maria:bb-10.8-openssl3.0

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

04b1f5c... by Vladislav Vaintroub on 2022-01-19

test

2cc5fa6... by Vladislav Vaintroub on 2022-01-17

Appveyor : test with system OpenSSL3

1b238e3... by Vladislav Vaintroub on 2021-11-08

MDEV-25785 Add support for OpenSSL 3.0

Summary of changes

- MD_CTX_SIZE is increased

- EVP_CIPHER_CTX_buf_noconst(ctx) does not work anymore, points
  to nobody knows where. The assumption made previously was that
  (since the function does not seem to be documented)
  was that it points to the last partial source block.
  Add own partial block buffer for NOPAD encryption instead

- SECLEVEL in CipherString in openssl.cnf
  had been downgraded to 0, from 1, to make TLSv1.0 and TLSv1.1 possible
   (according to https://github.com/openssl/openssl/blob/openssl-3.0.0/NEWS.md
   even though the manual for SSL_CTX_get_security_level claims that it
   should not be necessary)

- Workaround Ssl_cipher_list issue, it now returns TLSv1.3 ciphers,
  in addition to what was set in --ssl-cipher

- ctx_buf buffer now must be aligned to 16 bytes with openssl(
  previously with WolfSSL only), ot crashes will happen

- updated aes-t , to be better debuggable
  using function, rather than a huge multiline macro
  added test that does "nopad" encryption piece-wise, to test
  replacement of EVP_CIPHER_CTX_buf_noconst

cee33f1... by Sergei Golubchik on 2021-11-04

change pcre2 download url

old ftp.pcre.org is apparently down,
www.pcre.org says to use github as the primary download location

2b5fddd... by Vladislav Vaintroub on 2021-11-04

Merge branch '10.7' into 10.8

d20de4d... by Vladislav Vaintroub on 2021-11-04

Merge branch '10.6' into 10.7

3ab358f... by Vladislav Vaintroub on 2021-11-03

appveyor - do not use buggy cygwin bison.

667e713... by Marko Mäkelä on 2021-11-04

MDEV-26826 fixup: clang++-13 -Wfree-nonheap-object

576afce... by Marko Mäkelä on 2021-11-04

MDEV-26966: Remove innodb_force_load_corrupted

MySQL 5.5 in commit 177d8b0c125b841c0650d27d735e3b87509dc286
introduced a configuration parameter innodb_force_load_corrupted
whose purpose was to allow a corrupted table to be dropped.

Given that MDEV-11412 in MariaDB 10.5.4 aims to allow any metadata
for a missing or corrupted table to be dropped, and given that
MDEV-17567 and MDEV-25506 and related tasks made DDL operations
crash-safe, the parameter no longer serves any purpose.

Because this obscure parameter was read-only (not settable by a client),
it seems that we can simply declare it with MARIADB_REMOVED_OPTION
(commit 1bc9cce70273c7f4705fb193abd2c938e3f3402a) without breaking
any upgrades.

DICT_ERR_IGNORE_INDEX: Replaces DICT_ERR_IGNORE_INDEX_ROOT and
DICT_ERR_IGNORE_CORRUPT, which were always set equally.

dict_load_indexes(): Report "No indexes found for table" in
a uniform way, and only when the DICT_ERR_IGNORE_INDEX flag is
not set.

If the clustered index is marked corrupted, and the operation
is DICT_ERR_IGNORE_DROP (we are about to drop the table), we will
load the metadata; else, we will return DB_INDEX_CORRUPT.

If SYS_INDEXES.PAGE is FIL_NULL, report an error or warning
unless we are about to drop the table.

dict_load_table_one(): Simplify the logic.

ccb345e... by Sergei Golubchik on 2021-11-02

Spider fix for 10.8+

like in 76f4a78ba26