From af28a6ea29b5b795fdc8fbc95faed86113adb6f2 Mon Sep 17 00:00:00 2001 From: Honza Horak Date: Feb 03 2014 13:04:24 +0000 Subject: Add patch --- diff --git a/community-mysql-ssltest.patch b/community-mysql-ssltest.patch new file mode 100644 index 0000000..6fdd271 --- /dev/null +++ b/community-mysql-ssltest.patch @@ -0,0 +1,30 @@ +Don't test EDH-RSA-DES-CBC-SHA cipher, it seems to be removed from openssl +which now makes mariadb/mysql FTBFS because openssl_1 test fails + +Related: #1044565 + + +diff -up mariadb-5.5.34/mysql-test/r/openssl_1.result.p20 mariadb-5.5.34/mysql-test/r/openssl_1.result +--- mariadb-5.5.34/mysql-test/r/openssl_1.result.p20 2014-01-06 11:51:18.878640731 +0100 ++++ mariadb-5.5.34/mysql-test/r/openssl_1.result 2014-01-06 11:51:45.364678942 +0100 +@@ -196,8 +196,6 @@ Ssl_cipher DHE-RSA-AES256-SHA + Variable_name Value + Ssl_cipher EDH-RSA-DES-CBC3-SHA + Variable_name Value +-Ssl_cipher EDH-RSA-DES-CBC-SHA +-Variable_name Value + Ssl_cipher RC4-SHA + select 'is still running; no cipher request crashed the server' as result from dual; + result +diff -up mariadb-5.5.34/mysql-test/t/openssl_1.test.p20 mariadb-5.5.34/mysql-test/t/openssl_1.test +--- mariadb-5.5.34/mysql-test/t/openssl_1.test.p20 2014-01-06 11:51:18.830640662 +0100 ++++ mariadb-5.5.34/mysql-test/t/openssl_1.test 2014-01-06 11:51:18.879640733 +0100 +@@ -218,7 +218,7 @@ DROP TABLE t1; + # Common ciphers to openssl and yassl + --exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=DHE-RSA-AES256-SHA + --exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC3-SHA +---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC-SHA ++#--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC-SHA + --exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=RC4-SHA + --disable_query_log + --disable_result_log diff --git a/community-mysql.spec b/community-mysql.spec index 1b72ee1..6186ab7 100644 --- a/community-mysql.spec +++ b/community-mysql.spec @@ -62,6 +62,7 @@ Patch28: community-mysql-covscan-signexpr.patch Patch29: community-mysql-covscan-stroverflow.patch Patch30: community-mysql-pluginerrmsg.patch Patch31: community-mysql-rhbz1059545.patch +Patch32: community-mysql-ssltest.patch BuildRequires: perl, readline-devel, openssl-devel BuildRequires: cmake, ncurses-devel, zlib-devel, libaio-devel @@ -252,6 +253,7 @@ the MySQL sources. %patch29 -p1 %patch30 -p1 %patch31 -p1 +%patch32 -p1 # workaround for upstream bug #56342 rm -f mysql-test/t/ssl_8k_key-master.opt @@ -729,6 +731,9 @@ rm -f ${RPM_BUILD_ROOT}%{_datadir}/mysql/solaris/postinstall-solaris * Thu Jan 30 2014 Honza Horak 5.5.35-2 Fix for CVE-2014-0001 Resolves: #1059545 +- Don't test EDH-RSA-DES-CBC-SHA cipher, it seems to be removed from openssl + which now makes mariadb/mysql FTBFS because openssl_1 test fails + Related: #1044565 * Mon Dec 9 2013 Honza Horak 5.5.35-1 - Update to MySQL 5.5.35, for various fixes described at