 17 00:00:00 2001 -From: Vladislav Vaintroub <wlad@mariadb.com> -Date: Mon, 8 Nov 2021 18:48:19 +0100 -Subject: [PATCH] MDEV-25785 Add support for OpenSSL 3.0 - -Summary of changes - -- MD_CTX_SIZE is increased - -- EVP_CIPHER_CTX_buf_noconst(ctx) does not work anymore, points - to nobody knows where. The assumption made previously was that - (since the function does not seem to be documented) - was that it points to the last partial source block. - Add own partial block buffer for NOPAD encryption instead - -- SECLEVEL in CipherString in openssl.cnf - had been downgraded to 0, from 1, to make TLSv1.0 and TLSv1.1 possible - -- Workaround Ssl_cipher_list issue, it now returns TLSv1.3 ciphers, - in addition to what was set in --ssl-cipher - -- ctx_buf buffer now must be aligned to 16 bytes with openssl( - previously with WolfSSL only), ot crashes will happen - -- updated aes-t , to be better debuggable - using function, rather than a huge multiline macro - added test that does "nopad" encryption piece-wise, to test - replacement of EVP_CIPHER_CTX_buf_noconst - -Patch from Fedora https://src.fedoraproject.org/rpms/mariadb/raw/rawhide/f/mariadb-openssl3.patch - -Upstream-Status: Backport [https://github.com/MariaDB/server/commit/d42c2efbaa06a0307c2f0fd8fa87819ff50bbd7e] -Signed-off-by: Khem Raj <raj.khem@gmail.com> -Signed-off-by: Mingli Yu <mingli.yu@windriver.com> ---- - cmake/ssl.cmake | 21 +++++- - include/mysql/service_my_crypt.h | 2 +- - include/ssl_compat.h | 3 +- - mysql-test/lib/openssl.cnf | 2 +- - mysql-test/main/ssl_cipher.result | 6 +- - mysql-test/main/ssl_cipher.test | 2 +- - mysys_ssl/my_crypt.cc | 46 +++++++----- - unittest/mysys/aes-t.c | 121 ++++++++++++++++++++++-------- - 8 files changed, 143 insertions(+), 60 deletions(-) - -diff --git a/cmake/ssl.cmake b/cmake/ssl.cmake -index a6793cf3..64c93ff9 100644 ---- a/cmake/ssl.cmake -+++ b/cmake/ssl.cmake -@@ -118,7 +118,7 @@ MACRO (MYSQL_CHECK_SSL) - ENDIF() - FIND_PACKAGE(OpenSSL) - SET_PACKAGE_PROPERTIES(OpenSSL PROPERTIES TYPE RECOMMENDED) -- IF(OPENSSL_FOUND AND OPENSSL_VERSION AND OPENSSL_VERSION VERSION_LESS "3.0.0") -+ IF(OPENSSL_FOUND) - SET(OPENSSL_LIBRARY ${OPENSSL_SSL_LIBRARY}) - INCLUDE(CheckSymbolExists) - SET(SSL_SOURCES "") -@@ -139,9 +139,20 @@ MACRO (MYSQL_CHECK_SSL) - SET(SSL_INTERNAL_INCLUDE_DIRS "") - SET(SSL_DEFINES "-DHAVE_OPENSSL") - -+ FOREACH(x INCLUDES LIBRARIES DEFINITIONS) -+ SET(SAVE_CMAKE_REQUIRED_${x} ${CMAKE_REQUIRED_${x}}) -+ ENDFOREACH() -+ -+ # Silence "deprecated in OpenSSL 3.0" -+ IF((NOT OPENSSL_VERSION) # 3.0 not determined by older cmake -+ OR NOT(OPENSSL_VERSION VERSION_LESS "3.0.0")) -+ SET(SSL_DEFINES "${SSL_DEFINES} -DOPENSSL_API_COMPAT=0x10100000L") -+ SET(CMAKE_REQUIRED_DEFINITIONS -DOPENSSL_API_COMPAT=0x10100000L) -+ ENDIF() -+ - SET(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR}) - SET(CMAKE_REQUIRED_LIBRARIES ${SSL_LIBRARIES}) -- SET(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR}) -+ - CHECK_SYMBOL_EXISTS(ERR_remove_thread_state "openssl/err.h" - HAVE_ERR_remove_thread_state) - CHECK_SYMBOL_EXISTS(EVP_aes_128_ctr "openssl/evp.h" -@@ -150,8 +161,10 @@ MACRO (MYSQL_CHECK_SSL) - HAVE_EncryptAes128Gcm) - CHECK_SYMBOL_EXISTS(X509_check_host "openssl/x509v3.h" - HAVE_X509_check_host) -- SET(CMAKE_REQUIRED_INCLUDES) -- SET(CMAKE_REQUIRED_LIBRARIES) -+ -+ FOREACH(x INCLUDES LIBRARIES DEFINITIONS) -+ SET(CMAKE_REQUIRED_${x} ${SAVE_CMAKE_REQUIRED_${x}}) -+ ENDFOREACH() - ELSE() - IF(WITH_SSL STREQUAL "system") - MESSAGE(FATAL_ERROR "Cannot find appropriate system libraries for SSL. Use WITH_SSL=bundled to enable SSL support") -diff --git a/include/mysql/service_my_crypt.h b/include/mysql/service_my_crypt.h -index 2a232117..bb038aaa 100644 ---- a/include/mysql/service_my_crypt.h -+++ b/include/mysql/service_my_crypt.h -@@ -45,7 +45,7 @@ extern "C" { - /* The max key length of all supported algorithms */ - #define MY_AES_MAX_KEY_LENGTH 32 - --#define MY_AES_CTX_SIZE 656 -+#define MY_AES_CTX_SIZE 672 - - enum my_aes_mode { - MY_AES_ECB, MY_AES_CBC -diff --git a/include/ssl_compat.h b/include/ssl_compat.h -index 8dc12254..6db1baab 100644 ---- a/include/ssl_compat.h -+++ b/include/ssl_compat.h -@@ -24,7 +24,7 @@ - #define SSL_LIBRARY OpenSSL_version(OPENSSL_VERSION) - #define ERR_remove_state(X) ERR_clear_error() - #define EVP_CIPHER_CTX_SIZE 176 --#define EVP_MD_CTX_SIZE 48 -+#define EVP_MD_CTX_SIZE 72 - #undef EVP_MD_CTX_init - #define EVP_MD_CTX_init(X) do { memset((X), 0, EVP_MD_CTX_SIZE); EVP_MD_CTX_reset(X); } while(0) - #undef EVP_CIPHER_CTX_init -@@ -77,7 +77,6 @@ - #define DH_set0_pqg(D,P,Q,G) ((D)->p= (P), (D)->g= (G)) - #endif - --#define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf) - #define EVP_CIPHER_CTX_encrypting(ctx) ((ctx)->encrypt) - #define EVP_CIPHER_CTX_SIZE sizeof(EVP_CIPHER_CTX) - -diff --git a/mysql-test/lib/openssl.cnf b/mysql-test/lib/openssl.cnf -index b9ab37ac..7cd6f748 100644 ---- a/mysql-test/lib/openssl.cnf -+++ b/mysql-test/lib/openssl.cnf -@@ -9,4 +9,4 @@ ssl_conf = ssl_section - system_default = system_default_section - - [system_default_section] --CipherString = ALL:@SECLEVEL=1 -+CipherString = ALL:@SECLEVEL=0 -diff --git a/mysql-test/main/ssl_cipher.result b/mysql-test/main/ssl_cipher.result -index 930d384e..66d817b7 100644 ---- a/mysql-test/main/ssl_cipher.result -+++ b/mysql-test/main/ssl_cipher.result -@@ -61,8 +61,8 @@ connect ssl_con,localhost,root,,,,,SSL; - SHOW STATUS LIKE 'Ssl_cipher'; - Variable_name Value - Ssl_cipher AES128-SHA --SHOW STATUS LIKE 'Ssl_cipher_list'; --Variable_name Value --Ssl_cipher_list AES128-SHA -+SELECT VARIABLE_VALUE like '%AES128-SHA%' FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher_list'; -+VARIABLE_VALUE like '%AES128-SHA%' -+1 - disconnect ssl_con; - connection default; -diff --git a/mysql-test/main/ssl_cipher.test b/mysql-test/main/ssl_cipher.test -index 36549d76..d4cdcffb 100644 ---- a/mysql-test/main/ssl_cipher.test -+++ b/mysql-test/main/ssl_cipher.test -@@ -98,6 +98,6 @@ let $restart_parameters=--ssl-cipher=AES128-SHA; - source include/restart_mysqld.inc; - connect (ssl_con,localhost,root,,,,,SSL); - SHOW STATUS LIKE 'Ssl_cipher'; --SHOW STATUS LIKE 'Ssl_cipher_list'; -+SELECT VARIABLE_VALUE like '%AES128-SHA%' FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher_list'; - disconnect ssl_con; - connection default; -diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc -index e512eee9..4d7ebc7b 100644 ---- a/mysys_ssl/my_crypt.cc -+++ b/mysys_ssl/my_crypt.cc -@@ -29,11 +29,7 @@ - #include <ssl_compat.h> - #include <cstdint> - --#ifdef HAVE_WOLFSSL - #define CTX_ALIGN 16 --#else --#define CTX_ALIGN 0 --#endif - - class MyCTX - { -@@ -100,8 +96,9 @@ class MyCTX_nopad : public MyCTX - { - public: - const uchar *key; -- uint klen, buf_len; -+ uint klen, source_tail_len; - uchar oiv[MY_AES_BLOCK_SIZE]; -+ uchar source_tail[MY_AES_BLOCK_SIZE]; - - MyCTX_nopad() : MyCTX() { } - ~MyCTX_nopad() { } -@@ -112,7 +109,7 @@ class MyCTX_nopad : public MyCTX - compile_time_assert(MY_AES_CTX_SIZE >= sizeof(MyCTX_nopad)); - this->key= key; - this->klen= klen; -- this->buf_len= 0; -+ this->source_tail_len= 0; - if (ivlen) - memcpy(oiv, iv, ivlen); - DBUG_ASSERT(ivlen == 0 || ivlen == sizeof(oiv)); -@@ -123,26 +120,41 @@ class MyCTX_nopad : public MyCTX - return res; - } - -+ /** Update last partial source block, stored in source_tail array. */ -+ void update_source_tail(const uchar* src, uint slen) -+ { -+ if (!slen) -+ return; -+ uint new_tail_len= (source_tail_len + slen) % MY_AES_BLOCK_SIZE; -+ if (new_tail_len) -+ { -+ if (slen + source_tail_len < MY_AES_BLOCK_SIZE) -+ { -+ memcpy(source_tail + source_tail_len, src, slen); -+ } -+ else -+ { -+ DBUG_ASSERT(slen > new_tail_len); -+ memcpy(source_tail, src + slen - new_tail_len, new_tail_len); -+ } -+ } -+ source_tail_len= new_tail_len; -+ } -+ - int update(const uchar *src, uint slen, uchar *dst, uint *dlen) - { -- buf_len+= slen; -+ update_source_tail(src, slen); - return MyCTX::update(src, slen, dst, dlen); - } - - int finish(uchar *dst, uint *dlen) - { -- buf_len %= MY_AES_BLOCK_SIZE; -- if (buf_len) -+ if (source_tail_len) - { -- uchar *buf= EVP_CIPHER_CTX_buf_noconst(ctx); - /* - Not much we can do, block ciphers cannot encrypt data that aren't - a multiple of the block length. At least not without padding. - Let's do something CTR-like for the last partial block. -- -- NOTE this assumes that there are only buf_len bytes in the buf. -- If OpenSSL will change that, we'll need to change the implementation -- of this class too. - */ - uchar mask[MY_AES_BLOCK_SIZE]; - uint mlen; -@@ -154,10 +166,10 @@ class MyCTX_nopad : public MyCTX - return rc; - DBUG_ASSERT(mlen == sizeof(mask)); - -- for (uint i=0; i < buf_len; i++) -- dst[i]= buf[i] ^ mask[i]; -+ for (uint i=0; i < source_tail_len; i++) -+ dst[i]= source_tail[i] ^ mask[i]; - } -- *dlen= buf_len; -+ *dlen= source_tail_len; - return MY_AES_OK; - } - }; -diff --git a/unittest/mysys/aes-t.c b/unittest/mysys/aes-t.c -index 34704e06..cbec2760 100644 ---- a/unittest/mysys/aes-t.c -+++ b/unittest/mysys/aes-t.c -@@ -21,27 +21,96 @@ - #include <string.h> - #include <ctype.h> - --#define DO_TEST(mode, nopad, slen, fill, dlen, hash) \ -- SKIP_BLOCK_IF(mode == 0xDEADBEAF, nopad ? 4 : 5, #mode " not supported") \ -- { \ -- memset(src, fill, src_len= slen); \ -- ok(my_aes_crypt(mode, nopad | ENCRYPTION_FLAG_ENCRYPT, \ -- src, src_len, dst, &dst_len, \ -- key, sizeof(key), iv, sizeof(iv)) == MY_AES_OK, \ -- "encrypt " #mode " %u %s", src_len, nopad ? "nopad" : "pad"); \ -- if (!nopad) \ -- ok (dst_len == my_aes_get_size(mode, src_len), "my_aes_get_size");\ -- my_md5(md5, (char*)dst, dst_len); \ -- ok(dst_len == dlen && memcmp(md5, hash, sizeof(md5)) == 0, "md5"); \ -- ok(my_aes_crypt(mode, nopad | ENCRYPTION_FLAG_DECRYPT, \ -- dst, dst_len, ddst, &ddst_len, \ -- key, sizeof(key), iv, sizeof(iv)) == MY_AES_OK, \ -- "decrypt " #mode " %u", dst_len); \ -- ok(ddst_len == src_len && memcmp(src, ddst, src_len) == 0, "memcmp"); \ -+ -+/** Test streaming encryption, bytewise update.*/ -+static int aes_crypt_bytewise(enum my_aes_mode mode, int flags, const unsigned char *src, -+ unsigned int slen, unsigned char *dst, unsigned int *dlen, -+ const unsigned char *key, unsigned int klen, -+ const unsigned char *iv, unsigned int ivlen) -+{ -+ /* Allocate context on odd address on stack, in order to -+ catch misalignment errors.*/ -+ void *ctx= (char *)alloca(MY_AES_CTX_SIZE+1)+1; -+ -+ int res1, res2; -+ uint d1= 0, d2; -+ uint i; -+ -+ if ((res1= my_aes_crypt_init(ctx, mode, flags, key, klen, iv, ivlen))) -+ return res1; -+ for (i= 0; i < slen; i++) -+ { -+ uint tmp_d1=0; -+ res1= my_aes_crypt_update(ctx, src+i,1, dst, &tmp_d1); -+ if (res1) -+ return res1; -+ d1+= tmp_d1; -+ dst+= tmp_d1; -+ } -+ res2= my_aes_crypt_finish(ctx, dst, &d2); -+ *dlen= d1 + d2; -+ return res1 ? res1 : res2; -+} -+ -+ -+#ifndef HAVE_EncryptAes128Ctr -+const uint MY_AES_CTR=0xDEADBEAF; -+#endif -+#ifndef HAVE_EncryptAes128Gcm -+const uint MY_AES_GCM=0xDEADBEAF; -+#endif -+ -+#define MY_AES_UNSUPPORTED(x) (x == 0xDEADBEAF) -+ -+static void do_test(uint mode, const char *mode_str, int nopad, uint slen, -+ char fill, size_t dlen, const char *hash) -+{ -+ uchar key[16]= {1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6}; -+ uchar iv[16]= {2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7}; -+ uchar src[1000], dst[1100], dst2[1100], ddst[1000]; -+ uchar md5[MY_MD5_HASH_SIZE]; -+ uint src_len, dst_len, dst_len2, ddst_len; -+ int result; -+ -+ if (MY_AES_UNSUPPORTED(mode)) -+ { -+ skip(nopad?7:6, "%s not supported", mode_str); -+ return; -+ } -+ memset(src, fill, src_len= slen); -+ result= my_aes_crypt(mode, nopad | ENCRYPTION_FLAG_ENCRYPT, src, src_len, -+ dst, &dst_len, key, sizeof(key), iv, sizeof(iv)); -+ ok(result == MY_AES_OK, "encrypt %s %u %s", mode_str, src_len, -+ nopad ? "nopad" : "pad"); -+ -+ if (nopad) -+ { -+ result= aes_crypt_bytewise(mode, nopad | ENCRYPTION_FLAG_ENCRYPT, src, -+ src_len, dst2, &dst_len2, key, sizeof(key), -+ iv, sizeof(iv)); -+ ok(result == MY_AES_OK, "encrypt bytewise %s %u", mode_str, src_len); -+ /* Compare with non-bytewise encryption result*/ -+ ok(dst_len == dst_len2 && memcmp(dst, dst2, dst_len) == 0, -+ "memcmp bytewise %s %u", mode_str, src_len); -+ } -+ else -+ { -+ int dst_len_real= my_aes_get_size(mode, src_len); -+ ok(dst_len_real= dst_len, "my_aes_get_size"); - } -+ my_md5(md5, (char *) dst, dst_len); -+ ok(dst_len == dlen, "md5 len"); -+ ok(memcmp(md5, hash, sizeof(md5)) == 0, "md5"); -+ result= my_aes_crypt(mode, nopad | ENCRYPTION_FLAG_DECRYPT, -+ dst, dst_len, ddst, &ddst_len, key, sizeof(key), iv, -+ sizeof(iv)); -+ -+ ok(result == MY_AES_OK, "decrypt %s %u", mode_str, dst_len); -+ ok(ddst_len == src_len && memcmp(src, ddst, src_len) == 0, "memcmp"); -+} - --#define DO_TEST_P(M,S,F,D,H) DO_TEST(M,0,S,F,D,H) --#define DO_TEST_N(M,S,F,D,H) DO_TEST(M,ENCRYPTION_FLAG_NOPAD,S,F,D,H) -+#define DO_TEST_P(M, S, F, D, H) do_test(M, #M, 0, S, F, D, H) -+#define DO_TEST_N(M, S, F, D, H) do_test(M, #M, ENCRYPTION_FLAG_NOPAD, S, F, D, H) - - /* useful macro for debugging */ - #define PRINT_MD5() \ -@@ -53,25 +122,15 @@ - printf("\"\n"); \ - } while(0); - --#ifndef HAVE_EncryptAes128Ctr --const uint MY_AES_CTR=0xDEADBEAF; --#endif --#ifndef HAVE_EncryptAes128Gcm --const uint MY_AES_GCM=0xDEADBEAF; --#endif - - int - main(int argc __attribute__((unused)),char *argv[]) - { -- uchar key[16]= {1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6}; -- uchar iv[16]= {2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7}; -- uchar src[1000], dst[1100], ddst[1000]; -- uchar md5[MY_MD5_HASH_SIZE]; -- uint src_len, dst_len, ddst_len; - - MY_INIT(argv[0]); - -- plan(87); -+ plan(122); -+ - DO_TEST_P(MY_AES_ECB, 200, '.', 208, "\xd8\x73\x8e\x3a\xbc\x66\x99\x13\x7f\x90\x23\x52\xee\x97\x6f\x9a"); - DO_TEST_P(MY_AES_ECB, 128, '?', 144, "\x19\x58\x33\x85\x4c\xaa\x7f\x06\xd1\xb2\xec\xd7\xb7\x6a\xa9\x5b"); - DO_TEST_P(MY_AES_CBC, 159, '%', 160, "\x4b\x03\x18\x3d\xf1\xa7\xcd\xa1\x46\xb3\xc6\x8a\x92\xc0\x0f\xc9"); --- -2.25.1 - diff --git a/meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb b/meta-oe/recipes-dbs/mysql/mariadb_10.7.7.bb similarity index 91% rename from meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb rename to meta-oe/recipes-dbs/mysql/mariadb_10.7.7.bb index 8dba5c858..87faabfa2 100644 --- a/meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb +++ b/meta-oe/recipes-dbs/mysql/mariadb_10.7.7.bb @@ -1,7 +1,7 @@ require mariadb.inc DEPENDS += "mariadb-native bison-native boost libpcre2 curl ncurses \ - zlib libaio libedit libevent libxml2 gnutls fmt lzo" + zlib libaio libedit libevent libxml2 gnutls fmt lzo zstd" PROVIDES += "mysql5 libmysqlclient"