diff options
-rw-r--r-- | debian/changelog | 12 | ||||
-rw-r--r-- | debian/control | 6 | ||||
-rw-r--r-- | debian/mariadb-server.postrm | 58 | ||||
-rw-r--r-- | debian/mariadb-server.prerm | 14 | ||||
-rw-r--r-- | debian/patches/3154-openssl-alert-protocol-string.patch | 39 | ||||
-rw-r--r-- | debian/patches/series | 1 |
6 files changed, 55 insertions, 75 deletions
diff --git a/debian/changelog b/debian/changelog index 7dacfa50..fd5004da 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,15 @@ +mariadb (1:10.11.7-4) unstable; urgency=medium + + [ Michael Biebl ] + * Drop unnecessary mariadb-server.prerm (Closes: #1067491) + * Rely on dh_installsystemd to stop the service in postrm + + [ Otto Kekäläinen ] + * Remove direct dependencies on libcurl4 (Closes: #1068403, #1068404) + * Make tests compatible with OpenSSL 3.2.0 + + -- Otto Kekäläinen <otto@debian.org> Sat, 13 Apr 2024 11:07:08 -0700 + mariadb (1:10.11.7-3~progress7.99u1) graograman-backports; urgency=medium * Uploading to graograman-backports, remaining changes: diff --git a/debian/control b/debian/control index 566deeb0..cd1ff240 100644 --- a/debian/control +++ b/debian/control @@ -599,8 +599,7 @@ Description: Connect storage engine for MariaDB server Package: mariadb-plugin-s3 Architecture: any -Depends: libcurl4, - mariadb-server (= ${server:Version}), +Depends: mariadb-server (= ${server:Version}), ${misc:Depends}, ${shlibs:Depends} Description: Amazon S3 archival storage engine for MariaDB @@ -722,8 +721,7 @@ Description: CrackLib Password Validation Plugin for MariaDB server Package: mariadb-plugin-hashicorp-key-management Architecture: any -Depends: libcurl4, - mariadb-server, +Depends: mariadb-server, ${misc:Depends}, ${shlibs:Depends} Description: Hashicorp Key Management plugin for MariaDB diff --git a/debian/mariadb-server.postrm b/debian/mariadb-server.postrm index 9a5a9bf6..64e194f2 100644 --- a/debian/mariadb-server.postrm +++ b/debian/mariadb-server.postrm @@ -12,60 +12,7 @@ fi ${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*" 1>&2 } -MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf" - -MARIADBD_USERS="root" - -# Check if user 'mysql' exists before referring to it in pgrep -# to avoid pgrep erroring on 'invalid user name' -if id mysql > /dev/null 2>&1 -then - MARIADBD_USERS="$MARIADBD_USERS,mysql" -fi - -# Try to stop the server in a sane way. If it does not success let the admin -# do it himself. No database directories should be removed while the server -# is running! Another mariadbd in e.g. a different chroot is fine for us. -stop_server() { - # Return immediately if there are no mysqld processes running - # as there is no point in trying to shutdown in that case. - if ! pgrep -x -u "$MARIADBD_USERS" --nslist pid --ns $$ "mysqld|mariadbd" > /dev/null - then - return - fi - - set +e - invoke-rc.d mariadb stop - invoke-rc.d mysql stop # Backwards compatibility - errno=$? - set -e - - # systemctl could emit exit code 100=no init script (fresh install) - if [ "$errno" != 0 ] && [ "$errno" != 100 ] - then - echo "Attempt to stop MariaDB/MySQL server returned exitcode $errno" 1>&2 - echo "There is a MariaDB/MySQL server running, but we failed in our attempts to stop it." 1>&2 - echo "Check if there is any server running with 'pgrep \"mysqld|mariadbd\"' and" 1>&2 - echo "try to stop it yourself by issuing 'invoke-rc.d mariadb stop'." 1>&2 - db_stop - exit 1 - fi -} - - -case "$1" in - purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) - if [ -n "$($MYADMIN ping 2>/dev/null)" ] - then - stop_server - sleep 2 - fi - ;; - *) - echo "postrm called with unknown argument '$1'" 1>&2 - exit 1 - ;; -esac +#DEBHELPER# # # - Purge logs and data only if they are ours (#307473) @@ -108,6 +55,3 @@ then fi fi - -#DEBHELPER# - diff --git a/debian/mariadb-server.prerm b/debian/mariadb-server.prerm deleted file mode 100644 index 2701fa5f..00000000 --- a/debian/mariadb-server.prerm +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -set -e - -#DEBHELPER# - -# Modified dh_systemd_start snippet that's not added automatically -if [ -d /run/systemd/system ] -then - deb-systemd-invoke stop mariadb.service >/dev/null - # Modified dh_installinit snippet to only run with sysvinit -elif [ -x "/etc/init.d/mariadb" ] -then - invoke-rc.d mariadb stop || exit $? -fi diff --git a/debian/patches/3154-openssl-alert-protocol-string.patch b/debian/patches/3154-openssl-alert-protocol-string.patch new file mode 100644 index 00000000..a2aa8767 --- /dev/null +++ b/debian/patches/3154-openssl-alert-protocol-string.patch @@ -0,0 +1,39 @@ +Forwarded: https://github.com/MariaDB/server/pull/3154 +Origin: https://patch-diff.githubusercontent.com/raw/MariaDB/server/pull/3154.patch +From: Zhibo Zhang <zhibo@amazon.com> +Date: Tue, 19 Mar 2024 19:16:46 +0000 +Subject: [PATCH] Update tests to be compatible with OpenSSL 3.2.0 + +As of version 3.2.0, OpenSSL updated the error message in new versions +("https://github.com/openssl/openssl/commit/81b741f68984"). Update the +tests and result files such that they are compatible with both original +and new error messages. + +All new code of the whole pull request, including one or several files that are +either new files or modified ones, are contributed under the BSD-new license. I +am contributing on behalf of my employer Amazon Web Services, Inc. +--- + mysql-test/main/ssl_crl.result | 2 +- + mysql-test/main/ssl_crl.test | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +--- a/mysql-test/main/ssl_crl.result ++++ b/mysql-test/main/ssl_crl.result +@@ -2,4 +2,4 @@ + Variable_name Value + Ssl_version TLS_VERSION + # try logging in with a certificate in the server's --ssl-crl : should fail +-ERROR 2026 (HY000): TLS/SSL error: sslv3 alert certificate revoked ++ERROR 2026 (HY000): TLS/SSL error: ssl/tls alert certificate revoked +--- a/mysql-test/main/ssl_crl.test ++++ b/mysql-test/main/ssl_crl.test +@@ -7,7 +7,7 @@ + --exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/server-new-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/server-new-cert.pem test -e "SHOW STATUS LIKE 'Ssl_version'" + + --echo # try logging in with a certificate in the server's --ssl-crl : should fail +-# OpenSSL 1.1.1a correctly rejects the certificate, but the error message is different +---replace_regex /ERROR 2013 \(HY000\): Lost connection to server at '.*', system error: [0-9]+/ERROR 2026 (HY000): TLS\/SSL error: sslv3 alert certificate revoked/ ++# OpenSSL 1.1.1a and later releases correctly rejects the certificate, but the error message is different ++--replace_regex /(ERROR 2013 \(HY000\): Lost connection to server at '.*', system error: [0-9]+|ERROR 2026 \(HY000\): TLS\/SSL error: sslv3 alert certificate revoked)/ERROR 2026 (HY000): TLS\/SSL error: ssl\/tls alert certificate revoked/ + --error 1 + --exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_version'" 2>&1 diff --git a/debian/patches/series b/debian/patches/series index a2462aea..69ef5c47 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -15,3 +15,4 @@ install-files-into-usr.patch MDEV-32975-chartset-collation-fix-php.patch startup-message.patch fix-spelling-mariadb.patch +3154-openssl-alert-protocol-string.patch |