summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--debian/changelog12
-rw-r--r--debian/control6
-rw-r--r--debian/mariadb-server.postrm58
-rw-r--r--debian/mariadb-server.prerm14
-rw-r--r--debian/patches/3154-openssl-alert-protocol-string.patch39
-rw-r--r--debian/patches/series1
6 files changed, 55 insertions, 75 deletions
diff --git a/debian/changelog b/debian/changelog
index 7dacfa50..fd5004da 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+mariadb (1:10.11.7-4) unstable; urgency=medium
+
+ [ Michael Biebl ]
+ * Drop unnecessary mariadb-server.prerm (Closes: #1067491)
+ * Rely on dh_installsystemd to stop the service in postrm
+
+ [ Otto Kekäläinen ]
+ * Remove direct dependencies on libcurl4 (Closes: #1068403, #1068404)
+ * Make tests compatible with OpenSSL 3.2.0
+
+ -- Otto Kekäläinen <otto@debian.org> Sat, 13 Apr 2024 11:07:08 -0700
+
mariadb (1:10.11.7-3~progress7.99u1) graograman-backports; urgency=medium
* Uploading to graograman-backports, remaining changes:
diff --git a/debian/control b/debian/control
index 566deeb0..cd1ff240 100644
--- a/debian/control
+++ b/debian/control
@@ -599,8 +599,7 @@ Description: Connect storage engine for MariaDB server
Package: mariadb-plugin-s3
Architecture: any
-Depends: libcurl4,
- mariadb-server (= ${server:Version}),
+Depends: mariadb-server (= ${server:Version}),
${misc:Depends},
${shlibs:Depends}
Description: Amazon S3 archival storage engine for MariaDB
@@ -722,8 +721,7 @@ Description: CrackLib Password Validation Plugin for MariaDB server
Package: mariadb-plugin-hashicorp-key-management
Architecture: any
-Depends: libcurl4,
- mariadb-server,
+Depends: mariadb-server,
${misc:Depends},
${shlibs:Depends}
Description: Hashicorp Key Management plugin for MariaDB
diff --git a/debian/mariadb-server.postrm b/debian/mariadb-server.postrm
index 9a5a9bf6..64e194f2 100644
--- a/debian/mariadb-server.postrm
+++ b/debian/mariadb-server.postrm
@@ -12,60 +12,7 @@ fi
${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*" 1>&2 }
-MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf"
-
-MARIADBD_USERS="root"
-
-# Check if user 'mysql' exists before referring to it in pgrep
-# to avoid pgrep erroring on 'invalid user name'
-if id mysql > /dev/null 2>&1
-then
- MARIADBD_USERS="$MARIADBD_USERS,mysql"
-fi
-
-# Try to stop the server in a sane way. If it does not success let the admin
-# do it himself. No database directories should be removed while the server
-# is running! Another mariadbd in e.g. a different chroot is fine for us.
-stop_server() {
- # Return immediately if there are no mysqld processes running
- # as there is no point in trying to shutdown in that case.
- if ! pgrep -x -u "$MARIADBD_USERS" --nslist pid --ns $$ "mysqld|mariadbd" > /dev/null
- then
- return
- fi
-
- set +e
- invoke-rc.d mariadb stop
- invoke-rc.d mysql stop # Backwards compatibility
- errno=$?
- set -e
-
- # systemctl could emit exit code 100=no init script (fresh install)
- if [ "$errno" != 0 ] && [ "$errno" != 100 ]
- then
- echo "Attempt to stop MariaDB/MySQL server returned exitcode $errno" 1>&2
- echo "There is a MariaDB/MySQL server running, but we failed in our attempts to stop it." 1>&2
- echo "Check if there is any server running with 'pgrep \"mysqld|mariadbd\"' and" 1>&2
- echo "try to stop it yourself by issuing 'invoke-rc.d mariadb stop'." 1>&2
- db_stop
- exit 1
- fi
-}
-
-
-case "$1" in
- purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
- if [ -n "$($MYADMIN ping 2>/dev/null)" ]
- then
- stop_server
- sleep 2
- fi
- ;;
- *)
- echo "postrm called with unknown argument '$1'" 1>&2
- exit 1
- ;;
-esac
+#DEBHELPER#
#
# - Purge logs and data only if they are ours (#307473)
@@ -108,6 +55,3 @@ then
fi
fi
-
-#DEBHELPER#
-
diff --git a/debian/mariadb-server.prerm b/debian/mariadb-server.prerm
deleted file mode 100644
index 2701fa5f..00000000
--- a/debian/mariadb-server.prerm
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/bin/sh
-set -e
-
-#DEBHELPER#
-
-# Modified dh_systemd_start snippet that's not added automatically
-if [ -d /run/systemd/system ]
-then
- deb-systemd-invoke stop mariadb.service >/dev/null
- # Modified dh_installinit snippet to only run with sysvinit
-elif [ -x "/etc/init.d/mariadb" ]
-then
- invoke-rc.d mariadb stop || exit $?
-fi
diff --git a/debian/patches/3154-openssl-alert-protocol-string.patch b/debian/patches/3154-openssl-alert-protocol-string.patch
new file mode 100644
index 00000000..a2aa8767
--- /dev/null
+++ b/debian/patches/3154-openssl-alert-protocol-string.patch
@@ -0,0 +1,39 @@
+Forwarded: https://github.com/MariaDB/server/pull/3154
+Origin: https://patch-diff.githubusercontent.com/raw/MariaDB/server/pull/3154.patch
+From: Zhibo Zhang <zhibo@amazon.com>
+Date: Tue, 19 Mar 2024 19:16:46 +0000
+Subject: [PATCH] Update tests to be compatible with OpenSSL 3.2.0
+
+As of version 3.2.0, OpenSSL updated the error message in new versions
+("https://github.com/openssl/openssl/commit/81b741f68984"). Update the
+tests and result files such that they are compatible with both original
+and new error messages.
+
+All new code of the whole pull request, including one or several files that are
+either new files or modified ones, are contributed under the BSD-new license. I
+am contributing on behalf of my employer Amazon Web Services, Inc.
+---
+ mysql-test/main/ssl_crl.result | 2 +-
+ mysql-test/main/ssl_crl.test | 4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+--- a/mysql-test/main/ssl_crl.result
++++ b/mysql-test/main/ssl_crl.result
+@@ -2,4 +2,4 @@
+ Variable_name Value
+ Ssl_version TLS_VERSION
+ # try logging in with a certificate in the server's --ssl-crl : should fail
+-ERROR 2026 (HY000): TLS/SSL error: sslv3 alert certificate revoked
++ERROR 2026 (HY000): TLS/SSL error: ssl/tls alert certificate revoked
+--- a/mysql-test/main/ssl_crl.test
++++ b/mysql-test/main/ssl_crl.test
+@@ -7,7 +7,7 @@
+ --exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/server-new-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/server-new-cert.pem test -e "SHOW STATUS LIKE 'Ssl_version'"
+
+ --echo # try logging in with a certificate in the server's --ssl-crl : should fail
+-# OpenSSL 1.1.1a correctly rejects the certificate, but the error message is different
+---replace_regex /ERROR 2013 \(HY000\): Lost connection to server at '.*', system error: [0-9]+/ERROR 2026 (HY000): TLS\/SSL error: sslv3 alert certificate revoked/
++# OpenSSL 1.1.1a and later releases correctly rejects the certificate, but the error message is different
++--replace_regex /(ERROR 2013 \(HY000\): Lost connection to server at '.*', system error: [0-9]+|ERROR 2026 \(HY000\): TLS\/SSL error: sslv3 alert certificate revoked)/ERROR 2026 (HY000): TLS\/SSL error: ssl\/tls alert certificate revoked/
+ --error 1
+ --exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_version'" 2>&1
diff --git a/debian/patches/series b/debian/patches/series
index a2462aea..69ef5c47 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -15,3 +15,4 @@ install-files-into-usr.patch
MDEV-32975-chartset-collation-fix-php.patch
startup-message.patch
fix-spelling-mariadb.patch
+3154-openssl-alert-protocol-string.patch