From cc426cff465c5e67cc7ae21af2ca6924ed59db20 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Sat, 11 Feb 2017 11:48:04 +0100 Subject: compat-mysql51: 5.1.73 --- README.mysql-docs | 4 + README.mysql-license | 6 + compat-mysql51.spec | 63 ++- generate-tarball.sh | 15 + mysql-chain-certs.patch | 30 +- mysql-cve-2012-5611.patch | 34 ++ mysql-cve-2016-6662-b-1ebbc61e.patch | 33 ++ mysql-cve-2016-6662-c-2135853b.patch | 186 +++++++++ mysql-cve-2016-6663.patch | 322 +++++++++++++++ mysql-dh1024.patch | 104 +++++ mysql-disable-test.patch | 16 + mysql-dump-log-tables.patch | 129 ++++++ mysql-expired-certs.patch | 555 +++++++++++++++++++++++++ mysql-install-test.patch | 33 ++ mysql-logrotate.patch | 66 +++ mysql-no-docs.patch | 40 ++ mysql-openssl-test.patch | 757 +++++++++++++++++++++++++++++++++++ mysql-relay-logging.patch | 20 + mysql-rhbz1059545.patch | 17 + mysql-strmov.patch | 10 +- mysql-test-events_1.patch | 22 + mysql-testing.patch | 23 ++ mysql-tls.patch | 295 ++++++++++++++ 23 files changed, 2757 insertions(+), 23 deletions(-) create mode 100644 README.mysql-docs create mode 100644 README.mysql-license mode change 100755 => 100644 compat-mysql51.spec create mode 100755 generate-tarball.sh create mode 100644 mysql-cve-2012-5611.patch create mode 100644 mysql-cve-2016-6662-b-1ebbc61e.patch create mode 100644 mysql-cve-2016-6662-c-2135853b.patch create mode 100644 mysql-cve-2016-6663.patch create mode 100644 mysql-dh1024.patch create mode 100644 mysql-disable-test.patch create mode 100644 mysql-dump-log-tables.patch create mode 100644 mysql-expired-certs.patch create mode 100644 mysql-install-test.patch create mode 100644 mysql-logrotate.patch create mode 100644 mysql-no-docs.patch create mode 100644 mysql-openssl-test.patch create mode 100644 mysql-relay-logging.patch create mode 100644 mysql-rhbz1059545.patch create mode 100644 mysql-test-events_1.patch create mode 100644 mysql-testing.patch create mode 100644 mysql-tls.patch diff --git a/README.mysql-docs b/README.mysql-docs new file mode 100644 index 0000000..dd894a7 --- /dev/null +++ b/README.mysql-docs @@ -0,0 +1,4 @@ +The official MySQL documentation is not freely redistributable, so we cannot +include it in RHEL or Fedora. You can find it on-line at + +http://dev.mysql.com/doc/ diff --git a/README.mysql-license b/README.mysql-license new file mode 100644 index 0000000..1282653 --- /dev/null +++ b/README.mysql-license @@ -0,0 +1,6 @@ +MySQL is distributed under GPL v2, but there are some licensing exceptions +that allow the client libraries to be linked with a non-GPL application, +so long as the application is under a license approved by Oracle. +For details see + +http://www.mysql.com/about/legal/licensing/foss-exception/ diff --git a/compat-mysql51.spec b/compat-mysql51.spec old mode 100755 new mode 100644 index 2de3d78..4afb39f --- a/compat-mysql51.spec +++ b/compat-mysql51.spec @@ -1,24 +1,51 @@ Name: compat-mysql51 -Version: 5.1.54 +Version: 5.1.73 Release: 1%{dist} Summary: MySQL shared libraries. License: GPL Group: Applications/Databases URL: http://www.mysql.com -Source0: http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-%{version}%{-srctype}.tar.gz +# Upstream has a mirror redirector for downloads, so the URL is hard to +# represent statically. You can get the tarball by following a link from +# http://dev.mysql.com/downloads/mysql/ +Source0: mysql-%{version}-nodocs.tar.gz +# The upstream tarball includes non-free documentation that we cannot ship. +# To remove the non-free documentation, run this script after downloading +# the tarball into the current directory: +# ./generate-tarball.sh $VERSION +Source1: generate-tarball.sh Source5: my_config.h +Source6: README.mysql-docs +Source7: README.mysql-license # Working around perl dependency checking bug in rpm FTTB. Remove later. Source999: filter-requires-mysql.sh Patch1: mysql-ssl-multilib.patch Patch2: mysql-errno.patch +# Patch3: mysql-stack.patch +Patch4: mysql-testing.patch +Patch5: mysql-install-test.patch Patch6: mysql-stack-guard.patch -# add by a simple echo - Patch7: mysql-disable-test.patch +Patch7: mysql-disable-test.patch Patch8: mysql-setschedparam.patch +Patch9: mysql-no-docs.patch Patch10: mysql-strmov.patch Patch12: mysql-cve-2008-7247.patch +Patch13: mysql-expired-certs.patch Patch16: mysql-chain-certs.patch +Patch17: mysql-cve-2012-5611.patch +Patch18: mysql-dump-log-tables.patch +Patch19: mysql-logrotate.patch +Patch20: mysql-rhbz1059545.patch +Patch21: mysql-dh1024.patch +Patch22: mysql-openssl-test.patch +Patch23: mysql-test-events_1.patch +Patch24: mysql-tls.patch +Patch25: mysql-relay-logging.patch +Patch26: mysql-cve-2016-6663.patch +Patch27: mysql-cve-2016-6662-b-1ebbc61e.patch +Patch28: mysql-cve-2016-6662-c-2135853b.patch BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildRequires: gperf, perl, readline-devel, openssl-devel @@ -61,10 +88,29 @@ developing MySQL applications using client libraries. %patch1 -p1 %patch2 -p1 +# %%patch3 -p1 +%patch4 -p1 +%patch5 -p1 %patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 %patch10 -p1 %patch12 -p1 +%patch13 -p1 %patch16 -p1 +%patch17 -p1 +%patch18 -p1 +%patch19 -p1 +%patch20 -p1 +%patch21 -p1 +%patch22 -p1 +%patch23 -p1 +%patch24 -p1 +%patch25 -p1 +%patch26 -p1 +%patch27 -p1 +%patch28 -p1 libtoolize --force aclocal @@ -72,6 +118,10 @@ automake --add-missing -Wno-portability autoconf autoheader +cp %{SOURCE6} README.mysql-docs +cp %{SOURCE7} README.mysql-license + + %build CFLAGS="%{optflags} -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE" CFLAGS="$CFLAGS -fno-strict-aliasing -fwrapv" @@ -160,7 +210,8 @@ rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root) -%doc README COPYING +%doc README COPYING README.mysql-license +%doc README.mysql-docs %{_origlibdir}/mysql/libmysqlclient*.so.* /etc/ld.so.conf.d/* @@ -170,6 +221,10 @@ rm -rf $RPM_BUILD_ROOT %{_libdir} %changelog +* Sat Feb 11 2017 Remi Collet 5.1.73-1 +- update to 5.1.73 +- sync patch with mysql-5.1.73-8.el6_8 + * Tue Dec 21 2010 Remi Collet 5.1.54-1 - update to 5.1.54 diff --git a/generate-tarball.sh b/generate-tarball.sh new file mode 100755 index 0000000..2ff4bff --- /dev/null +++ b/generate-tarball.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +VERSION=$1 + +rm -rf mysql-$VERSION + +tar xfz mysql-$VERSION.tar.gz || exit 1 + +rm mysql-$VERSION/Docs/mysql.info + +tar cfz mysql-$VERSION-nodocs.tar.gz mysql-$VERSION || exit 1 + +rm -rf mysql-$VERSION + +exit 0 diff --git a/mysql-chain-certs.patch b/mysql-chain-certs.patch index 3b20a28..34f6461 100644 --- a/mysql-chain-certs.patch +++ b/mysql-chain-certs.patch @@ -10,22 +10,22 @@ Fedora builds, I'm not feeling motivated to try to fix yassl for this. See RH bug #598656. Filed upstream at http://bugs.mysql.com/bug.php?id=54158 -diff -Naur mysql-5.1.47.orig/vio/viosslfactories.c mysql-5.1.47/vio/viosslfactories.c ---- mysql-5.1.47.orig/vio/viosslfactories.c 2010-05-06 11:28:07.000000000 -0400 -+++ mysql-5.1.47/vio/viosslfactories.c 2010-05-26 23:23:46.000000000 -0400 -@@ -100,7 +100,7 @@ - (long) ctx, cert_file, key_file)); - if (cert_file) +diff -Naur mysql-5.1.66.orig/vio/viosslfactories.c mysql-5.1.66/vio/viosslfactories.c +--- mysql-5.1.66.orig/vio/viosslfactories.c 2012-09-07 10:14:06.000000000 -0400 ++++ mysql-5.1.66/vio/viosslfactories.c 2012-11-02 10:17:16.495347128 -0400 +@@ -109,7 +109,7 @@ + key_file= cert_file; + + if (cert_file && +- SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0) ++ SSL_CTX_use_certificate_chain_file(ctx, cert_file) <= 0) { -- if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0) -+ if (SSL_CTX_use_certificate_chain_file(ctx, cert_file) <= 0) - { - *error= SSL_INITERR_CERT; - DBUG_PRINT("error",("%s from file '%s'", sslGetErrString(*error), cert_file)); -diff -Naur mysql-5.1.47.orig/extra/yassl/src/ssl.cpp mysql-5.1.47/extra/yassl/src/ssl.cpp ---- mysql-5.1.47.orig/extra/yassl/src/ssl.cpp 2010-05-06 11:24:26.000000000 -0400 -+++ mysql-5.1.47/extra/yassl/src/ssl.cpp 2010-05-26 23:29:13.000000000 -0400 -@@ -1606,10 +1606,10 @@ + *error= SSL_INITERR_CERT; + DBUG_PRINT("error",("%s from file '%s'", sslGetErrString(*error), cert_file)); +diff -Naur mysql-5.1.66.orig/extra/yassl/src/ssl.cpp mysql-5.1.66/extra/yassl/src/ssl.cpp +--- mysql-5.1.66.orig/extra/yassl/src/ssl.cpp 2012-09-07 10:14:06.000000000 -0400 ++++ mysql-5.1.66/extra/yassl/src/ssl.cpp 2012-11-02 10:16:16.513789708 -0400 +@@ -1628,10 +1628,10 @@ } diff --git a/mysql-cve-2012-5611.patch b/mysql-cve-2012-5611.patch new file mode 100644 index 0000000..1a11661 --- /dev/null +++ b/mysql-cve-2012-5611.patch @@ -0,0 +1,34 @@ +Oracle has fixed CVE-2012-5611 as of mysql 5.1.67, but they did not include +a regression test for it, so let's continue to use mariadb's test. See +http://bazaar.launchpad.net/~maria-captains/maria/5.1/revision/3168 + + +diff -Naur mysql-5.1.66.orig/mysql-test/r/information_schema.result mysql-5.1.66/mysql-test/r/information_schema.result +--- mysql-5.1.66.orig/mysql-test/r/information_schema.result 2012-09-07 10:24:44.000000000 -0400 ++++ mysql-5.1.66/mysql-test/r/information_schema.result 2012-12-04 11:04:13.247998281 -0500 +@@ -1774,4 +1774,8 @@ + length(CAST(b AS CHAR)) + 20 + DROP TABLE ubig; ++grant usage on *.* to mysqltest_1@localhost; ++select 1 from information_schema.tables where table_schema=repeat('a', 2000); ++1 ++drop user mysqltest_1@localhost; + End of 5.1 tests. +diff -Naur mysql-5.1.66.orig/mysql-test/t/information_schema.test mysql-5.1.66/mysql-test/t/information_schema.test +--- mysql-5.1.66.orig/mysql-test/t/information_schema.test 2012-09-07 10:24:41.000000000 -0400 ++++ mysql-5.1.66/mysql-test/t/information_schema.test 2012-12-04 11:03:31.050605443 -0500 +@@ -1470,6 +1470,13 @@ + + DROP TABLE ubig; + ++grant usage on *.* to mysqltest_1@localhost; ++connect (con1, localhost, mysqltest_1,,); ++connection con1; ++select 1 from information_schema.tables where table_schema=repeat('a', 2000); ++connection default; ++disconnect con1; ++drop user mysqltest_1@localhost; + + --echo End of 5.1 tests. + diff --git a/mysql-cve-2016-6662-b-1ebbc61e.patch b/mysql-cve-2016-6662-b-1ebbc61e.patch new file mode 100644 index 0000000..4645f90 --- /dev/null +++ b/mysql-cve-2016-6662-b-1ebbc61e.patch @@ -0,0 +1,33 @@ +From 1ebbc61e6243395c45d1c9cc116c0a933674f40e Mon Sep 17 00:00:00 2001 +From: Honza Horak +Date: Fri, 9 Dec 2016 17:13:13 +0100 +Subject: [PATCH 2/4] Bug#24482156 EXTEND WL#7150: REMOVE USE OF DATADIR IN + MYSQLD_SAFE TO SCRIPTS + + MySQL 5.1 upstream backport of: + https://github.com/mysql/mysql-server/commit/71f48ab393bce80a59e5a2e498cd1f46f6b43f9a + + Don't read config file in datadir in SysV initscript. +--- + support-files/mysql.server.sh | 5 ----- + 1 file changed, 5 deletions(-) + +diff --git a/support-files/mysql.server.sh b/support-files/mysql.server.sh +index def52a0..10da440 100644 +--- a/support-files/mysql.server.sh ++++ b/support-files/mysql.server.sh +@@ -250,11 +250,6 @@ extra_args="" + if test -r "$basedir/my.cnf" + then + extra_args="-e $basedir/my.cnf" +-else +- if test -r "$datadir/my.cnf" +- then +- extra_args="-e $datadir/my.cnf" +- fi + fi + + parse_server_arguments `$print_defaults $extra_args mysqld server mysql_server mysql.server` +-- +2.7.4 + diff --git a/mysql-cve-2016-6662-c-2135853b.patch b/mysql-cve-2016-6662-c-2135853b.patch new file mode 100644 index 0000000..3564e13 --- /dev/null +++ b/mysql-cve-2016-6662-c-2135853b.patch @@ -0,0 +1,186 @@ +From 2135853b41f2d124f1869371154b0f9ab9a7b2da Mon Sep 17 00:00:00 2001 +From: Honza Horak +Date: Fri, 9 Dec 2016 17:48:50 +0100 +Subject: [PATCH 3/4] Bug#24388753: PRIVILEGE ESCALATION USING MYSQLD_SAFE + + MySQL 5.1 upstream backport of: + https://github.com/mysql/mysql-server/commit/48bd8b16fe382be302c6f0b45931be5aa6f29a0e + + The problem was that it was possible to write log files ending + in .ini/.cnf that later could be parsed as an options file. + This made it possible for users to specify startup options + without the permissions to do so. + + This patch fixes the problem by disallowing general query log + and slow query log to be written to files ending in .ini and .cnf. +--- + sql/log.cc | 81 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- + sql/log.h | 10 ++++++++ + sql/mysqld.cc | 16 ++++++++++++ + sql/set_var.cc | 5 ++++ + 4 files changed, 110 insertions(+), 2 deletions(-) + +diff --git a/sql/log.cc b/sql/log.cc +index 60692b7..d53b487 100644 +--- a/sql/log.cc ++++ b/sql/log.cc +@@ -1933,6 +1933,73 @@ bool MYSQL_LOG::init_and_set_log_file_name(const char *log_name, + } + + ++bool is_valid_log_name(const char *name, size_t len) ++{ ++ if (len > 3) ++ { ++ const char *tail= name + len - 4; ++ if (my_strcasecmp(system_charset_info, tail, ".ini") == 0 || ++ my_strcasecmp(system_charset_info, tail, ".cnf") == 0) ++ { ++ return false; ++ } ++ } ++ return true; ++} ++ ++ ++/** ++ Get the real log file name, and possibly reopen file. ++ ++ Use realpath() to get the path with symbolic links ++ expanded. Then, close the file, and reopen the real path using the ++ O_NOFOLLOW flag. This will reject following symbolic links. ++ ++ @param file File descriptor. ++ @param open_flags Flags to use for opening the file. ++ @param opened_file_name Name of the open fd. ++ ++ @retval file descriptor to open file with 'real_file_name', or '-1' ++ in case of errors. ++*/ ++ ++#ifndef _WIN32 ++static File mysql_file_real_name_reopen(File file, ++ int open_flags, ++ const char *opened_file_name) ++{ ++ DBUG_ASSERT(file); ++ DBUG_ASSERT(opened_file_name); ++ ++ /* Buffer for realpath must have capacity for PATH_MAX. */ ++ char real_file_name[PATH_MAX]; ++ ++ /* Get realpath, validate, open realpath with O_NOFOLLOW. */ ++ if (realpath(opened_file_name, real_file_name) == NULL) ++ { ++ (void) my_close(file, MYF(0)); ++ return -1; ++ } ++ ++ if (my_close(file, MYF(0))) ++ return -1; ++ ++ if (strlen(real_file_name) > FN_REFLEN) ++ return -1; ++ ++ if (!is_valid_log_name(real_file_name, strlen(real_file_name))) ++ { ++ sql_print_error("Invalid log file name after expanding symlinks: '%s'", ++ real_file_name); ++ return -1; ++ } ++ ++ return my_open(real_file_name, ++ open_flags | O_NOFOLLOW, ++ MYF(MY_WME | ME_WAITTANG)); ++} ++#endif // _WIN32 ++ + /* + Open a (new) log file. + +@@ -1983,8 +2050,18 @@ bool MYSQL_LOG::open(const char *log_name, enum_log_type log_type_arg, + db[0]= 0; + + if ((file= my_open(log_file_name, open_flags, +- MYF(MY_WME | ME_WAITTANG))) < 0 || +- init_io_cache(&log_file, file, IO_SIZE, io_cache_type, ++ MYF(MY_WME | ME_WAITTANG))) < 0) ++ goto err; ++ ++#ifndef _WIN32 ++ /* Reopen and validate path. */ ++ if ((log_type_arg == LOG_UNKNOWN || log_type_arg == LOG_NORMAL) && ++ (file= mysql_file_real_name_reopen(file, ++ open_flags, ++ log_file_name)) < 0) ++ goto err; ++#endif // _WIN32 ++ if (init_io_cache(&log_file, file, IO_SIZE, io_cache_type, + my_tell(file, MYF(MY_WME)), 0, + MYF(MY_WME | MY_NABP | + ((log_type == LOG_BIN) ? MY_WAIT_IF_FULL : 0)))) +diff --git a/sql/log.h b/sql/log.h +index 02721f1..5354447 100644 +--- a/sql/log.h ++++ b/sql/log.h +@@ -605,4 +605,14 @@ extern TYPELIB binlog_format_typelib; + + int query_error_code(THD *thd, bool not_killed); + ++/** ++ Check given log name against certain blacklisted names/extensions. ++ ++ @param name Log name to check ++ @param len Length of log name ++ ++ @returns true if name is valid, false otherwise. ++*/ ++bool is_valid_log_name(const char *name, size_t len); ++ + #endif /* LOG_H */ +diff --git a/sql/mysqld.cc b/sql/mysqld.cc +index 41cef57..aa1dab4 100644 +--- a/sql/mysqld.cc ++++ b/sql/mysqld.cc +@@ -3458,6 +3458,22 @@ static int init_common_variables(const char *conf_file_name, int argc, + "--log_slow_queries option, log tables are used. " + "To enable logging to files use the --log-output=file option."); + ++ if (opt_logname && ++ !is_valid_log_name(opt_logname, strlen(opt_logname))) ++ { ++ sql_print_error("Invalid value for --general_log_file: %s", ++ opt_logname); ++ return 1; ++ } ++ ++ if (opt_slow_logname && ++ !is_valid_log_name(opt_slow_logname, strlen(opt_slow_logname))) ++ { ++ sql_print_error("Invalid value for --slow_query_log_file: %s", ++ opt_slow_logname); ++ return 1; ++ } ++ + s= opt_logname ? opt_logname : make_default_log_name(buff, ".log"); + sys_var_general_log_path.value= my_strdup(s, MYF(0)); + sys_var_general_log_path.value_length= strlen(s); +diff --git a/sql/set_var.cc b/sql/set_var.cc +index f4035ed..73727c8 100644 +--- a/sql/set_var.cc ++++ b/sql/set_var.cc +@@ -2493,6 +2493,11 @@ static int sys_check_log_path(THD *thd, set_var *var) + log_file_str= res->c_ptr(); + bzero(&f_stat, sizeof(MY_STAT)); + ++ if (!is_valid_log_name(log_file_str, strlen(log_file_str))) ++ { ++ goto err; ++ } ++ + path_length= unpack_filename(path, log_file_str); + + if (!path_length) +-- +2.7.4 + diff --git a/mysql-cve-2016-6663.patch b/mysql-cve-2016-6663.patch new file mode 100644 index 0000000..760d980 --- /dev/null +++ b/mysql-cve-2016-6663.patch @@ -0,0 +1,322 @@ +From b66f369e343e3b7c4920512d6eac427f23ae3b89 Mon Sep 17 00:00:00 2001 +From: Honza Horak +Date: Thu, 8 Dec 2016 10:31:58 +0100 +Subject: [PATCH] Bug#24388746: PRIVILEGE ESCALATION AND RACE CONDITION USING + CREATE TABLE + +MySQL 5.1 upstream backport of: +https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 + +During REPAIR TABLE of a MyISAM table, a temporary data file (.TMD) +is created. When repair finishes, this file is renamed to the original +.MYD file. The problem was that during this rename, we copied the +stats from the old file to the new file with chmod/chown. If a user +managed to replace the temporary file before chmod/chown was executed, +it was possible to get an arbitrary file with the privileges of the +mysql user. + +This patch fixes the problem by not copying stats from the old +file to the new file. This is not needed as the new file was +created with the correct stats. This fix only changes server +behavior - external utilities such as myisamchk still does +chmod/chown. + +No test case provided since the problem involves synchronization +with file system operations. +--- + include/my_sys.h | 1 + + include/myisam.h | 9 +++++---- + mysys/my_redel.c | 10 ++++++++-- + storage/myisam/ha_myisam.cc | 24 ++++++++++++++++++++---- + storage/myisam/mi_check.c | 39 ++++++++++++++++++++++++++++----------- + storage/myisam/myisamchk.c | 14 +++++++++----- + 6 files changed, 71 insertions(+), 26 deletions(-) + +diff --git a/include/my_sys.h b/include/my_sys.h +index a2742e4..2620168 100644 +--- a/include/my_sys.h ++++ b/include/my_sys.h +@@ -72,6 +72,7 @@ extern int NEAR my_errno; /* Last error in mysys */ + #define MY_RESOLVE_LINK 128 /* my_realpath(); Only resolve links */ + #define MY_HOLD_ORIGINAL_MODES 128 /* my_copy() holds to file modes */ + #define MY_REDEL_MAKE_BACKUP 256 ++#define MY_REDEL_NO_COPY_STAT 512 /* my_redel() doesn't call my_copystat() */ + #define MY_SEEK_NOT_DONE 32 /* my_lock may have to do a seek */ + #define MY_DONT_WAIT 64 /* my_lock() don't wait if can't lock */ + #define MY_ZEROFILL 32 /* my_malloc(), fill array with zero */ +diff --git a/include/myisam.h b/include/myisam.h +index 92e6699..5ae177c 100644 +--- a/include/myisam.h ++++ b/include/myisam.h +@@ -498,12 +498,13 @@ int chk_size(MI_CHECK *param, MI_INFO *info); + int chk_key(MI_CHECK *param, MI_INFO *info); + int chk_data_link(MI_CHECK *param, MI_INFO *info,int extend); + int mi_repair(MI_CHECK *param, register MI_INFO *info, +- char * name, int rep_quick); +-int mi_sort_index(MI_CHECK *param, register MI_INFO *info, char * name); ++ char * name, int rep_quick, my_bool no_copy_stat); ++int mi_sort_index(MI_CHECK *param, register MI_INFO *info, char * name, ++ my_bool no_copy_stat); + int mi_repair_by_sort(MI_CHECK *param, register MI_INFO *info, +- const char * name, int rep_quick); ++ const char * name, int rep_quick, my_bool no_copy_stat); + int mi_repair_parallel(MI_CHECK *param, register MI_INFO *info, +- const char * name, int rep_quick); ++ const char * name, int rep_quick, my_bool no_copy_stat); + int change_to_newfile(const char * filename, const char * old_ext, + const char * new_ext, uint raid_chunks, + myf myflags); +diff --git a/mysys/my_redel.c b/mysys/my_redel.c +index f8d43d2..0859696 100644 +--- a/mysys/my_redel.c ++++ b/mysys/my_redel.c +@@ -37,6 +37,9 @@ struct utimbuf { + + if MY_REDEL_MAKE_COPY is given, then the orginal file + is renamed to org_name-'current_time'.BAK ++ ++ if MY_REDEL_NO_COPY_STAT is given, stats are not copied ++ from org_name to tmp_name. + */ + + #define REDEL_EXT ".BAK" +@@ -48,8 +51,11 @@ int my_redel(const char *org_name, const char *tmp_name, myf MyFlags) + DBUG_PRINT("my",("org_name: '%s' tmp_name: '%s' MyFlags: %d", + org_name,tmp_name,MyFlags)); + +- if (my_copystat(org_name,tmp_name,MyFlags) < 0) +- goto end; ++ if (!(MyFlags & MY_REDEL_NO_COPY_STAT)) ++ { ++ if (my_copystat(org_name,tmp_name,MyFlags) < 0) ++ goto end; ++ } + if (MyFlags & MY_REDEL_MAKE_BACKUP) + { + char name_buff[FN_REFLEN+20]; +diff --git a/storage/myisam/ha_myisam.cc b/storage/myisam/ha_myisam.cc +index 173dc35..9a561f5 100644 +--- a/storage/myisam/ha_myisam.cc ++++ b/storage/myisam/ha_myisam.cc +@@ -1159,24 +1159,36 @@ int ha_myisam::repair(THD *thd, MI_CHECK ¶m, bool do_optimize) + /* TODO: respect myisam_repair_threads variable */ + my_snprintf(buf, 40, "Repair with %d threads", my_count_bits(key_map)); + thd_proc_info(thd, buf); ++ /* ++ * The new file is created with the right stats, so we can skip ++ * copying file stats from old to new. ++ */ + error = mi_repair_parallel(¶m, file, fixed_name, +- param.testflag & T_QUICK); ++ param.testflag & T_QUICK, TRUE); + thd_proc_info(thd, "Repair done"); // to reset proc_info, as + // it was pointing to local buffer + } + else + { + thd_proc_info(thd, "Repair by sorting"); ++ /* ++ * The new file is created with the right stats, so we can skip ++ * copying file stats from old to new. ++ */ + error = mi_repair_by_sort(¶m, file, fixed_name, +- param.testflag & T_QUICK); ++ param.testflag & T_QUICK, TRUE); + } + } + else + { + thd_proc_info(thd, "Repair with keycache"); + param.testflag &= ~T_REP_BY_SORT; ++ /* ++ * The new file is created with the right stats, so we can skip ++ * copying file stats from old to new. ++ */ + error= mi_repair(¶m, file, fixed_name, +- param.testflag & T_QUICK); ++ param.testflag & T_QUICK, TRUE); + } + #ifdef HAVE_MMAP + if (remap) +@@ -1192,7 +1204,11 @@ int ha_myisam::repair(THD *thd, MI_CHECK ¶m, bool do_optimize) + { + optimize_done=1; + thd_proc_info(thd, "Sorting index"); +- error=mi_sort_index(¶m,file,fixed_name); ++ /* ++ * The new file is created with the right stats, so we can skip ++ * copying file stats from old to new. ++ */ ++ error=mi_sort_index(¶m,file,fixed_name, TRUE); + } + if (!statistics_done && (local_testflag & T_STATISTICS)) + { +diff --git a/storage/myisam/mi_check.c b/storage/myisam/mi_check.c +index 698c1f3..b071061 100644 +--- a/storage/myisam/mi_check.c ++++ b/storage/myisam/mi_check.c +@@ -1520,7 +1520,7 @@ static int mi_drop_all_indexes(MI_CHECK *param, MI_INFO *info, my_bool force) + /* Save new datafile-name in temp_filename */ + + int mi_repair(MI_CHECK *param, register MI_INFO *info, +- char * name, int rep_quick) ++ char * name, int rep_quick, my_bool no_copy_stat) + { + int error,got_error; + ha_rows start_records,new_header_length; +@@ -1736,12 +1736,16 @@ err: + /* Replace the actual file with the temporary file */ + if (new_file >= 0) + { ++ myf flags= 0; ++ if (param->testflag & T_BACKUP_DATA) ++ flags |= MY_REDEL_MAKE_BACKUP; ++ if (no_copy_stat) ++ flags |= MY_REDEL_NO_COPY_STAT; + my_close(new_file,MYF(0)); + info->dfile=new_file= -1; + if (change_to_newfile(share->data_file_name,MI_NAME_DEXT, + DATA_TMP_EXT, share->base.raid_chunks, +- (param->testflag & T_BACKUP_DATA ? +- MYF(MY_REDEL_MAKE_BACKUP): MYF(0))) || ++ flags) || + mi_open_datafile(info,share,name,-1)) + got_error=1; + +@@ -1931,7 +1935,8 @@ int flush_blocks(MI_CHECK *param, KEY_CACHE *key_cache, File file) + + /* Sort index for more efficent reads */ + +-int mi_sort_index(MI_CHECK *param, register MI_INFO *info, char * name) ++int mi_sort_index(MI_CHECK *param, register MI_INFO *info, char * name, ++ my_bool no_copy_stat) + { + reg2 uint key; + reg1 MI_KEYDEF *keyinfo; +@@ -2000,7 +2005,7 @@ int mi_sort_index(MI_CHECK *param, register MI_INFO *info, char * name) + share->kfile = -1; + VOID(my_close(new_file,MYF(MY_WME))); + if (change_to_newfile(share->index_file_name,MI_NAME_IEXT,INDEX_TMP_EXT,0, +- MYF(0)) || ++ no_copy_stat ? MYF(MY_REDEL_NO_COPY_STAT) : MYF(0)) || + mi_open_keyfile(share)) + goto err2; + info->lock_type= F_UNLCK; /* Force mi_readinfo to lock */ +@@ -2213,6 +2218,8 @@ err: + info MyISAM handler to repair + name Name of table (for warnings) + rep_quick set to <> 0 if we should not change data file ++ no_copy_stat Don't copy file stats from old to new file, ++ assume that new file was created with correct stats + + RESULT + 0 ok +@@ -2220,7 +2227,7 @@ err: + */ + + int mi_repair_by_sort(MI_CHECK *param, register MI_INFO *info, +- const char * name, int rep_quick) ++ const char * name, int rep_quick, my_bool no_copy_stat) + { + int got_error; + uint i; +@@ -2549,12 +2556,16 @@ err: + /* Replace the actual file with the temporary file */ + if (new_file >= 0) + { ++ myf flags= 0; ++ if (param->testflag & T_BACKUP_DATA) ++ flags |= MY_REDEL_MAKE_BACKUP; ++ if (no_copy_stat) ++ flags |= MY_REDEL_NO_COPY_STAT; + my_close(new_file,MYF(0)); + info->dfile=new_file= -1; + if (change_to_newfile(share->data_file_name,MI_NAME_DEXT, + DATA_TMP_EXT, share->base.raid_chunks, +- (param->testflag & T_BACKUP_DATA ? +- MYF(MY_REDEL_MAKE_BACKUP): MYF(0))) || ++ flags) || + mi_open_datafile(info,share,name,-1)) + got_error=1; + } +@@ -2604,6 +2615,8 @@ err: + info MyISAM handler to repair + name Name of table (for warnings) + rep_quick set to <> 0 if we should not change data file ++ no_copy_stat Don't copy file stats from old to new file, ++ assume that new file was created with correct stats + + DESCRIPTION + Same as mi_repair_by_sort but do it multithreaded +@@ -2638,7 +2651,7 @@ err: + */ + + int mi_repair_parallel(MI_CHECK *param, register MI_INFO *info, +- const char * name, int rep_quick) ++ const char * name, int rep_quick, my_bool no_copy_stat) + { + #ifndef THREAD + return mi_repair_by_sort(param, info, name, rep_quick); +@@ -3086,12 +3099,16 @@ err: + /* Replace the actual file with the temporary file */ + if (new_file >= 0) + { ++ myf flags= 0; ++ if (param->testflag & T_BACKUP_DATA) ++ flags |= MY_REDEL_MAKE_BACKUP; ++ if (no_copy_stat) ++ flags |= MY_REDEL_NO_COPY_STAT; + my_close(new_file,MYF(0)); + info->dfile=new_file= -1; + if (change_to_newfile(share->data_file_name,MI_NAME_DEXT, + DATA_TMP_EXT, share->base.raid_chunks, +- (param->testflag & T_BACKUP_DATA ? +- MYF(MY_REDEL_MAKE_BACKUP): MYF(0))) || ++ flags) || + mi_open_datafile(info,share,name,-1)) + got_error=1; + } +diff --git a/storage/myisam/myisamchk.c b/storage/myisam/myisamchk.c +index 282a02a..bd14c34 100644 +--- a/storage/myisam/myisamchk.c ++++ b/storage/myisam/myisamchk.c +@@ -1020,14 +1020,18 @@ static int myisamchk(MI_CHECK *param, char * filename) + info->s->state.key_map, + param->force_sort)) + { ++ /* ++ The new file might not be created with the right stats depending ++ on how myisamchk is run, so we must copy file stats from old to new. ++ */ + if (param->testflag & T_REP_BY_SORT) +- error=mi_repair_by_sort(param,info,filename,rep_quick); ++ error=mi_repair_by_sort(param,info,filename,rep_quick,FALSE); + else +- error=mi_repair_parallel(param,info,filename,rep_quick); ++ error=mi_repair_parallel(param,info,filename,rep_quick,FALSE); + state_updated=1; + } + else if (param->testflag & T_REP_ANY) +- error=mi_repair(param, info,filename,rep_quick); ++ error=mi_repair(param, info,filename,rep_quick,FALSE); + } + if (!error && param->testflag & T_SORT_RECORDS) + { +@@ -1069,12 +1073,12 @@ static int myisamchk(MI_CHECK *param, char * filename) + { + if (param->verbose) + puts("Table had a compressed index; We must now recreate the index"); +- error=mi_repair_by_sort(param,info,filename,1); ++ error=mi_repair_by_sort(param,info,filename,1,FALSE); + } + } + } + if (!error && param->testflag & T_SORT_INDEX) +- error=mi_sort_index(param,info,filename); ++ error=mi_sort_index(param,info,filename,FALSE); + if (!error) + share->state.changed&= ~(STATE_CHANGED | STATE_CRASHED | + STATE_CRASHED_ON_REPAIR); +-- +2.7.4 + diff --git a/mysql-dh1024.patch b/mysql-dh1024.patch new file mode 100644 index 0000000..fed7cf8 --- /dev/null +++ b/mysql-dh1024.patch @@ -0,0 +1,104 @@ +diff -rup mysql-5.1.73.orig/include/violite.h mysql-5.1.73/include/violite.h +--- mysql-5.1.73.orig/include/violite.h 2013-11-04 13:52:27.000000000 -0500 ++++ mysql-5.1.73/include/violite.h 2015-06-15 10:07:58.366985983 -0400 +@@ -118,7 +118,7 @@ enum enum_ssl_init_error + { + SSL_INITERR_NOERROR= 0, SSL_INITERR_CERT, SSL_INITERR_KEY, + SSL_INITERR_NOMATCH, SSL_INITERR_BAD_PATHS, SSL_INITERR_CIPHERS, +- SSL_INITERR_MEMFAIL, SSL_INITERR_LASTERR ++ SSL_INITERR_MEMFAIL, SSL_INITERR_DHFAIL, SSL_INITERR_LASTERR + }; + const char* sslGetErrString(enum enum_ssl_init_error err); + +diff -rup mysql-5.1.73.orig/vio/viosslfactories.c mysql-5.1.73/vio/viosslfactories.c +--- mysql-5.1.73.orig/vio/viosslfactories.c 2015-06-15 10:07:04.870976371 -0400 ++++ mysql-5.1.73/vio/viosslfactories.c 2015-06-15 10:25:37.759373094 -0400 +@@ -22,27 +22,45 @@ + static my_bool ssl_algorithms_added = FALSE; + static my_bool ssl_error_strings_loaded= FALSE; + +-static unsigned char dh512_p[]= +-{ +- 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75, +- 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F, +- 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3, +- 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12, +- 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C, +- 0x47,0x74,0xE8,0x33, ++/* ++ Diffie-Hellman key. ++ Generated using: >openssl dhparam -5 -C 1024 ++ ++ -----BEGIN DH PARAMETERS----- ++ MIIBCAKCAQEAil36wGZ2TmH6ysA3V1xtP4MKofXx5n88xq/aiybmGnReZMviCPEJ ++ 46+7VCktl/RZ5iaDH1XNG1dVQmznt9pu2G3usU+k1/VB4bQL4ZgW4u0Wzxh9PyXD ++ glm99I9Xyj4Z5PVE4MyAsxCRGA1kWQpD9/zKAegUBPLNqSo886Uqg9hmn8ksyU9E ++ BV5eAEciCuawh6V0O+Sj/C3cSfLhgA0GcXp3OqlmcDu6jS5gWjn3LdP1U0duVxMB ++ h/neTSCSvtce4CAMYMjKNVh9P1nu+2d9ZH2Od2xhRIqMTfAS1KTqF3VmSWzPFCjG ++ mjxx/bg6bOOjpgZapvB6ABWlWmRmAAWFtwIBBQ== ++ -----END DH PARAMETERS----- ++ */ ++static unsigned char dh1024_p[]= ++{ ++ 0x8F,0xF8,0xDD,0xDD,0x5A,0xC2,0xC1,0xB1,0xE6,0x94,0x57,0x25, ++ 0x04,0xD0,0x81,0xF1,0x1B,0x93,0x0F,0x7C,0x8E,0xD2,0x72,0xC4, ++ 0xE6,0x8A,0x14,0x2C,0xCE,0x42,0x45,0x0D,0x82,0xD1,0x9D,0x91, ++ 0xD7,0x29,0x1D,0x24,0xC0,0x2B,0xB8,0xC6,0x94,0xC9,0xE7,0xA0, ++ 0x32,0xA7,0x38,0xC5,0xD1,0xBA,0xB8,0x5F,0x3A,0x20,0x73,0x32, ++ 0x52,0x79,0x54,0x23,0xB6,0x09,0x59,0x4C,0xC7,0x8D,0x20,0x09, ++ 0x9F,0x3D,0x2B,0x1A,0xF9,0xF7,0x82,0x91,0x2A,0x41,0xC0,0xB7, ++ 0x4C,0xBD,0xE5,0x75,0xAE,0x3A,0x31,0x70,0x14,0x26,0xCD,0x2C, ++ 0xC3,0xBA,0xFB,0x6F,0x18,0xA7,0xD1,0x3F,0xEE,0xE0,0x89,0x72, ++ 0x47,0xB0,0x7A,0x52,0x99,0x93,0xEA,0x3B,0x47,0xCF,0x4E,0xFE, ++ 0x15,0x8E,0xAC,0x2D,0x16,0xC4,0x71,0x7F, + }; + +-static unsigned char dh512_g[]={ +- 0x02, ++static unsigned char dh1024_g[]={ ++ 0x05, + }; + +-static DH *get_dh512(void) ++static DH *get_dh1024(void) + { + DH *dh; + if ((dh=DH_new())) + { +- dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL); +- dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL); ++ dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL); ++ dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL); + if (! dh->p || ! dh->g) + { + DH_free(dh); +@@ -83,7 +101,8 @@ ssl_error_string[] = + "Private key does not match the certificate public key", + "SSL_CTX_set_default_verify_paths failed", + "Failed to set ciphers to use", +- "SSL_CTX_new failed" ++ "SSL_CTX_new failed", ++ "SSL_CTX_set_tmp_dh failed" + }; + + const char* +@@ -291,8 +310,17 @@ new_VioSSLFd(const char *key_file, const + } + + /* DH stuff */ +- dh=get_dh512(); +- SSL_CTX_set_tmp_dh(ssl_fd->ssl_context, dh); ++ dh=get_dh1024(); ++ if (SSL_CTX_set_tmp_dh(ssl_fd->ssl_context, dh) == 0) ++ { ++ *error= SSL_INITERR_DHFAIL; ++ DBUG_PRINT("error", ("%s", sslGetErrString(*error))); ++ report_errors(); ++ DH_free(dh); ++ SSL_CTX_free(ssl_fd->ssl_context); ++ my_free((void*)ssl_fd,MYF(0)); ++ DBUG_RETURN(0); ++ } + DH_free(dh); + + DBUG_PRINT("exit", ("OK 1")); diff --git a/mysql-disable-test.patch b/mysql-disable-test.patch new file mode 100644 index 0000000..6c49e17 --- /dev/null +++ b/mysql-disable-test.patch @@ -0,0 +1,16 @@ +Disable the outfile_loaddata test, which as of 5.1.38 is giving +platform-dependent results, with the "expected" results being arguably the +wrong ones. This is upstream at http://bugs.mysql.com/bug.php?id=46895 +(note that upstream has also disabled it, but only for Solaris, so we still +need this patch). + + +diff -Naur mysql-5.1.61.orig/mysql-test/t/disabled.def mysql-5.1.61/mysql-test/t/disabled.def +--- mysql-5.1.61.orig/mysql-test/t/disabled.def 2011-12-16 14:16:53.000000000 -0500 ++++ mysql-5.1.61/mysql-test/t/disabled.def 2012-02-03 15:36:34.918740979 -0500 +@@ -13,3 +13,5 @@ + read_many_rows_innodb : Bug#11748886 2010-11-15 mattiasj report already exists + main.log_tables-big : Bug#11756699 2010-11-15 mattiasj report already exists + query_cache_28249 : Bug#12584161 2011-11-17 joh fails sporadically in 5.1 only ++# ++outfile_loaddata : bug#46895 code wrong, expected results wrong too diff --git a/mysql-dump-log-tables.patch b/mysql-dump-log-tables.patch new file mode 100644 index 0000000..b54162f --- /dev/null +++ b/mysql-dump-log-tables.patch @@ -0,0 +1,129 @@ +mysqldump assumed the existence of the general_log and slow_log +tables in the mysql database. It failed if invoked to dump tables +from an older server where these tables do not exist. + +Upstream bug report http://bugs.mysql.com/bug.php?id=65670 +RHBZ#877577 + +diff -up mysql-5.1.70/client/mysqldump.c.bug877557upstream mysql-5.1.70/client/mysqldump.c +--- mysql-5.1.70/client/mysqldump.c.bug877557upstream 2013-05-13 15:33:33.000000000 +0200 ++++ mysql-5.1.70/client/mysqldump.c 2013-08-01 12:38:12.225403859 +0200 +@@ -84,14 +84,6 @@ + #define IGNORE_DATA 0x01 /* don't dump data for this table */ + #define IGNORE_INSERT_DELAYED 0x02 /* table doesn't support INSERT DELAYED */ + +-/* general_log or slow_log tables under mysql database */ +-static inline my_bool general_log_or_slow_log_tables(const char *db, +- const char *table) +-{ +- return (strcmp(db, "mysql") == 0) && +- ((strcmp(table, "general_log") == 0) || +- (strcmp(table, "slow_log") == 0)); +-} + + static void add_load_option(DYNAMIC_STRING *str, const char *option, + const char *option_value); +@@ -2432,6 +2424,15 @@ static uint dump_routines_for_db(char *d + DBUG_RETURN(0); + } + ++/* general_log or slow_log tables under mysql database */ ++static inline my_bool general_log_or_slow_log_tables(const char *db, ++ const char *table) ++{ ++ return (!my_strcasecmp(charset_info, db, "mysql")) && ++ (!my_strcasecmp(charset_info, table, "general_log") || ++ !my_strcasecmp(charset_info, table, "slow_log")); ++} ++ + /* + get_table_structure -- retrievs database structure, prints out corresponding + CREATE statement and fills out insert_pat if the table is the type we will +@@ -4282,7 +4283,8 @@ static int dump_all_tables_in_db(char *d + char table_buff[NAME_LEN*2+3]; + char hash_key[2*NAME_LEN+2]; /* "db.tablename" */ + char *afterdot; +- int using_mysql_db= my_strcasecmp(&my_charset_latin1, database, "mysql"); ++ my_bool general_log_table_exists= 0, slow_log_table_exists=0; ++ int using_mysql_db= !my_strcasecmp(charset_info, database, "mysql"); + DBUG_ENTER("dump_all_tables_in_db"); + + afterdot= strmov(hash_key, database); +@@ -4293,22 +4295,6 @@ static int dump_all_tables_in_db(char *d + if (opt_xml) + print_xml_tag(md_result_file, "", "\n", "database", "name=", database, NullS); + +- if (strcmp(database, "mysql") == 0) +- { +- char table_type[NAME_LEN]; +- char ignore_flag; +- uint num_fields; +- num_fields= get_table_structure((char *) "general_log", +- database, table_type, &ignore_flag); +- if (num_fields == 0) +- verbose_msg("-- Warning: get_table_structure() failed with some internal " +- "error for 'general_log' table\n"); +- num_fields= get_table_structure((char *) "slow_log", +- database, table_type, &ignore_flag); +- if (num_fields == 0) +- verbose_msg("-- Warning: get_table_structure() failed with some internal " +- "error for 'slow_log' table\n"); +- } + if (lock_tables) + { + DYNAMIC_STRING query; +@@ -4352,6 +4338,26 @@ static int dump_all_tables_in_db(char *d + } + } + } ++ else ++ { ++ /* ++ If general_log and slow_log exists in the 'mysql' database, ++ we should dump the table structure. But we cannot ++ call get_table_structure() here as 'LOCK TABLES' query got executed ++ above on the session and that 'LOCK TABLES' query does not contain ++ 'general_log' and 'slow_log' tables. (you cannot acquire lock ++ on log tables). Hence mark the existence of these log tables here and ++ after 'UNLOCK TABLES' query is executed on the session, get the table ++ structure from server and dump it in the file. ++ */ ++ if (using_mysql_db) ++ { ++ if (!my_strcasecmp(charset_info, table, "general_log")) ++ general_log_table_exists= 1; ++ else if (!my_strcasecmp(charset_info, table, "slow_log")) ++ slow_log_table_exists= 1; ++ } ++ } + } + if (opt_events && mysql_get_server_version(mysql) >= 50106) + { +@@ -4370,7 +4376,26 @@ static int dump_all_tables_in_db(char *d + } + if (lock_tables) + VOID(mysql_query_with_error_report(mysql, 0, "UNLOCK TABLES")); +- if (flush_privileges && using_mysql_db == 0) ++ if (using_mysql_db) ++ { ++ char table_type[NAME_LEN]; ++ char ignore_flag; ++ if (general_log_table_exists) ++ { ++ if (!get_table_structure((char *) "general_log", ++ database, table_type, &ignore_flag) ) ++ verbose_msg("-- Warning: get_table_structure() failed with some internal " ++ "error for 'general_log' table\n"); ++ } ++ if (slow_log_table_exists) ++ { ++ if (!get_table_structure((char *) "slow_log", ++ database, table_type, &ignore_flag) ) ++ verbose_msg("-- Warning: get_table_structure() failed with some internal " ++ "error for 'slow_log' table\n"); ++ } ++ } ++ if (flush_privileges && using_mysql_db) + { + fprintf(md_result_file,"\n--\n-- Flush Grant Tables \n--\n"); + fprintf(md_result_file,"\n/*! FLUSH PRIVILEGES */;\n"); diff --git a/mysql-expired-certs.patch b/mysql-expired-certs.patch new file mode 100644 index 0000000..acd3a78 --- /dev/null +++ b/mysql-expired-certs.patch @@ -0,0 +1,555 @@ +Upstream insists on generating SSL testing certificates with relatively short +lifespan, which has repeatedly caused problems (ie, one day the regression +tests suddenly stop working). Replace them with certificates with 20-year +lifespan. We should periodically regenerate these, too, but at least not +very often. + + +diff -Naur mysql-5.1.50.orig/mysql-test/std_data/cacert.pem mysql-5.1.50/mysql-test/std_data/cacert.pem +--- mysql-5.1.50.orig/mysql-test/std_data/cacert.pem 2010-08-03 13:55:04.000000000 -0400 ++++ mysql-5.1.50/mysql-test/std_data/cacert.pem 2010-08-27 23:42:05.751428144 -0400 +@@ -1,17 +1,22 @@ + -----BEGIN CERTIFICATE----- +-MIICrTCCAhagAwIBAgIJAMI7xZKjhrDbMA0GCSqGSIb3DQEBBAUAMEQxCzAJBgNV ++MIIDsjCCApqgAwIBAgIJAL5YrUwfPSWVMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV + BAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxhMRAwDgYDVQQHEwdVcHBzYWxhMREwDwYD +-VQQKEwhNeVNRTCBBQjAeFw0xMDAxMjkxMTQ3MTBaFw0xNTAxMjgxMTQ3MTBaMEQx ++VQQKEwhNeVNRTCBBQjAeFw0xMDAxMjkwNTU5NTNaFw0xNTAxMjgwNTU5NTNaMEQx + CzAJBgNVBAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxhMRAwDgYDVQQHEwdVcHBzYWxh +-MREwDwYDVQQKEwhNeVNRTCBBQjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA +-wQYsOEfrN4ESP3FjsI8cghE+tZVuyK2gck61lwieVxjgFMtBd65mI5a1y9pmlOI1 +-yM4SB2Ppqcuw7/e1CdV1y7lvHrGNt5yqEHbN4QX1gvsN8TQauP/2WILturk4R4Hq +-rKg0ZySu7f1Xhl0ed9a48LpaEHD17IcxWEGMMJwAxF0CAwEAAaOBpjCBozAMBgNV +-HRMEBTADAQH/MB0GA1UdDgQWBBSvktYQ0ahLnyxyVKqty+WpBbBrDTB0BgNVHSME +-bTBrgBSvktYQ0ahLnyxyVKqty+WpBbBrDaFIpEYwRDELMAkGA1UEBhMCU0UxEDAO +-BgNVBAgTB1VwcHNhbGExEDAOBgNVBAcTB1VwcHNhbGExETAPBgNVBAoTCE15U1FM +-IEFCggkAwjvFkqOGsNswDQYJKoZIhvcNAQEEBQADgYEAdKN1PjwMHAKG2Ww1145g +-JQGBnKxSFOUaoSvkBi/4ntTM+ysnViWh7WvxyWjR9zU9arfr7aqsDeQxm0XDOqzj +-AQ/cQIla2/Li8tXyfc06bisH/IHRaSc2zWqioTKbEwMdVOdrvq4a8V8ic3xYyIWn +-7F4WeS07J8LKardSvM0+hOA= ++MREwDwYDVQQKEwhNeVNRTCBBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ++ggEBAL6kNN4peX7uhK9rb06W/QbPEpVuejmdWdl2PqMshP/eSuXXw7kwVgfpxx9R ++vC000CKQQSG9MCoZjtqPnFRsetmWLZgApRpEalGXTXJqq9sEbCfoFizg94U8G7d2 ++u5XJjLVmcG34ru36KoBgVx1zeH1puBAf8dOzrE4L7Y+ZQBFzFohjh8C2LqWC4nM5 ++qsLmOkDWMipGqYU5DvkKjIbTbwTyRNRgZHWSPfVDDPUIUOsY4BGUp2DpgeGY9aEv ++lIs57Ev9JqlIUCV65lOhhDkG+xwmkHKHA+ECEU9cALI8+uXbh48MB9XpMOuk408X ++/lX89aZwD0/G9kmObVGnE2G+H5UCAwEAAaOBpjCBozAdBgNVHQ4EFgQUsft+d7VA ++jWgRftkR5cPG2k2sUbAwdAYDVR0jBG0wa4AUsft+d7VAjWgRftkR5cPG2k2sUbCh ++SKRGMEQxCzAJBgNVBAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxhMRAwDgYDVQQHEwdV ++cHBzYWxhMREwDwYDVQQKEwhNeVNRTCBBQoIJAL5YrUwfPSWVMAwGA1UdEwQFMAMB ++Af8wDQYJKoZIhvcNAQEFBQADggEBALRUOAmdL8R8sl1y8kiEiFgDatdXK5RDqWai ++8yZChfmwTIToHhmQsOEshJe2e8hky3huUj+33VyXjINoMbebIwMuXPwEkbJal8RZ ++nSJmF0jN1Qz7J/jFffwK9xmejWZJx49Kt2+Qwrwp6kDeq9TLFqQOoVczgyJPYsTL ++NAOib5WqTud3XWvCwxrhqmWu7JZq6sp1fomP/uunprb8y2miWfLESZN2mKAhm44Q ++Lws867LT8v2lskEjq2dT1LutD5+R66XcdjgSr0uDziDs64jZwCD6ea94hVFM7ej0 ++ZOXYeSEZJ56FjUxu632e9fY8NyMh30yKjjmQf1mM9PuGJvdvsWU= + -----END CERTIFICATE----- +diff -Naur mysql-5.1.50.orig/mysql-test/std_data/client-cert.pem mysql-5.1.50/mysql-test/std_data/client-cert.pem +--- mysql-5.1.50.orig/mysql-test/std_data/client-cert.pem 2010-08-03 13:55:04.000000000 -0400 ++++ mysql-5.1.50/mysql-test/std_data/client-cert.pem 2010-08-27 23:42:05.752428395 -0400 +@@ -1,46 +1,69 @@ + Certificate: + Data: +- Version: 1 (0x0) +- Serial Number: 1048577 (0x100001) +- Signature Algorithm: md5WithRSAEncryption ++ Version: 3 (0x2) ++ Serial Number: 6 (0x6) ++ Signature Algorithm: sha1WithRSAEncryption + Issuer: C=SE, ST=Uppsala, L=Uppsala, O=MySQL AB + Validity +- Not Before: Jan 29 11:50:22 2010 GMT +- Not After : Jan 28 11:50:22 2015 GMT ++ Not Before: Feb 20 03:03:26 2010 GMT ++ Not After : Sep 3 03:03:26 2030 GMT + Subject: C=SE, ST=Uppsala, O=MySQL AB + Subject Public Key Info: + Public Key Algorithm: rsaEncryption +- Public-Key: (1024 bit) +- Modulus: +- 00:cc:9a:37:49:13:66:dc:cf:e3:0b:13:a1:23:ed: +- 78:db:4e:bd:11:f6:8c:0d:76:f9:a3:32:56:9a:f8: +- a1:21:6a:55:4e:4d:3f:e6:67:9d:26:99:b2:cd:a4: +- 9a:d2:2b:59:5c:d7:8a:d3:60:68:f8:18:bd:c5:be: +- 15:e1:2a:3c:a3:d4:61:cb:f5:11:94:17:81:81:f7: +- 87:8c:f6:6a:d2:ee:d8:e6:77:f6:62:66:4d:2e:16: +- 8d:08:81:4a:c9:c6:4b:31:e5:b9:c7:8a:84:96:48: +- a7:47:8c:0d:26:90:56:4e:e6:a5:6e:8c:b3:f2:9f: +- fc:3d:78:9b:49:6e:86:83:77 ++ RSA Public Key: (1024 bit) ++ Modulus (1024 bit): ++ 00:c2:e7:20:cf:89:59:2f:67:cb:4c:9f:e8:11:f2: ++ 23:e5:f1:b1:ee:3f:66:5f:c3:f5:fd:1e:31:ee:8f: ++ 4c:2a:bd:c0:4a:a5:9f:c8:44:d5:77:8f:15:1b:4d: ++ 78:6e:b2:a2:48:a5:24:33:05:40:02:b3:c1:87:8d: ++ 59:3c:1a:07:aa:86:f0:04:e1:9c:20:4b:22:32:c4: ++ 51:9e:40:e4:31:c3:57:f5:98:bf:2e:b1:fd:2c:56: ++ bf:49:d9:9b:e7:17:cc:95:5f:b5:08:19:5e:9d:df: ++ 65:22:39:2c:48:fb:69:96:31:7a:35:4d:de:60:b4: ++ c1:60:19:5f:96:56:7e:55:19 + Exponent: 65537 (0x10001) +- Signature Algorithm: md5WithRSAEncryption +- 5e:1f:a3:53:5f:24:13:1c:f8:28:32:b0:7f:69:69:f3:0e:c0: +- 34:87:10:03:7d:da:15:8b:bd:19:b8:1a:56:31:e7:85:49:81: +- c9:7f:45:20:74:3e:89:c0:e0:26:84:51:cc:04:16:ce:69:99: +- 01:e1:26:99:b3:e3:f5:bd:ec:5f:a0:84:e4:38:da:75:78:7b: +- 89:9c:d2:cd:60:95:20:ba:8e:e3:7c:e6:df:76:3a:7c:89:77: +- 02:94:86:11:3a:c4:61:7d:6f:71:83:21:8a:17:fb:17:e2:ee: +- 02:6b:61:c1:b4:52:63:d7:d8:46:b2:c5:9c:6f:38:91:8a:35: +- 32:0b ++ X509v3 extensions: ++ X509v3 Basic Constraints: ++ CA:FALSE ++ X509v3 Subject Key Identifier: ++ 8D:10:67:91:33:76:9C:02:E5:78:5D:D8:C5:EF:25:96:B2:D7:FA:1F ++ X509v3 Authority Key Identifier: ++ keyid:B1:FB:7E:77:B5:40:8D:68:11:7E:D9:11:E5:C3:C6:DA:4D:AC:51:B0 ++ DirName:/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB ++ serial:BE:58:AD:4C:1F:3D:25:95 ++ ++ Signature Algorithm: sha1WithRSAEncryption ++ a9:88:10:3e:5d:2a:47:29:c8:03:27:7a:31:5a:8e:10:03:bc: ++ b5:4e:37:1d:12:7b:eb:5f:50:71:70:b1:a3:8e:93:0e:77:17: ++ 6c:47:b6:c9:a4:4d:2a:c4:38:f0:61:55:b2:7f:28:ba:06:79: ++ ee:67:11:7d:d4:c9:7f:0a:18:c8:c1:cb:d0:2c:f9:63:0f:bb: ++ 45:ca:de:ea:bb:ac:00:01:52:48:36:2b:07:2b:c8:46:c7:b1: ++ 21:81:bd:77:39:e7:4c:39:aa:bd:ac:60:d8:a7:bf:cf:14:98: ++ 4a:0b:a1:40:55:06:8d:6f:35:a9:39:a0:71:a9:97:ba:7c:73: ++ 3c:41:ba:c5:1c:11:4b:2b:43:1d:2d:ba:7b:5f:14:b5:3d:64: ++ 62:15:36:b4:16:bd:78:c8:43:8d:f9:1c:a5:d2:ac:a1:58:74: ++ e1:99:de:ad:04:19:43:a8:bd:0a:fd:19:9b:50:44:46:6d:18: ++ 55:4d:bf:b4:5b:a4:93:62:c7:64:91:6c:54:34:d1:f8:f3:ff: ++ 12:6d:5f:85:e7:35:9e:5c:42:81:5e:fb:c8:bb:44:51:98:b2: ++ ef:1b:9f:5a:22:77:28:7d:da:fb:08:c2:94:9a:0f:42:08:93: ++ 54:10:1e:ad:f2:4f:fc:62:98:51:e9:9b:b9:3a:93:d9:e4:1f: ++ 1d:c4:76:d0 + -----BEGIN CERTIFICATE----- +-MIIB5zCCAVACAxAAATANBgkqhkiG9w0BAQQFADBEMQswCQYDVQQGEwJTRTEQMA4G +-A1UECBMHVXBwc2FsYTEQMA4GA1UEBxMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwg +-QUIwHhcNMTAwMTI5MTE1MDIyWhcNMTUwMTI4MTE1MDIyWjAyMQswCQYDVQQGEwJT +-RTEQMA4GA1UECBMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwgQUIwgZ8wDQYJKoZI +-hvcNAQEBBQADgY0AMIGJAoGBAMyaN0kTZtzP4wsToSPteNtOvRH2jA12+aMyVpr4 +-oSFqVU5NP+ZnnSaZss2kmtIrWVzXitNgaPgYvcW+FeEqPKPUYcv1EZQXgYH3h4z2 +-atLu2OZ39mJmTS4WjQiBSsnGSzHluceKhJZIp0eMDSaQVk7mpW6Ms/Kf/D14m0lu +-hoN3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAXh+jU18kExz4KDKwf2lp8w7ANIcQ +-A33aFYu9GbgaVjHnhUmByX9FIHQ+icDgJoRRzAQWzmmZAeEmmbPj9b3sX6CE5Dja +-dXh7iZzSzWCVILqO43zm33Y6fIl3ApSGETrEYX1vcYMhihf7F+LuAmthwbRSY9fY +-RrLFnG84kYo1Mgs= ++MIIDETCCAfmgAwIBAgIBBjANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJTRTEQ ++MA4GA1UECBMHVXBwc2FsYTEQMA4GA1UEBxMHVXBwc2FsYTERMA8GA1UEChMITXlT ++UUwgQUIwHhcNMTAwMjIwMDMwMzI2WhcNMzAwOTAzMDMwMzI2WjAyMQswCQYDVQQG ++EwJTRTEQMA4GA1UECBMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwgQUIwgZ8wDQYJ ++KoZIhvcNAQEBBQADgY0AMIGJAoGBAMLnIM+JWS9ny0yf6BHyI+Xxse4/Zl/D9f0e ++Me6PTCq9wEqln8hE1XePFRtNeG6yokilJDMFQAKzwYeNWTwaB6qG8AThnCBLIjLE ++UZ5A5DHDV/WYvy6x/SxWv0nZm+cXzJVftQgZXp3fZSI5LEj7aZYxejVN3mC0wWAZ ++X5ZWflUZAgMBAAGjgaMwgaAwCQYDVR0TBAIwADAdBgNVHQ4EFgQUjRBnkTN2nALl ++eF3Yxe8llrLX+h8wdAYDVR0jBG0wa4AUsft+d7VAjWgRftkR5cPG2k2sUbChSKRG ++MEQxCzAJBgNVBAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxhMRAwDgYDVQQHEwdVcHBz ++YWxhMREwDwYDVQQKEwhNeVNRTCBBQoIJAL5YrUwfPSWVMA0GCSqGSIb3DQEBBQUA ++A4IBAQCpiBA+XSpHKcgDJ3oxWo4QA7y1TjcdEnvrX1BxcLGjjpMOdxdsR7bJpE0q ++xDjwYVWyfyi6BnnuZxF91Ml/ChjIwcvQLPljD7tFyt7qu6wAAVJINisHK8hGx7Eh ++gb13OedMOaq9rGDYp7/PFJhKC6FAVQaNbzWpOaBxqZe6fHM8QbrFHBFLK0MdLbp7 ++XxS1PWRiFTa0Fr14yEON+Ryl0qyhWHThmd6tBBlDqL0K/RmbUERGbRhVTb+0W6ST ++YsdkkWxUNNH48/8SbV+F5zWeXEKBXvvIu0RRmLLvG59aIncofdr7CMKUmg9CCJNU ++EB6t8k/8YphR6Zu5OpPZ5B8dxHbQ + -----END CERTIFICATE----- +diff -Naur mysql-5.1.50.orig/mysql-test/std_data/client-key.pem mysql-5.1.50/mysql-test/std_data/client-key.pem +--- mysql-5.1.50.orig/mysql-test/std_data/client-key.pem 2010-08-03 13:55:05.000000000 -0400 ++++ mysql-5.1.50/mysql-test/std_data/client-key.pem 2010-08-27 23:42:05.752428395 -0400 +@@ -1,15 +1,15 @@ + -----BEGIN RSA PRIVATE KEY----- +-MIICXQIBAAKBgQDMmjdJE2bcz+MLE6Ej7XjbTr0R9owNdvmjMlaa+KEhalVOTT/m +-Z50mmbLNpJrSK1lc14rTYGj4GL3FvhXhKjyj1GHL9RGUF4GB94eM9mrS7tjmd/Zi +-Zk0uFo0IgUrJxksx5bnHioSWSKdHjA0mkFZO5qVujLPyn/w9eJtJboaDdwIDAQAB +-AoGASqk/4We2En+93y3jkIO4pXafIe3w/3zZ7caRue1ehx4RUQh5d+95djuB9u7J +-HEZ7TpjM7QNyao5EueL6gvbxt0LXFvqAMni7yM9tt/HUYtHHPqYiRtUny9bKYFTm +-l8szCCMal/wD9GZU9ByHDNHm7tHUMyMhARNTYSgx+SERFmECQQD/6jJocC4SXf6f +-T3LqimWR02lbJ7qCoDgRglsUXh0zjrG+IIiAyE+QOCCx1GMe3Uw6bsIuYwdHT6as +-WcdPs04xAkEAzKulvEvLVvN5zfa/DTYRTV7jh6aDleOxjsD5oN/oJXoACnPzVuUL +-qQQMNtuAXm6Q1QItrRxpQsSKbY0UQka6JwJBAOSgoNoG5lIIYTKIMvzwGV+XBLeo +-HYsXgh+6Wo4uql3mLErUG78ZtWL9kc/tE4R+ZdyKGLaCR/1gXmH5bwN4B/ECQEBb +-uUH8k3REG4kojesZlVc+/00ojzgS4UKCa/yqa9VdB6ZBz8MDQydinnShkTwgiGpy +-xOoqhO753o2UT0qH8wECQQC99IEJWUnwvExVMkLaZH5NjAFJkb22sjkmuT11tAgU +-RQgOMoDOm6driojnOnDWOkx1r1Gy9NgMLooduja4v6cx ++MIICWwIBAAKBgQDC5yDPiVkvZ8tMn+gR8iPl8bHuP2Zfw/X9HjHuj0wqvcBKpZ/I ++RNV3jxUbTXhusqJIpSQzBUACs8GHjVk8GgeqhvAE4ZwgSyIyxFGeQOQxw1f1mL8u ++sf0sVr9J2ZvnF8yVX7UIGV6d32UiOSxI+2mWMXo1Td5gtMFgGV+WVn5VGQIDAQAB ++AoGARXcXLKDpVooJ3W+IyQyiWsw//IhANpWjUOm4JiyQmxMyO+i4ACr4Yjpu7WI5 ++MEseqAGj20NdwxjKO0PXsCIe5LmrGZ+SI8+CSERFOWXWRtCWz7y7SG30i1k6suvM ++mwqWom0tJLwn93uA1lm/WSwKQwUrJRahRQd3EaZqrl7DP5kCQQD/8gbuYAT5pxQe ++ULLGM0RvEsXxDYbEDxNbY5wrBazfklBwpumxZpFl6jEAT++7Kh2Ns3A7kB1oUNlA ++FPYr+dYPAkEAwvHEwRtoyUr8jqoqVVJWI76CDmBjEOzVeMKW97ztqbs2LxZW8dYI ++iOh/myFGpdoUwgu0U8w9MmXcj3ZeZCYKVwJALyQ+AJPw9qa+fuLwOq9gsHCtwrty ++EhSQxSlwrz/pWniRll439vPkXfgntF4E0t1r+hiN2Hqv3/HcQgBaYzkuIwJAG023 ++bACFxaOuCeFFepvEms8E8jSHy4gQQhCnCl24v8wLw76SQN7kZSCDNtwLRBFuVNtE ++z3PMonFn2eQPRmGZkwJAP1c1BHprMQx/ruafdscROILv3JrH40C1bR6KVVBKt1dK ++Qpnpgi7hK5rUQjDF8k3bn9ugTt06jyeHe/QhAml0kg== + -----END RSA PRIVATE KEY----- +diff -Naur mysql-5.1.50.orig/mysql-test/std_data/server-cert.pem mysql-5.1.50/mysql-test/std_data/server-cert.pem +--- mysql-5.1.50.orig/mysql-test/std_data/server-cert.pem 2010-08-03 13:55:08.000000000 -0400 ++++ mysql-5.1.50/mysql-test/std_data/server-cert.pem 2010-08-27 23:42:05.753428361 -0400 +@@ -1,41 +1,69 @@ + Certificate: + Data: +- Version: 1 (0x0) +- Serial Number: 1048578 (0x100002) +- Signature Algorithm: md5WithRSAEncryption ++ Version: 3 (0x2) ++ Serial Number: 4 (0x4) ++ Signature Algorithm: sha1WithRSAEncryption + Issuer: C=SE, ST=Uppsala, L=Uppsala, O=MySQL AB + Validity +- Not Before: Jan 29 11:56:49 2010 GMT +- Not After : Jan 28 11:56:49 2015 GMT ++ Not Before: Feb 20 02:55:06 2010 GMT ++ Not After : Sep 3 02:55:06 2030 GMT + Subject: C=SE, ST=Uppsala, O=MySQL AB, CN=localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption +- Public-Key: (512 bit) +- Modulus: +- 00:cd:e4:87:51:9d:72:11:a0:d1:fa:f3:92:8b:13: +- 1c:eb:f7:e2:9a:2f:72:a8:d6:65:48:d1:69:af:1b: +- c0:4c:13:e5:60:60:51:41:e9:ab:a6:bc:13:bb:0c: +- 5e:32:7c:d9:6c:9e:cd:05:24:84:78:db:80:91:2e: +- d8:88:2b:c2:ed ++ RSA Public Key: (1024 bit) ++ Modulus (1024 bit): ++ 00:e3:7d:4f:c2:23:77:a9:3a:2c:d2:69:59:a0:2f: ++ 4e:d1:51:4c:ae:8d:f5:17:cc:ce:58:9c:83:4f:0b: ++ a3:bb:29:a2:b8:1d:3e:1b:04:f9:a9:3e:e2:61:d0: ++ e6:7b:b9:7c:12:d8:1f:86:c9:53:b5:04:dd:df:26: ++ e9:c0:2b:de:4a:96:2e:f3:23:6f:79:6d:a9:d2:4e: ++ 17:af:2f:de:8b:68:44:ae:de:a3:e2:c4:37:1c:04: ++ ad:73:4b:85:f9:83:ac:fe:b7:c1:54:47:2e:96:d4: ++ 31:96:85:94:69:d6:5a:63:24:04:99:89:19:1d:56: ++ 8a:d1:77:aa:87:fb:38:cd:b7 + Exponent: 65537 (0x10001) +- Signature Algorithm: md5WithRSAEncryption +- 73:ce:9c:6e:39:46:b4:14:be:da:3f:f3:1b:ba:90:bc:23:43: +- d7:82:2a:70:4e:a6:d9:5a:65:5c:b7:df:71:df:75:77:c5:80: +- a4:af:fa:d2:59:e2:fd:c9:9c:f0:98:95:8e:69:a9:8c:7c:d8: +- 6f:48:d2:e3:36:e0:cd:ff:3f:d1:a5:e6:ab:75:09:c4:50:10: +- c4:96:dd:bf:3b:de:32:46:da:ca:4a:f1:d6:52:8a:33:2f:ab: +- f5:2e:70:3f:d4:9c:be:00:c8:03:f9:39:8a:df:5b:70:3c:40: +- ef:03:be:7c:3d:1d:32:32:f3:51:81:e2:83:30:6e:3d:38:9b: +- fb:3c ++ X509v3 extensions: ++ X509v3 Basic Constraints: ++ CA:FALSE ++ X509v3 Subject Key Identifier: ++ CC:8C:71:40:D0:0F:BF:D1:99:79:3F:1B:E9:10:76:19:67:36:0F:A3 ++ X509v3 Authority Key Identifier: ++ keyid:B1:FB:7E:77:B5:40:8D:68:11:7E:D9:11:E5:C3:C6:DA:4D:AC:51:B0 ++ DirName:/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB ++ serial:BE:58:AD:4C:1F:3D:25:95 ++ ++ Signature Algorithm: sha1WithRSAEncryption ++ 6f:ad:5e:59:fa:84:3a:be:e2:72:b1:e8:66:2a:4e:f8:73:19: ++ 11:06:11:92:78:56:3e:d6:e8:68:29:90:8b:59:d2:fe:aa:ae: ++ 25:59:c7:e9:99:bb:4a:06:43:dd:40:bd:cb:f4:ae:79:95:7d: ++ 8e:90:ef:58:d2:a8:fc:bf:07:f3:37:b2:9b:bd:da:e6:8c:56: ++ dd:5e:c6:4a:70:7c:3e:3d:a1:e8:35:06:b8:a7:7b:ac:26:85: ++ 54:5d:09:a2:7b:77:b4:17:7f:72:31:cb:ff:cc:67:6d:e6:3e: ++ c6:dc:96:eb:4a:0a:ae:e9:48:ae:8a:e0:d6:73:57:6e:32:4c: ++ 00:dc:28:da:55:b3:9f:9f:d8:98:cc:d9:f1:b6:b3:14:67:2e: ++ a1:47:1e:51:11:cf:70:9f:31:8f:ba:59:29:f2:d0:88:0b:e2: ++ 51:6b:f8:31:ed:6d:ac:00:5e:d3:78:4c:95:97:02:cc:74:2b: ++ 3b:c6:28:e6:2a:c3:30:99:35:b4:4d:31:46:d4:90:f2:47:ed: ++ 64:85:1a:75:2a:72:0a:2f:c6:3a:2f:d2:ac:6b:31:cc:e5:a8: ++ 07:c2:d6:22:f3:c6:0f:bf:67:d9:d6:b2:79:cd:48:b5:c3:e0: ++ e3:18:7f:b5:74:c9:43:19:fb:c4:93:29:ca:cc:90:2b:1b:6f: ++ 45:f6:25:f9 + -----BEGIN CERTIFICATE----- +-MIIBtzCCASACAxAAAjANBgkqhkiG9w0BAQQFADBEMQswCQYDVQQGEwJTRTEQMA4G +-A1UECBMHVXBwc2FsYTEQMA4GA1UEBxMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwg +-QUIwHhcNMTAwMTI5MTE1NjQ5WhcNMTUwMTI4MTE1NjQ5WjBGMQswCQYDVQQGEwJT +-RTEQMA4GA1UECBMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwgQUIxEjAQBgNVBAMT +-CWxvY2FsaG9zdDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDN5IdRnXIRoNH685KL +-Exzr9+KaL3Ko1mVI0WmvG8BME+VgYFFB6aumvBO7DF4yfNlsns0FJIR424CRLtiI +-K8LtAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAc86cbjlGtBS+2j/zG7qQvCND14Iq +-cE6m2VplXLffcd91d8WApK/60lni/cmc8JiVjmmpjHzYb0jS4zbgzf8/0aXmq3UJ +-xFAQxJbdvzveMkbaykrx1lKKMy+r9S5wP9ScvgDIA/k5it9bcDxA7wO+fD0dMjLz +-UYHigzBuPTib+zw= ++MIIDJTCCAg2gAwIBAgIBBDANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJTRTEQ ++MA4GA1UECBMHVXBwc2FsYTEQMA4GA1UEBxMHVXBwc2FsYTERMA8GA1UEChMITXlT ++UUwgQUIwHhcNMTAwMjIwMDI1NTA2WhcNMzAwOTAzMDI1NTA2WjBGMQswCQYDVQQG ++EwJTRTEQMA4GA1UECBMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwgQUIxEjAQBgNV ++BAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA431PwiN3 ++qTos0mlZoC9O0VFMro31F8zOWJyDTwujuymiuB0+GwT5qT7iYdDme7l8EtgfhslT ++tQTd3ybpwCveSpYu8yNveW2p0k4Xry/ei2hErt6j4sQ3HAStc0uF+YOs/rfBVEcu ++ltQxloWUadZaYyQEmYkZHVaK0Xeqh/s4zbcCAwEAAaOBozCBoDAJBgNVHRMEAjAA ++MB0GA1UdDgQWBBTMjHFA0A+/0Zl5PxvpEHYZZzYPozB0BgNVHSMEbTBrgBSx+353 ++tUCNaBF+2RHlw8baTaxRsKFIpEYwRDELMAkGA1UEBhMCU0UxEDAOBgNVBAgTB1Vw ++cHNhbGExEDAOBgNVBAcTB1VwcHNhbGExETAPBgNVBAoTCE15U1FMIEFCggkAvlit ++TB89JZUwDQYJKoZIhvcNAQEFBQADggEBAG+tXln6hDq+4nKx6GYqTvhzGREGEZJ4 ++Vj7W6GgpkItZ0v6qriVZx+mZu0oGQ91Avcv0rnmVfY6Q71jSqPy/B/M3spu92uaM ++Vt1exkpwfD49oeg1Brine6wmhVRdCaJ7d7QXf3Ixy//MZ23mPsbclutKCq7pSK6K ++4NZzV24yTADcKNpVs5+f2JjM2fG2sxRnLqFHHlERz3CfMY+6WSny0IgL4lFr+DHt ++bawAXtN4TJWXAsx0KzvGKOYqwzCZNbRNMUbUkPJH7WSFGnUqcgovxjov0qxrMczl ++qAfC1iLzxg+/Z9nWsnnNSLXD4OMYf7V0yUMZ+8STKcrMkCsbb0X2Jfk= + -----END CERTIFICATE----- +diff -Naur mysql-5.1.50.orig/mysql-test/std_data/server-key.pem mysql-5.1.50/mysql-test/std_data/server-key.pem +--- mysql-5.1.50.orig/mysql-test/std_data/server-key.pem 2010-08-03 13:55:08.000000000 -0400 ++++ mysql-5.1.50/mysql-test/std_data/server-key.pem 2010-08-27 23:42:05.754428433 -0400 +@@ -1,9 +1,15 @@ + -----BEGIN RSA PRIVATE KEY----- +-MIIBOwIBAAJBAM3kh1GdchGg0frzkosTHOv34povcqjWZUjRaa8bwEwT5WBgUUHp +-q6a8E7sMXjJ82WyezQUkhHjbgJEu2Igrwu0CAwEAAQJBAJuwhFbF3NzRpBbEmnqJ +-4GPa1UJMQMLFJF+04tqj/HxJcAIVhOJhGmmtYNw1yjz/ZsPnfJCMz4eFOtdjvGtf +-peECIQDmFFg2WLvYo+2m9w9V7z4ZIkg7ixYkI/ObUUctfZkPOQIhAOUWnrvjFrAX +-bIvYT/YR50+3ZDLEc51XxNgJnWqWYl1VAiEAnTOFWgyivFC1DgF8PvDp8u5TgCt2 +-A1d1GMgd490O+TECIC/WMl0/hTxOF9930vKqOGf//o9PUGkZq8QE9fcM4gtlAiAE +-iOcFpnLjtWj57jrhuw214ucnB5rklkQQe+AtcARNkg== ++MIICXgIBAAKBgQDjfU/CI3epOizSaVmgL07RUUyujfUXzM5YnINPC6O7KaK4HT4b ++BPmpPuJh0OZ7uXwS2B+GyVO1BN3fJunAK95Kli7zI295banSThevL96LaESu3qPi ++xDccBK1zS4X5g6z+t8FURy6W1DGWhZRp1lpjJASZiRkdVorRd6qH+zjNtwIDAQAB ++AoGAUb0o91y/FjMs/72S0pes/lDz+JRRSGfyjKxQEgrgndNsADOhqRu0iTdrKDJj ++XnlbN3ooecnFJfnFrvTQcJhSmlS30j6VrBw6LXpCBK3dvjYgJ9LOne7WK+dF1+vS ++FMQtsP04C56Sxy6HJDpMyWJ6oS3Bu169ygG2AxKo+Fk+E6ECQQD38w/MzmrARz2Z ++AGeEPDUnVZPYgtmXkmks95S0/2jSoLhmgpvJimzxwpYwVG/BG8dSDVuTDu5kp05D ++3bZIp3EzAkEA6uAwJsCZPtHXlWU3wYZJsA697rUNjPaCQOIaZ/lnh5RUHTmUiw1h ++Oj/VORqKB0kXqcDfawwLjZEvh1Xli+H5bQJBANTmhw2TvEPnp/OFTl1UGUvyBmXl ++TRMB639qAu07VfVtfYi/4ya1zn/0VmOfTOoigQ5qW9Q1AOu6YNCTQl62L9MCQQDc ++YfEsW2kvNYxYJHoVfuBjbuGuOnn1e1Oqd70ZND59S6NFLMMBWlORaVWzWACNZ3rp ++kAzSj6HDeqgjD2jsQONdAkEAt7S1YHUn8F760bRn4AnAto2TVOYdArtTP/wYjd4o ++9rJREO/d8AYkYJ96APLvF0SZ4n3t1pLwQRsKKN8ZGTmzLA== + -----END RSA PRIVATE KEY----- +diff -Naur mysql-5.1.50.orig/mysql-test/std_data/server8k-cert.pem mysql-5.1.50/mysql-test/std_data/server8k-cert.pem +--- mysql-5.1.50.orig/mysql-test/std_data/server8k-cert.pem 2010-08-03 13:55:08.000000000 -0400 ++++ mysql-5.1.50/mysql-test/std_data/server8k-cert.pem 2010-08-27 23:43:00.005366270 -0400 +@@ -1,51 +1,69 @@ ++Certificate: ++ Data: ++ Version: 3 (0x2) ++ Serial Number: 5 (0x5) ++ Signature Algorithm: sha1WithRSAEncryption ++ Issuer: C=SE, ST=Uppsala, L=Uppsala, O=MySQL AB ++ Validity ++ Not Before: Feb 20 03:00:54 2010 GMT ++ Not After : Sep 3 03:00:54 2030 GMT ++ Subject: C=SE, ST=Uppsala, O=MySQL AB, CN=server ++ Subject Public Key Info: ++ Public Key Algorithm: rsaEncryption ++ RSA Public Key: (1024 bit) ++ Modulus (1024 bit): ++ 00:c5:da:44:95:06:77:16:21:af:a0:c4:3c:e9:f8: ++ 1d:2d:95:f9:63:90:8c:3f:86:ba:77:76:4a:52:4b: ++ 6b:af:29:f5:1c:aa:d4:3f:3e:42:9f:6d:46:ba:86: ++ 90:b1:2d:cc:db:c6:33:15:a3:f4:af:53:33:4f:a1: ++ 56:d1:aa:3b:26:10:f7:64:b5:f9:bf:1b:b1:47:8e: ++ cc:a6:d6:0d:aa:4a:77:e3:a3:63:9d:2a:dc:65:f4: ++ 7f:91:17:38:2d:d6:cd:4e:8d:53:52:97:6e:87:fc: ++ 64:60:a6:a1:00:ac:96:6c:e4:42:94:75:17:46:6f: ++ 91:b5:dd:06:47:ed:05:e3:db ++ Exponent: 65537 (0x10001) ++ X509v3 extensions: ++ X509v3 Basic Constraints: ++ CA:FALSE ++ X509v3 Subject Key Identifier: ++ 6E:60:3F:29:13:60:99:ED:0C:F7:15:B5:DB:7B:1C:FB:6F:60:19:ED ++ X509v3 Authority Key Identifier: ++ keyid:B1:FB:7E:77:B5:40:8D:68:11:7E:D9:11:E5:C3:C6:DA:4D:AC:51:B0 ++ DirName:/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB ++ serial:BE:58:AD:4C:1F:3D:25:95 ++ ++ Signature Algorithm: sha1WithRSAEncryption ++ 63:2e:0f:07:14:06:cf:74:90:3d:37:42:f2:48:70:60:21:bc: ++ 34:52:31:f1:87:70:d2:b2:fb:ff:13:38:dc:f0:5e:43:d7:ee: ++ a7:c7:1f:ac:aa:d2:8c:4f:fa:3c:4c:73:f6:b6:c2:0c:a0:ea: ++ a2:c9:e2:73:61:c3:2e:78:40:0f:2a:d3:63:50:9b:b8:f9:89: ++ 40:ed:98:08:97:c3:07:24:17:34:b5:78:89:0a:bb:83:4c:e2: ++ 5c:2e:13:d6:21:30:ad:30:48:b5:70:12:ff:4a:6f:42:f0:f8: ++ 9f:b1:4b:bd:89:2b:f0:9d:e2:49:2b:35:69:18:1f:76:40:b4: ++ 76:bd:cb:dd:27:2f:c0:c1:e2:33:3e:6e:df:68:54:19:92:8a: ++ bb:13:9c:cf:d6:17:56:da:bf:0d:64:70:3a:45:b7:aa:5f:e3: ++ f5:96:ae:34:f2:17:37:27:d0:4b:e8:30:4a:c0:02:42:e2:d2: ++ 30:eb:eb:c7:d7:ec:d8:df:5c:43:58:e2:6f:b7:58:54:0d:c4: ++ 01:71:2d:59:8f:44:c7:a1:6c:0b:41:28:fa:b7:63:a7:68:d3: ++ 4f:c3:0f:17:9e:b2:32:50:e6:0b:87:3d:e2:39:47:c0:d8:0a: ++ 3b:f6:af:50:68:0f:9d:ef:6e:34:0d:3a:07:94:f8:a4:d7:24: ++ 86:32:d3:b4 + -----BEGIN CERTIFICATE----- +-MIIJFDCCBPwCAQEwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCU0UxEDAOBgNV +-BAgTB1VwcHNhbGExETAPBgNVBAoTCE15U1FMIEFCMQ0wCwYDVQQLEwRUZXN0MQsw +-CQYDVQQDEwJDQTAeFw0xMDA3MjgxNDA3MjhaFw0xODEwMTQxNDA3MjhaMFIxCzAJ +-BgNVBAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxhMREwDwYDVQQKEwhNeVNRTCBBQjEN +-MAsGA1UECxMEVGVzdDEPMA0GA1UEAxMGc2VydmVyMIIEIjANBgkqhkiG9w0BAQEF +-AAOCBA8AMIIECgKCBAEA6h3v1OWb9I9U/Z8diBu/xYGS8NCTD3ZESboHxVI2qSEC +-PgxNNcG8Lh0ktQdgYcOe64MnDTZX0Bibm47hoDldrAlTSffFxQhylqBBoXxDF+Lr +-hXIqCz7K0PsK+bYusL9ezJ7PETDnCT7oy95q4GXbKsutbNsm9if4ZE41gs2KnoU2 +-DA7kvMmkKojrMIL4+BqTXA20LLo0iSbgvUTvpSJw4u96BeyzMNnxK2wP5vvTtUo5 +-hACbfU87YjaSKs+q2VXCzfyYGZk1L1xk5GUI0bP+jutf1dDzNttW2/q2Nf5rxx09 +-Gh/GwmOnEk1O7cOZ8VQCsOHirIM39NuSARsY6Y3G5XM4k2W4nxyR/RtdG9bvs/33 +-aGsZ5V5yp7WSs8s9HHwaCPSsUiLKckQ7uA0TTRgbeweMrrLKovG57jsbBBB8pQD4 +-PRd31qgxCdstWXHiWwRyI8vOLWENPXPFqA/rJwwqNdWTogy38aqVXxGYR8PIwjA2 +-OaIwFjwGZcsPNLqw6bgAN8O2UBqZHWiMF8mi7brvioDvAIufZuqa2SqT/At45H83 +-psQ6R4FsxZt6SAK7EsdPo8OYTrY1i4iPZd/eKhnEu2srEZgsKRwY5H1mvDH5fWCc +-HSFu07sWmlmK6Or65Fsa0IaKLJiQDVVETd6xrI0wkM4AOcbKDrS7aywJ426dopbs +-+LFdt4N0cdII4gBgJAfLuuA2yrDXRq4P6cgpVMy0R+0dEYE8zzm8zf1a+Ud273LS +-9+LB+LJKwqbW8nOPBoiekimIKfJYoOA4+C/mAjsYl1sVjjEhXJAs9S9L2UvnUk1P +-sZi4UKHI6eAIEl7VM1sQ4GbdZ0px2dF2Ax7pGkhD+DLpYyYkCprharKZdmuUNLUd +-NhXxi/HSEiE+Uy+o8RIzmH7LuROl/ZgnfHjJEiBLt2qPvwrwYd4c3XuXWs4YsWfV +-JTt8Mx2ihgVcdGy9//shCSmgJwR1oWrhgC10AEL2fKeRnYUal1i+IxFPp7nb8uwx +-UADgR0cY4A3qR/JP489QFIcxBTVs65De+Bq3ecnujk6yeGpD9iptonq4Y8uNZMc1 +-kOE7GiFGwR4EufT5SEMh+tUkjth2r+842vmZZuxrVQaohDiATmIJA07W51zKH+nQ +-uw4qVKnAhPaDLCLc7YMIH9JcmkeQX0nf8/S2O2WYDH8glVDi5hfW08tCmV647vRY +-nTIywUTO0lFpz7M+VyMNaJ6yXU6biBV5hLAI8C5ldr/SWI789W2+ebBaJ9gfK+PT +-trohFSK37GcoSH4V6qSLJHCBASEsiddqHIHMLJZRYD+B6J3tLhjVUM43u+MEGbFT +-d33ZDke/WzLTExWkaOv36e67gDBmgDuj9yroq3wGfwIDAQABMA0GCSqGSIb3DQEB +-BAUAA4IEAQCc9RBhRbuWlmRZPZkqIdi5/+enyjoMmOa6ryJPxFSP8D2jrlHgQsk1 +-+GsJmPFT3rwWfoGAQu/aeSX4sp8OhKVJtqNA6MJrGYnZIMolgYa1wZPbkjJsdEfi +-UsZdIB0n2+KA0xwEdGPdkGCfNPBtOg557DkcyEvsIZ9ELp4Pp2XzWRhyFGasJZc4 +-YwgD/3K2rpOPZoMkBKeKqV19j41OfLKGBVyuaqzitbu9+KT4RU1ibr2a+UuFCwdT +-oqyN7bfWXjcjXOMkxCsOmLfKmqQxs7TEOVrYPTdYjamDxLy/e5g5FgoCxGY8iil0 +-+YFLZyH6eEx/Os9DlG/M3O1MeRD9U97CdsphbDVZIDyWw5xeX8qQHJe0KSprAgiG +-TLhTZHeyrKujQCQS1oFFmNy4gSqXt0j1/6/9T80j6HeyjiiYEaEQK9YLTAjRoA7W +-VN8wtHI5F3RlNOVQEJks/bjdlpLL3VhaWtfewGh/mXRGcow84cgcsejMexmhreHm +-JfTUl9+X1IFFxGq2/606A9ROQ7kN/s4rXu7/TiMODXI/kZijoWd2SCc7Z0YWoNo7 +-IRKkmZtrsflJbObEuK2Jk59uqzSxyQOBId8qtbPo8qJJyHGV5GCp34g4x67BxJBo +-h1iyVMamBAS5Ip1ejghuROrB8Hit8NhAZApXju62btJeXLX+mQayXb/wC/IXNJJD +-83tXiLfZgs6GzLAq7+KW/64sZSvj87CPiNtxkvjchAvyr+fhbBXCrf4rlOjJE6SH +-Je2/Jon7uqijncARGLBeYUT0Aa6k1slpXuSKxDNt7EIkP21kDZ5/OJ0Y1u587KVB +-dEhuDgNf2/8ij7gAQBwBoZMe1DrwddrxgLLBlyHpAZetNYFZNT+Cs/OlpqI0Jm59 +-kK9pX0BY4AGOd23XM3K/uLawdmf67kkftim7aVaqXFHPiWsJVtlzmidKvNSmbmZe +-dOmMXp6PBoqcdusFVUS7vjd3KAes5wUX/CaTyOOPRu0LMSnpwEnaL76IC9x4Jd6d +-7QqY/OFTjpPH8nP57LwouiT6MgSUCWGaOkPuBJ9w9sENSbbINpgJJ42iAe2kE+R7 +-qEIvf/2ETCTseeQUqm2nWiSPLkNagEh6kojmEoKrGyrv3YjrSXSOY1a70tDVy43+ +-ueQDQzNZm3Q7inpke2ZKvWyY0LQmLzP2te+tnNBcdLyKJx7emPRTuMUlEdK7cLbt +-V3Sy9IKtyAXqqd66fPFj4NhJygyncj8M6CSqhG5L0GhDbkA8UJ8yK/gfKm3h5xe2 +-utULK5VMtAhQt6cVahO59A9t/OI17y45bmlIgdlEQISzVFe9ZbIUJW44zBfPx74k +-/w8pMRr8gEuRqpL2WdJiKGG6lhMHLVFo ++MIIDIjCCAgqgAwIBAgIBBTANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJTRTEQ ++MA4GA1UECBMHVXBwc2FsYTEQMA4GA1UEBxMHVXBwc2FsYTERMA8GA1UEChMITXlT ++UUwgQUIwHhcNMTAwMjIwMDMwMDU0WhcNMzAwOTAzMDMwMDU0WjBDMQswCQYDVQQG ++EwJTRTEQMA4GA1UECBMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwgQUIxDzANBgNV ++BAMTBnNlcnZlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxdpElQZ3FiGv ++oMQ86fgdLZX5Y5CMP4a6d3ZKUktrryn1HKrUPz5Cn21GuoaQsS3M28YzFaP0r1Mz ++T6FW0ao7JhD3ZLX5vxuxR47MptYNqkp346NjnSrcZfR/kRc4LdbNTo1TUpduh/xk ++YKahAKyWbORClHUXRm+Rtd0GR+0F49sCAwEAAaOBozCBoDAJBgNVHRMEAjAAMB0G ++A1UdDgQWBBRuYD8pE2CZ7Qz3FbXbexz7b2AZ7TB0BgNVHSMEbTBrgBSx+353tUCN ++aBF+2RHlw8baTaxRsKFIpEYwRDELMAkGA1UEBhMCU0UxEDAOBgNVBAgTB1VwcHNh ++bGExEDAOBgNVBAcTB1VwcHNhbGExETAPBgNVBAoTCE15U1FMIEFCggkAvlitTB89 ++JZUwDQYJKoZIhvcNAQEFBQADggEBAGMuDwcUBs90kD03QvJIcGAhvDRSMfGHcNKy +++/8TONzwXkPX7qfHH6yq0oxP+jxMc/a2wgyg6qLJ4nNhwy54QA8q02NQm7j5iUDt ++mAiXwwckFzS1eIkKu4NM4lwuE9YhMK0wSLVwEv9Kb0Lw+J+xS72JK/Cd4kkrNWkY ++H3ZAtHa9y90nL8DB4jM+bt9oVBmSirsTnM/WF1bavw1kcDpFt6pf4/WWrjTyFzcn ++0EvoMErAAkLi0jDr68fX7NjfXENY4m+3WFQNxAFxLVmPRMehbAtBKPq3Y6do00/D ++DxeesjJQ5guHPeI5R8DYCjv2r1BoD53vbjQNOgeU+KTXJIYy07Q= + -----END CERTIFICATE----- +diff -Naur mysql-5.1.50.orig/mysql-test/std_data/server8k-key.pem mysql-5.1.50/mysql-test/std_data/server8k-key.pem +--- mysql-5.1.50.orig/mysql-test/std_data/server8k-key.pem 2010-08-03 13:55:08.000000000 -0400 ++++ mysql-5.1.50/mysql-test/std_data/server8k-key.pem 2010-08-27 23:43:10.165365998 -0400 +@@ -1,99 +1,15 @@ + -----BEGIN RSA PRIVATE KEY----- +-MIISKQIBAAKCBAEA6h3v1OWb9I9U/Z8diBu/xYGS8NCTD3ZESboHxVI2qSECPgxN +-NcG8Lh0ktQdgYcOe64MnDTZX0Bibm47hoDldrAlTSffFxQhylqBBoXxDF+LrhXIq +-Cz7K0PsK+bYusL9ezJ7PETDnCT7oy95q4GXbKsutbNsm9if4ZE41gs2KnoU2DA7k +-vMmkKojrMIL4+BqTXA20LLo0iSbgvUTvpSJw4u96BeyzMNnxK2wP5vvTtUo5hACb +-fU87YjaSKs+q2VXCzfyYGZk1L1xk5GUI0bP+jutf1dDzNttW2/q2Nf5rxx09Gh/G +-wmOnEk1O7cOZ8VQCsOHirIM39NuSARsY6Y3G5XM4k2W4nxyR/RtdG9bvs/33aGsZ +-5V5yp7WSs8s9HHwaCPSsUiLKckQ7uA0TTRgbeweMrrLKovG57jsbBBB8pQD4PRd3 +-1qgxCdstWXHiWwRyI8vOLWENPXPFqA/rJwwqNdWTogy38aqVXxGYR8PIwjA2OaIw +-FjwGZcsPNLqw6bgAN8O2UBqZHWiMF8mi7brvioDvAIufZuqa2SqT/At45H83psQ6 +-R4FsxZt6SAK7EsdPo8OYTrY1i4iPZd/eKhnEu2srEZgsKRwY5H1mvDH5fWCcHSFu +-07sWmlmK6Or65Fsa0IaKLJiQDVVETd6xrI0wkM4AOcbKDrS7aywJ426dopbs+LFd +-t4N0cdII4gBgJAfLuuA2yrDXRq4P6cgpVMy0R+0dEYE8zzm8zf1a+Ud273LS9+LB +-+LJKwqbW8nOPBoiekimIKfJYoOA4+C/mAjsYl1sVjjEhXJAs9S9L2UvnUk1PsZi4 +-UKHI6eAIEl7VM1sQ4GbdZ0px2dF2Ax7pGkhD+DLpYyYkCprharKZdmuUNLUdNhXx +-i/HSEiE+Uy+o8RIzmH7LuROl/ZgnfHjJEiBLt2qPvwrwYd4c3XuXWs4YsWfVJTt8 +-Mx2ihgVcdGy9//shCSmgJwR1oWrhgC10AEL2fKeRnYUal1i+IxFPp7nb8uwxUADg +-R0cY4A3qR/JP489QFIcxBTVs65De+Bq3ecnujk6yeGpD9iptonq4Y8uNZMc1kOE7 +-GiFGwR4EufT5SEMh+tUkjth2r+842vmZZuxrVQaohDiATmIJA07W51zKH+nQuw4q +-VKnAhPaDLCLc7YMIH9JcmkeQX0nf8/S2O2WYDH8glVDi5hfW08tCmV647vRYnTIy +-wUTO0lFpz7M+VyMNaJ6yXU6biBV5hLAI8C5ldr/SWI789W2+ebBaJ9gfK+PTtroh +-FSK37GcoSH4V6qSLJHCBASEsiddqHIHMLJZRYD+B6J3tLhjVUM43u+MEGbFTd33Z +-Dke/WzLTExWkaOv36e67gDBmgDuj9yroq3wGfwIDAQABAoIEAQCSt6YoZqigz/50 +-XvYT6Uf6T6S1lBDFXNmY1qOuDkLBJTWRiwYMDViQEaWCaZgGTKDYeT3M8uR/Phyu +-lRFi5vCEMufmcAeZ3hxptw7KU+R8ILJ207/zgit6YglTys9h5txTIack39+6FJmx +-wbZ64HpETJZnpMO6+fuZaMXyLjuT8mmXjvHcOgXOvjWeFkZOveDhjJkAesUXuqyX +-EI+ajoXuQiPXeKonkD2qd7NTjzfy4gw/ZF4NXs0ZVJeviqtIPo2xp33udOw2vRFh +-bMvlF4cNLAbIKYVyOG0ruOfd2I7Unsc/CvD1u5vlRVuUd8OO0JZLIZR7hlRX+A58 +-8O1g2H/wJZAsF1BnLnFzDGYCX2WjCCK3Zn85FkKGRa0lTdYDduad/C/N3Y2/pHFE +-e7U/2D7IkEei59tD2HcsDBB3MJnckkn/hyiL9qWcxqWZ61vurE+XjU6tc6fnfhk9 +-pJQ6yU3epPU7Vfsk0UGA7bbgKpsyzyH8Zl76YC2mN2ZVJjZekfhY+ibT9odEPdOl +-yLB5iXA6/WhKkDWaOqZGOH+7MblWgT9wHINlcn+nKzOr00JHl26ac6aMlXXi9vbe +-4jgJbFK1HYlFIndyX/BdqRTsFemDoDrVqrEYsaONoVYDd9c5qrqYOeh34DhOksQW +-hNwWBfmMlfzgOGtCYhMeK+AajqTtUbMYQA6qp47KJd/Oa5Dvi3ZCpvZh3Ll5iIau +-rqCtmojsWCqmpWSu7P+Wu4+O3XkUMPdQUuQ5rJFESEBB3yEJcxqk/RItTcKNElNC +-PASrPrMD9cli7S/pJ+frbhu1Gna1ArXzXQE9pMozPaBpjCig7+15R0lL3pmOKO6e +-WK3dgSwrnW6TQdLPlSD4lbRoiIdTHVBczztDeUqVvFiV3/cuaEi1nvaVdAYLqjuL +-ogK4HwE/FQ54S0ijAsP52n25usoH6OTU3bSd/7NTp0vZCy3yf10x7HUdsh2DvhRO +-3+TSK5t0yz0Nt7hNwcI6pLmWUIYcZgpFc/WsiiGscTfhy8rh3kRHI8ylGq53KNF+ +-yCVmjqnBRWs91ArxmeF1ctX2t3w5p7gf65hJWqoX/2DiSi5FBsr6HLxa5sUi4wRZ +-136aCNt5Wu7w+AzPDbQW6qKUGSyfHJAw4JZasZcaZLise5IWb1ks0DtFbWWdT3ux +-8r2AM7IO1WopnekrYCnx/aBvBAv4NjWozVA517ztVttPERt3AGb4nm387nYt5R2U +-NO2GBWcDyT8JQLKmffE1AkWolCR1GsvcNLQfLCbnNppgsnsLE/viTG4mq1wjnd8O +-2Q8nH1SVTuyGFREMp/zsiAEaGfdd0hI2r1J7OdNPBBCtmhITsy9ZYHqm5vrGvy3s +-vi2GuB2RAoICAQD/oWUsg4eTJxHifTJLz/tVSTXnw7DhfbFVa1K1rUV63/MRQAFW +-pabN4T6Yfp3CpdRkljCA8KPJZj7euwhm4OEg1ulpOouA+cfWlE9RFE8wyOK5SYwM +-k+nk31P9MUC866pZg/ghzBGDub91OW1+ZGEtqnLI/n/LhiAIWt0hJvgZclTc1cAL +-xffHVlFwoSyNl/nc3ueZCC95nOLst2XcuxZLLbOFtZCmDYsp49q/Jn6EFjn4Ge2o +-qp38z6eZgDMP1F4lb9nDqXPHfUSt2jxKlmpfXS+IPKdba67+EjhbtmUYzaR4EoPI +-zh+o6SrVWT6Yve7KGiYv06fuRz1m/lLQO/Arbd9ntSjgn+ZEXGOkbhnHUX3DJ4ny +-/6XEGB9NLQjern4uNTn0AaV+uvhncapFMaIBnVfq0Cw8eog0136PBYRaVX7T44j5 +-HwIyGXWtYGA/SzDEQoksD0Y/T61BEGnLZaKeavNd82WwFvcYHZtE0J4aQGjCEE7N +-+nijzCy+j5ETmme9KJvQHpEyXP3N4RBko1eWvyTwFZDdIXtoa6TTEI51lm+FXJ/b +-Y+BzMr6KRo29FB+7//1ptUoMvn5hzL0PwOv2ZSTQuoG5hLDEbxWXLNhd1VHcfznF +-3EZHwfD2F8aGQ3kz+fkMTNfK955KorDrmLgvmV9eZZ5yQxGZrs5H5YfKpwKCAgEA +-6nSUbzfSdVFUH89NM5FmEJgkD06vqCgHl2mpyF+VmDGcay4K06eA4QbRO5kns13+ +-n6PcBl/YVW/rNE8iFi+WxfqUpAjdR1HlShvTuTRVqtFTfuN8XhbYU6VMjKyuE0kd +-LKe3KRdwubjVNhXRZLBknU+3Y/4hnIR7mcE3/M5Zv5hjb7XnwWg/SzxV9WojCKiu +-vQ7cXhH5/o7EuKcl1d6vueGhWsRylCG9RimwgViR2H7zD9kpkOc0nNym9cSpb0Gv +-Lui4cf/fVwIt2HfNEGBjbM/83e2MH6b8Xp1fFAy0aXCdRtOo4LVOzJVAxn5dERMX +-4JJ4d5cSFbssDN1bITOKzuytfBqRIQGNkOfizgQNWUiaFI0MhEN/icymjm1ybOIh +-Gc9tzqKI4wP2X9g+u3+Oof1QaBcZ4UbZEU9ITN87Pa6XVJmpNx7A81BafWoEPFeE +-ahoO4XDwlHZazDuSlOseEShxXcVwaIiqySy7OBEPBVuYdEd2Qw/z3JTx9Kw8MKnf +-hu+ar5tz5dPnJIsvLeYCcJDe/K6loiZuHTtPbWEy9p6It7qubQNPBvTSBN5eVDKc +-Q2bTQNCx8SAAA9C5gJiwWoQKsXJzbRFRY77P9JjuGpua3YJ2nYBHEJmF+fp1R33c +-uHIyMphPMkKC4GC3/43kkMr6tck8kZbXGSYsLsBr2GkCggIBAJvvrjILQianzKcm +-zAmnI6AQ+ssYesvyyrxaraeZvSqJdlLtgmOCxVANuQt5IW9djUSWwZvGL4Np1aw0 +-15k6UNqhftzsE7FnrVneOsww4WXXBUcV8FKz4Bf3i9qFswILmGzmrfSf8YczRfGS +-SJKzVPxwX3jwlrBmbx/pnb7dcLbFIbNcyLvl1ZJJu4BDMVRmgssTRp/5eExtQZg4 +-//A4SA8wH7TO3yAMXvn8vrGgH8kfbdlEp88d1SYk3g4rP/rGB3A63NIYikIEzmJn +-ICQ3wUfPJnGq3kRMWgEuyCZaCy2oNE3yrWVPJ8z3/2MJ/79ZDVNHxEeki2o1FuW+ +-+nGAPq+fZIp03iy4HdVRro7dgugtc9QaSHJtNId8V4vSjviX5Oz3FxUb9AJst58S +-nVV8Q2FMxBa/SlzSOkhRtCg2q1gXkzhaMnIVUleRZFGQ2uWBToxKMjcoUifIyN1J +-z999bkfI4hBLq5pRSAXz+YVu5SMKa10GaawIwJLat+i+1zboF6QyI2o/Wz8nrsNq +-KX/ajFGu5C94WFgsVoWKNI90KBLe48Ssje9c68waBlV/WHMg1YLvU3yqVDOV+K5c +-IHB9tPMnG+AgBYZPxSzuvnLrrkj/GeKx0WI7TrvzOLRGKJo6irMEJ8IzFegASRUq +-TVZKYQDYRG7m+lKlSxU+pyMAh2c9AoICAE4kavCip1eIssQjYLTGSkFPo/0iGbOv +-G9CgXAE3snFWX67tWphupKrbjdMSWcQTmPD2OTg6q6zWL4twsIi6dcMooHAHsFC7 +-//LyUV/SDJdxSyXohiQJ8zH1zwy35RDydnHSuF5OvLh53T44iWDI1dAEqLgAFI3J +-LjTxzEpLMGiGTuYFt+ejai0WQAQayvBw4ESM9m+4CB2K0hBFTXv5y5HlnNTW0uWC +-VUZUUMrbjUieDz8B/zOXi9aYSGFzmZFGUDAPSqJcSMEELemPDF7f8WNr8vi42tIV +-4tlaFD1nep4F9bWMiCXU6B2RxVQi+7vcJEIqL1KUnGd3ydfD00K+ng4Xnj7Vz/cz +-QE7CqrpFaXmPlCMzW6+dm51/AyhHXDLkL2od05hiXcNkJ7KMLWRqwExHVIxM3shR +-x7lYNl3ArUsCrNd6m4aOjnrKFk7kjeLavHxskPccoGKrC9o0JMfTkWLgmuBJFQ0S +-N/HzIbcvIFWF0Ms4ojb50yp6ziXhXfJOO/0KUQEki71XIhvw89mVZszDzD5lqzjf +-HCZMBU4MbmL6NdEevFIDH0zPPkx3HPNtJt3kIJbit9wI8VhUMe+ldGnGxpWb8tKw +-SfM3vrHkYr+lizk26XfXMFhdAuVtT7dzQKSNEyP/1a2Hs307Xzgiv8JulJ8QIkrX +-/nsYWPOAGLG5AoICABmdW9Ppkvuhb1AEcjTWb+XCyopoBc6vit/uQWD9uO+CeX7a +-cfzq+iH01CAjyVMc4E1JDc5Lpi106U+GRGcAAaPJB2Sp5NznoxaOVrb71blu4Q4x +-bNjtKM/P/DXpO+yJYoOPdKtaSDhtnfNDM7H/jztJ3XIrOltKA7CcRDohbBWIx8Q0 +-0uEpvfFpZZBco3yVmjP0RLgIVYn/ZDj9wGhSvFWIJ5vv6GXmtDrcHGMLxcfv7t76 +-UVcMW/Yy4mYJRCzGOrWagyVijJ6MTVNciqadWcH1KcbB3EGoMFYMn61or2qJABPM +-xz89IlhnROU1Re3X/QRx5t86cw6oa+FqrWMOhSs31I0dNWSuS/xDympG27YIYSDd +-mv5seT78GjFmMJC5pPOLoXsbTPB0HpsX2/UL/w/eRAfilTOef/Cf9VE5MP/C2YR7 +-NBxUU7/+21D6WvdtBTcZbrXWGroAo8zPP+PwX0+c6WoAvqDJvCPndp8xZhSgEJN/ +-0kScptezi8n3ZHI95EA9U5mAHxHz0IhDDVzWw/z1f1SBPxKVX3+By3zaa3lrD2ch +-cHq7nBkX72veEevnHUY8Z2rHE2G2jdmRfOtwm4sjL0VBV9fRRoxzJWRduKyeOtDL +-EhhBhUoTrT48UnfW9hxnbNLB9P/hh+UJu9HrS2uAwHoGE1+8gcyundupGDBn ++MIICXgIBAAKBgQDF2kSVBncWIa+gxDzp+B0tlfljkIw/hrp3dkpSS2uvKfUcqtQ/ ++PkKfbUa6hpCxLczbxjMVo/SvUzNPoVbRqjsmEPdktfm/G7FHjsym1g2qSnfjo2Od ++Ktxl9H+RFzgt1s1OjVNSl26H/GRgpqEArJZs5EKUdRdGb5G13QZH7QXj2wIDAQAB ++AoGBAJLCjh7Q9eLnx+QDzH9s+Q/IcH4nSbERmh1lFEopAc6j29qQ6PGkmDy0DUPs ++70VOCOh5A4mo3aZzm9sUfVb24/nRtmyTP/AtMuIVGCsUqzI28dJRGvRlY0aSQG/C ++ILqMP69kiMNGBvuyEIiJhisOmMvDFEp7HrrXHJM9qcc217DpAkEA4nzJ9yyy2e4O ++r6/D711hdfcU/F+ktXw+pL77kSSdTABUap92Uv2RL36UA4q5h8RNvq/GrzMNm6Ye ++u2IMvBCiTQJBAN+iRbiMJCSitTg5YVMluVbT87co7jbTqk7LN1ujyIFEklm4xlHG ++DLJNgEoDR7QJtAkL++FyogC4zsQsey5voscCQQCp54trTbDuI9QIoAaQrrDKWgz4 ++NpfNPeOQm2UFQT5vIWAyjGWrZGViB8bp0UvVOcJI5nxaOiZfOYOcdrWu75uRAkAn ++67zMc9/j1lPJRJz2Dc7nDBD+ikTz7pcBV897AWLCiK4jbBOi91q+3YzgKXO8VNsZ ++nlUJasA2psbqSBJ5OJ5zAkEA2UxoMju54hASjT54Z92IzraVw4Vo8CYwOcw5fr7z +++m5xg1mmWdLBclmZ+WjARzDuTHIW6u/WCxNGg42AykWzfw== + -----END RSA PRIVATE KEY----- diff --git a/mysql-install-test.patch b/mysql-install-test.patch new file mode 100644 index 0000000..5980aea --- /dev/null +++ b/mysql-install-test.patch @@ -0,0 +1,33 @@ +Improve the documentation that will be installed in the mysql-test RPM. + + +diff -Naur mysql-5.1.43.orig/mysql-test/README mysql-5.1.43/mysql-test/README +--- mysql-5.1.43.orig/mysql-test/README 2010-01-15 12:14:43.000000000 -0500 ++++ mysql-5.1.43/mysql-test/README 2010-02-13 21:18:06.000000000 -0500 +@@ -6,6 +6,16 @@ + actually have a co-existing MySQL installation. The tests will not + conflict with it. + ++For use in Red Hat distributions, you should run the script as user mysql, ++so the best bet is something like ++ cd /usr/share/mysql-test ++ sudo -u mysql ./mysql-test-run ++This will use the installed mysql executables, but will run a private copy ++of the server process (using data files within /usr/share/mysql-test), ++so you need not start the mysqld service beforehand. ++To clean up afterwards, remove the created "var" subdirectory, eg ++ sudo -u mysql rm -rf /usr/share/mysql-test/var ++ + All tests must pass. If one or more of them fail on your system, please + read the following manual section for instructions on how to report the + problem: +@@ -25,7 +35,8 @@ + + With no test cases named on the command line, mysql-test-run falls back + to the normal "non-extern" behavior. The reason for this is that some +-tests cannot run with an external server. ++tests cannot run with an external server (because they need to control the ++options with which the server is started). + + + You can create your own test cases. To create a test case, create a new diff --git a/mysql-logrotate.patch b/mysql-logrotate.patch new file mode 100644 index 0000000..a9e3862 --- /dev/null +++ b/mysql-logrotate.patch @@ -0,0 +1,66 @@ +Adjust the mysql-log-rotate script in several ways: + +* Use the correct log file pathname for Red Hat installations. +* Enable creation of the log file by logrotate (needed since + /var/log/ isn't writable by mysql user); and set the same 640 + permissions we normally use. +* Comment out the actual rotation commands, so that user must edit + the file to enable rotation. This is unfortunate, but the fact + that the script will probably fail without manual configuration + (to set a root password) means that we can't really have it turned + on by default. Fortunately, in most configurations the log file + is low-volume and so rotation is not critical functionality. + +See discussions at RH bugs 799735, 547007 + + +diff -Naur mysql-5.0.95.orig/support-files/mysql-log-rotate.sh mysql-5.0.95/support-files/mysql-log-rotate.sh +--- mysql-5.0.95.orig/support-files/mysql-log-rotate.sh 2011-12-16 07:12:45.000000000 -0500 ++++ mysql-5.0.95/support-files/mysql-log-rotate.sh 2012-06-02 12:28:03.038568380 -0400 +@@ -3,7 +3,7 @@ + # in the [safe_mysqld] section as follows: + # + # [safe_mysqld] +-# err-log=@localstatedir@/mysqld.log ++# err-log=/var/log/mysqld.log + # + # If the root user has a password you have to create a + # /root/.my.cnf configuration file with the following +@@ -18,19 +18,21 @@ + # ATTENTION: This /root/.my.cnf should be readable ONLY + # for root ! + +-@localstatedir@/mysqld.log { +- # create 600 mysql mysql +- notifempty +- daily +- rotate 3 +- missingok +- compress +- postrotate +- # just if mysqld is really running +- if test -x @bindir@/mysqladmin && \ +- @bindir@/mysqladmin ping &>/dev/null +- then +- @bindir@/mysqladmin flush-logs +- fi +- endscript +-} ++# Then, un-comment the following lines to enable rotation of mysql's log file: ++ ++#/var/log/mysqld.log { ++# create 640 mysql mysql ++# notifempty ++# daily ++# rotate 3 ++# missingok ++# compress ++# postrotate ++# # just if mysqld is really running ++# if test -x @bindir@/mysqladmin && \ ++# @bindir@/mysqladmin ping &>/dev/null ++# then ++# @bindir@/mysqladmin flush-logs ++# fi ++# endscript ++#} diff --git a/mysql-no-docs.patch b/mysql-no-docs.patch new file mode 100644 index 0000000..a7aad64 --- /dev/null +++ b/mysql-no-docs.patch @@ -0,0 +1,40 @@ +Remove makefile logic dealing with mysql.info. We cannot ship that +documentation since it is not freely redistributable. + + + +diff -up mysql-5.1.70/Docs/Makefile.am.p9 mysql-5.1.70/Docs/Makefile.am +--- mysql-5.1.70/Docs/Makefile.am.p9 2013-05-13 15:33:33.000000000 +0200 ++++ mysql-5.1.70/Docs/Makefile.am 2013-07-23 07:58:29.868617019 +0200 +@@ -13,28 +13,21 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + +-EXTRA_DIST = mysql.info INSTALL-BINARY @extra_docs@ ++EXTRA_DIST = INSTALL-BINARY @extra_docs@ + +-# make sure that "make install" installs the info page, too +-# automake only seems to take care of this automatically, +-# if we're building the info page from texi directly. +-install-data-hook: $(srcdir)/mysql.info ++install-data-hook: + if test `basename $(prefix)` = "mysql" ; then \ + $(mkinstalldirs) $(DESTDIR)$(prefix)/docs ; \ +- $(INSTALL_DATA) $(srcdir)/mysql.info $(DESTDIR)$(prefix)/docs ; \ + test ! -f $(top_srcdir)/ChangeLog || $(INSTALL_DATA) $(top_srcdir)/ChangeLog $(DESTDIR)$(prefix)/docs ; \ + else \ +- $(mkinstalldirs) $(DESTDIR)$(infodir) $(DESTDIR)$(pkgdatadir) ; \ +- $(INSTALL_DATA) $(srcdir)/mysql.info $(DESTDIR)$(infodir) ; \ ++ $(mkinstalldirs) $(DESTDIR)$(pkgdatadir) ; \ + test ! -f $(top_srcdir)/ChangeLog || $(INSTALL_DATA) $(top_srcdir)/ChangeLog $(DESTDIR)$(pkgdatadir) ; \ + fi + + uninstall-local: + if test `basename $(prefix)` = "mysql" ; then \ +- @RM@ -f $(DESTDIR)$(prefix)/docs/mysql.info ; \ + @RM@ -f $(DESTDIR)$(prefix)/docs/ChangeLog ; \ + else \ +- @RM@ -f $(DESTDIR)$(infodir)/mysql.info ; \ + @RM@ -f $(DESTDIR)$(pkgdatadir)/ChangeLog ; \ + fi + diff --git a/mysql-openssl-test.patch b/mysql-openssl-test.patch new file mode 100644 index 0000000..73480fe --- /dev/null +++ b/mysql-openssl-test.patch @@ -0,0 +1,757 @@ +Cipher EDH-RSA-DES-CBC-SHA is now not acceptable in openssl, so just do not +test it. + +The rest of the patch fixes expired certificates that are used for tests. + +diff -rup mysql-5.1.73-orig/mysql-test/r/openssl_1.result mysql-5.1.73/mysql-test/r/openssl_1.result +--- mysql-5.1.73-orig/mysql-test/r/openssl_1.result 2015-06-12 13:55:38.737470083 +0200 ++++ mysql-5.1.73/mysql-test/r/openssl_1.result 2015-06-12 13:56:34.581589136 +0200 +@@ -196,8 +196,6 @@ Ssl_cipher DHE-RSA-AES256-SHA + Variable_name Value + Ssl_cipher EDH-RSA-DES-CBC3-SHA + Variable_name Value +-Ssl_cipher EDH-RSA-DES-CBC-SHA +-Variable_name Value + Ssl_cipher RC4-SHA + select 'is still running; no cipher request crashed the server' as result from dual; + result +diff -rup mysql-5.1.73-orig/mysql-test/std_data/cacert.pem mysql-5.1.73/mysql-test/std_data/cacert.pem +--- mysql-5.1.73-orig/mysql-test/std_data/cacert.pem 2015-06-12 13:55:38.580469748 +0200 ++++ mysql-5.1.73/mysql-test/std_data/cacert.pem 2015-06-12 13:59:37.676969600 +0200 +@@ -1,22 +1,77 @@ ++Certificate: ++ Data: ++ Version: 3 (0x2) ++ Serial Number: 18344029820145564920 (0xfe9315ee3af2fcf8) ++ Signature Algorithm: sha1WithRSAEncryption ++ Issuer: C=SE, ST=Uppsala, L=Uppsala, O=MySQL AB ++ Validity ++ Not Before: Jan 29 13:33:36 2015 GMT ++ Not After : Jan 24 13:33:36 2035 GMT ++ Subject: C=SE, ST=Uppsala, L=Uppsala, O=MySQL AB ++ Subject Public Key Info: ++ Public Key Algorithm: rsaEncryption ++ Public-Key: (2048 bit) ++ Modulus: ++ 00:ad:79:3b:d1:c4:f3:fd:72:e8:4a:9e:54:db:44: ++ 86:c7:57:a9:53:2e:01:5a:5b:04:b8:b7:15:02:28: ++ b2:e8:8a:8d:0e:32:29:a6:cc:63:00:fb:e4:7a:ec: ++ 27:b0:09:8f:4d:34:95:c5:9e:2e:92:20:8b:ec:88: ++ d3:08:75:c7:c0:61:46:60:79:bb:0f:5f:e4:08:d7: ++ b2:20:08:1a:71:a9:ea:f2:d6:55:40:26:82:9b:2c: ++ 6a:00:66:74:58:ea:e8:6c:77:74:81:10:3b:78:7f: ++ 20:75:9c:ac:7a:63:af:0e:b6:7b:e8:94:13:00:b8: ++ 7d:33:7a:c7:49:1f:b2:84:ce:0d:89:4a:97:ee:61: ++ 0a:1d:8b:a7:8b:45:90:dc:cc:e6:56:dc:aa:28:b2: ++ cb:83:09:e7:7b:9a:7c:3e:da:4f:11:d0:b2:95:0d: ++ 96:c0:b0:41:63:2d:2b:45:2f:6d:46:38:5a:b0:93: ++ e6:07:af:d1:2f:15:ff:84:f3:05:62:a5:28:1a:a4: ++ 40:23:3d:c6:77:60:2c:55:7d:fd:af:da:4a:e8:fb: ++ 16:03:9a:67:4b:76:a6:ec:96:ba:46:86:f2:fb:7c: ++ eb:2c:59:5c:af:e7:79:50:26:05:d4:71:c3:d5:62: ++ d5:2b:17:35:d3:32:4e:b4:df:30:7d:8b:fd:ba:c3: ++ a6:5d ++ Exponent: 65537 (0x10001) ++ X509v3 extensions: ++ X509v3 Subject Key Identifier: ++ D0:25:36:E4:E6:DB:8B:6E:4F:8A:4D:20:48:A4:21:3A:58:7E:EF:C4 ++ X509v3 Authority Key Identifier: ++ keyid:D0:25:36:E4:E6:DB:8B:6E:4F:8A:4D:20:48:A4:21:3A:58:7E:EF:C4 ++ ++ X509v3 Basic Constraints: ++ CA:TRUE ++ Signature Algorithm: sha1WithRSAEncryption ++ 8d:9f:56:93:67:4b:77:e1:4c:f0:3c:6b:9c:8a:a0:a5:3d:5d: ++ a7:21:72:5e:bc:4c:88:16:61:95:3d:e6:34:da:a6:b0:8c:6e: ++ 94:4c:69:ea:c6:8a:fa:2c:3d:bf:f9:8e:b5:d1:69:ac:a1:46: ++ 12:95:bc:fd:67:21:1e:ca:0f:49:77:f8:54:29:aa:06:5b:08: ++ 0b:8e:0b:4f:9d:52:da:03:9e:a1:31:1b:4a:bb:df:cb:d7:ba: ++ b1:20:d7:77:bc:3b:87:e4:ae:46:59:13:88:cd:76:ab:15:68: ++ c5:90:d7:01:fb:7b:16:30:7f:f8:1e:c5:3d:a3:e2:61:d9:35: ++ fe:70:af:9a:47:12:59:26:27:b1:f6:a2:d8:99:80:a1:a4:a3: ++ a3:77:ad:40:90:8c:4e:7e:83:b0:c0:0e:fb:0b:c3:9f:ac:8d: ++ ee:65:fe:7d:85:2b:b3:93:62:56:50:f3:ca:68:68:76:37:9d: ++ e7:85:13:45:c1:c8:9e:c6:ba:eb:ef:24:85:e8:47:31:82:53: ++ 1b:c4:66:b3:c3:e6:89:5f:3e:18:9f:f5:ed:66:19:9e:57:5b: ++ 3d:6a:2f:fb:c2:e3:5a:40:d0:5b:2e:ac:f6:a4:c6:5b:ee:a5: ++ 76:a0:af:a8:c0:c0:e1:2f:78:6c:7b:fa:fe:a8:2d:8b:cf:2b: ++ c8:87:ee:09 + -----BEGIN CERTIFICATE----- +-MIIDsjCCApqgAwIBAgIJAL5YrUwfPSWVMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV +-BAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxhMRAwDgYDVQQHEwdVcHBzYWxhMREwDwYD +-VQQKEwhNeVNRTCBBQjAeFw0xMDAxMjkwNTU5NTNaFw0xNTAxMjgwNTU5NTNaMEQx +-CzAJBgNVBAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxhMRAwDgYDVQQHEwdVcHBzYWxh +-MREwDwYDVQQKEwhNeVNRTCBBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +-ggEBAL6kNN4peX7uhK9rb06W/QbPEpVuejmdWdl2PqMshP/eSuXXw7kwVgfpxx9R +-vC000CKQQSG9MCoZjtqPnFRsetmWLZgApRpEalGXTXJqq9sEbCfoFizg94U8G7d2 +-u5XJjLVmcG34ru36KoBgVx1zeH1puBAf8dOzrE4L7Y+ZQBFzFohjh8C2LqWC4nM5 +-qsLmOkDWMipGqYU5DvkKjIbTbwTyRNRgZHWSPfVDDPUIUOsY4BGUp2DpgeGY9aEv +-lIs57Ev9JqlIUCV65lOhhDkG+xwmkHKHA+ECEU9cALI8+uXbh48MB9XpMOuk408X +-/lX89aZwD0/G9kmObVGnE2G+H5UCAwEAAaOBpjCBozAdBgNVHQ4EFgQUsft+d7VA +-jWgRftkR5cPG2k2sUbAwdAYDVR0jBG0wa4AUsft+d7VAjWgRftkR5cPG2k2sUbCh +-SKRGMEQxCzAJBgNVBAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxhMRAwDgYDVQQHEwdV +-cHBzYWxhMREwDwYDVQQKEwhNeVNRTCBBQoIJAL5YrUwfPSWVMAwGA1UdEwQFMAMB +-Af8wDQYJKoZIhvcNAQEFBQADggEBALRUOAmdL8R8sl1y8kiEiFgDatdXK5RDqWai +-8yZChfmwTIToHhmQsOEshJe2e8hky3huUj+33VyXjINoMbebIwMuXPwEkbJal8RZ +-nSJmF0jN1Qz7J/jFffwK9xmejWZJx49Kt2+Qwrwp6kDeq9TLFqQOoVczgyJPYsTL +-NAOib5WqTud3XWvCwxrhqmWu7JZq6sp1fomP/uunprb8y2miWfLESZN2mKAhm44Q +-Lws867LT8v2lskEjq2dT1LutD5+R66XcdjgSr0uDziDs64jZwCD6ea94hVFM7ej0 +-ZOXYeSEZJ56FjUxu632e9fY8NyMh30yKjjmQf1mM9PuGJvdvsWU= ++MIIDWzCCAkOgAwIBAgIJAP6TFe468vz4MA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV ++BAYTAlNFMRAwDgYDVQQIDAdVcHBzYWxhMRAwDgYDVQQHDAdVcHBzYWxhMREwDwYD ++VQQKDAhNeVNRTCBBQjAeFw0xNTAxMjkxMzMzMzZaFw0zNTAxMjQxMzMzMzZaMEQx ++CzAJBgNVBAYTAlNFMRAwDgYDVQQIDAdVcHBzYWxhMRAwDgYDVQQHDAdVcHBzYWxh ++MREwDwYDVQQKDAhNeVNRTCBBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ++ggEBAK15O9HE8/1y6EqeVNtEhsdXqVMuAVpbBLi3FQIosuiKjQ4yKabMYwD75Hrs ++J7AJj000lcWeLpIgi+yI0wh1x8BhRmB5uw9f5AjXsiAIGnGp6vLWVUAmgpssagBm ++dFjq6Gx3dIEQO3h/IHWcrHpjrw62e+iUEwC4fTN6x0kfsoTODYlKl+5hCh2Lp4tF ++kNzM5lbcqiiyy4MJ53uafD7aTxHQspUNlsCwQWMtK0UvbUY4WrCT5gev0S8V/4Tz ++BWKlKBqkQCM9xndgLFV9/a/aSuj7FgOaZ0t2puyWukaG8vt86yxZXK/neVAmBdRx ++w9Vi1SsXNdMyTrTfMH2L/brDpl0CAwEAAaNQME4wHQYDVR0OBBYEFNAlNuTm24tu ++T4pNIEikITpYfu/EMB8GA1UdIwQYMBaAFNAlNuTm24tuT4pNIEikITpYfu/EMAwG ++A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAI2fVpNnS3fhTPA8a5yKoKU9 ++Xachcl68TIgWYZU95jTaprCMbpRMaerGivosPb/5jrXRaayhRhKVvP1nIR7KD0l3 +++FQpqgZbCAuOC0+dUtoDnqExG0q738vXurEg13e8O4fkrkZZE4jNdqsVaMWQ1wH7 ++exYwf/gexT2j4mHZNf5wr5pHElkmJ7H2otiZgKGko6N3rUCQjE5+g7DADvsLw5+s ++je5l/n2FK7OTYlZQ88poaHY3neeFE0XByJ7GuuvvJIXoRzGCUxvEZrPD5olfPhif ++9e1mGZ5XWz1qL/vC41pA0FsurPakxlvupXagr6jAwOEveGx7+v6oLYvPK8iH7gk= + -----END CERTIFICATE----- +diff -rup mysql-5.1.73-orig/mysql-test/std_data/client-cert.pem mysql-5.1.73/mysql-test/std_data/client-cert.pem +--- mysql-5.1.73-orig/mysql-test/std_data/client-cert.pem 2015-06-12 13:55:38.583469754 +0200 ++++ mysql-5.1.73/mysql-test/std_data/client-cert.pem 2015-06-12 13:59:37.679969606 +0200 +@@ -1,69 +1,68 @@ + Certificate: + Data: + Version: 3 (0x2) +- Serial Number: 6 (0x6) +- Signature Algorithm: sha1WithRSAEncryption ++ Serial Number: 3 (0x3) ++ Signature Algorithm: sha1WithRSAEncryption + Issuer: C=SE, ST=Uppsala, L=Uppsala, O=MySQL AB + Validity +- Not Before: Feb 20 03:03:26 2010 GMT +- Not After : Sep 3 03:03:26 2030 GMT ++ Not Before: Jan 29 13:33:49 2015 GMT ++ Not After : Jan 24 13:33:49 2035 GMT + Subject: C=SE, ST=Uppsala, O=MySQL AB + Subject Public Key Info: + Public Key Algorithm: rsaEncryption +- RSA Public Key: (1024 bit) +- Modulus (1024 bit): +- 00:c2:e7:20:cf:89:59:2f:67:cb:4c:9f:e8:11:f2: +- 23:e5:f1:b1:ee:3f:66:5f:c3:f5:fd:1e:31:ee:8f: +- 4c:2a:bd:c0:4a:a5:9f:c8:44:d5:77:8f:15:1b:4d: +- 78:6e:b2:a2:48:a5:24:33:05:40:02:b3:c1:87:8d: +- 59:3c:1a:07:aa:86:f0:04:e1:9c:20:4b:22:32:c4: +- 51:9e:40:e4:31:c3:57:f5:98:bf:2e:b1:fd:2c:56: +- bf:49:d9:9b:e7:17:cc:95:5f:b5:08:19:5e:9d:df: +- 65:22:39:2c:48:fb:69:96:31:7a:35:4d:de:60:b4: +- c1:60:19:5f:96:56:7e:55:19 ++ Public-Key: (1024 bit) ++ Modulus: ++ 00:c1:f6:6e:41:de:b5:80:fe:10:6d:c5:15:98:53: ++ 85:4a:88:51:06:85:30:7f:c9:92:87:51:3a:d6:8d: ++ d3:9c:0e:91:c2:39:30:e9:b2:6e:53:4a:3a:aa:a3: ++ 8b:ce:c0:93:94:c9:65:db:89:8e:21:2b:af:2a:ff: ++ 7b:5a:0f:b9:03:99:f0:eb:20:d4:2c:39:00:0e:5a: ++ b7:2b:17:e6:78:54:4f:54:23:36:81:b2:db:3e:48: ++ cd:8e:14:36:b4:4f:6e:4d:a1:84:64:29:b7:68:3c: ++ 45:3e:eb:9a:9b:8f:e2:d0:35:a8:0c:e6:70:4e:ac: ++ 78:74:d5:45:aa:67:33:81:0d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE ++ Netscape Comment: ++ OpenSSL Generated Certificate + X509v3 Subject Key Identifier: +- 8D:10:67:91:33:76:9C:02:E5:78:5D:D8:C5:EF:25:96:B2:D7:FA:1F ++ 17:61:EA:3F:25:92:55:2B:04:1C:D8:C7:A9:F6:61:C9:D9:99:A4:C9 + X509v3 Authority Key Identifier: +- keyid:B1:FB:7E:77:B5:40:8D:68:11:7E:D9:11:E5:C3:C6:DA:4D:AC:51:B0 +- DirName:/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB +- serial:BE:58:AD:4C:1F:3D:25:95 ++ keyid:D0:25:36:E4:E6:DB:8B:6E:4F:8A:4D:20:48:A4:21:3A:58:7E:EF:C4 + + Signature Algorithm: sha1WithRSAEncryption +- a9:88:10:3e:5d:2a:47:29:c8:03:27:7a:31:5a:8e:10:03:bc: +- b5:4e:37:1d:12:7b:eb:5f:50:71:70:b1:a3:8e:93:0e:77:17: +- 6c:47:b6:c9:a4:4d:2a:c4:38:f0:61:55:b2:7f:28:ba:06:79: +- ee:67:11:7d:d4:c9:7f:0a:18:c8:c1:cb:d0:2c:f9:63:0f:bb: +- 45:ca:de:ea:bb:ac:00:01:52:48:36:2b:07:2b:c8:46:c7:b1: +- 21:81:bd:77:39:e7:4c:39:aa:bd:ac:60:d8:a7:bf:cf:14:98: +- 4a:0b:a1:40:55:06:8d:6f:35:a9:39:a0:71:a9:97:ba:7c:73: +- 3c:41:ba:c5:1c:11:4b:2b:43:1d:2d:ba:7b:5f:14:b5:3d:64: +- 62:15:36:b4:16:bd:78:c8:43:8d:f9:1c:a5:d2:ac:a1:58:74: +- e1:99:de:ad:04:19:43:a8:bd:0a:fd:19:9b:50:44:46:6d:18: +- 55:4d:bf:b4:5b:a4:93:62:c7:64:91:6c:54:34:d1:f8:f3:ff: +- 12:6d:5f:85:e7:35:9e:5c:42:81:5e:fb:c8:bb:44:51:98:b2: +- ef:1b:9f:5a:22:77:28:7d:da:fb:08:c2:94:9a:0f:42:08:93: +- 54:10:1e:ad:f2:4f:fc:62:98:51:e9:9b:b9:3a:93:d9:e4:1f: +- 1d:c4:76:d0 ++ 78:ea:34:4f:ac:c5:0b:17:bd:c9:f4:28:bd:b2:b1:cd:a7:58: ++ 74:4f:00:82:82:c8:a5:71:fe:f4:2f:54:d0:e0:ae:b0:57:87: ++ 7d:e6:2e:14:4a:49:21:43:c3:b5:39:e4:7c:0f:fe:8b:c5:5d: ++ 5e:84:bc:42:2a:2a:a1:69:10:30:dc:e8:a6:ba:79:8b:a0:56: ++ 09:ab:a3:ce:db:32:b2:10:7a:9f:b7:7a:46:80:4a:90:59:af: ++ 81:5c:c7:92:20:46:9d:0e:27:20:e5:9a:da:b3:26:96:37:3b: ++ 87:e7:13:93:ba:8d:be:d3:9d:7a:cb:6d:96:75:36:54:e1:cd: ++ 7e:ff:0d:2d:3c:6a:cd:50:b3:a5:73:a8:83:a0:a7:a2:aa:fa: ++ 6e:49:b9:77:fc:03:16:21:bb:c7:8a:4a:79:5f:a9:7e:b9:21: ++ 6d:84:a7:5f:96:60:38:42:f7:d0:82:de:87:74:d4:05:93:b8: ++ 94:ae:d1:eb:0c:26:96:60:d5:d8:6c:cc:17:40:85:2f:ac:f8: ++ 31:f5:f5:76:d0:f1:3f:aa:87:81:b9:a0:93:71:28:6a:b2:f6: ++ 74:36:a1:fa:f8:dc:39:a8:cd:b7:75:79:d0:40:73:6c:d6:b2: ++ dc:9e:58:a5:51:e5:09:f0:3d:c2:2f:3d:16:ab:41:26:ec:3b: ++ 71:04:2d:eb + -----BEGIN CERTIFICATE----- +-MIIDETCCAfmgAwIBAgIBBjANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJTRTEQ +-MA4GA1UECBMHVXBwc2FsYTEQMA4GA1UEBxMHVXBwc2FsYTERMA8GA1UEChMITXlT +-UUwgQUIwHhcNMTAwMjIwMDMwMzI2WhcNMzAwOTAzMDMwMzI2WjAyMQswCQYDVQQG +-EwJTRTEQMA4GA1UECBMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwgQUIwgZ8wDQYJ +-KoZIhvcNAQEBBQADgY0AMIGJAoGBAMLnIM+JWS9ny0yf6BHyI+Xxse4/Zl/D9f0e +-Me6PTCq9wEqln8hE1XePFRtNeG6yokilJDMFQAKzwYeNWTwaB6qG8AThnCBLIjLE +-UZ5A5DHDV/WYvy6x/SxWv0nZm+cXzJVftQgZXp3fZSI5LEj7aZYxejVN3mC0wWAZ +-X5ZWflUZAgMBAAGjgaMwgaAwCQYDVR0TBAIwADAdBgNVHQ4EFgQUjRBnkTN2nALl +-eF3Yxe8llrLX+h8wdAYDVR0jBG0wa4AUsft+d7VAjWgRftkR5cPG2k2sUbChSKRG +-MEQxCzAJBgNVBAYTAlNFMRAwDgYDVQQIEwdVcHBzYWxhMRAwDgYDVQQHEwdVcHBz +-YWxhMREwDwYDVQQKEwhNeVNRTCBBQoIJAL5YrUwfPSWVMA0GCSqGSIb3DQEBBQUA +-A4IBAQCpiBA+XSpHKcgDJ3oxWo4QA7y1TjcdEnvrX1BxcLGjjpMOdxdsR7bJpE0q +-xDjwYVWyfyi6BnnuZxF91Ml/ChjIwcvQLPljD7tFyt7qu6wAAVJINisHK8hGx7Eh +-gb13OedMOaq9rGDYp7/PFJhKC6FAVQaNbzWpOaBxqZe6fHM8QbrFHBFLK0MdLbp7 +-XxS1PWRiFTa0Fr14yEON+Ryl0qyhWHThmd6tBBlDqL0K/RmbUERGbRhVTb+0W6ST +-YsdkkWxUNNH48/8SbV+F5zWeXEKBXvvIu0RRmLLvG59aIncofdr7CMKUmg9CCJNU +-EB6t8k/8YphR6Zu5OpPZ5B8dxHbQ ++MIIC6DCCAdCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJTRTEQ ++MA4GA1UECAwHVXBwc2FsYTEQMA4GA1UEBwwHVXBwc2FsYTERMA8GA1UECgwITXlT ++UUwgQUIwHhcNMTUwMTI5MTMzMzQ5WhcNMzUwMTI0MTMzMzQ5WjAyMQswCQYDVQQG ++EwJTRTEQMA4GA1UECAwHVXBwc2FsYTERMA8GA1UECgwITXlTUUwgQUIwgZ8wDQYJ ++KoZIhvcNAQEBBQADgY0AMIGJAoGBAMH2bkHetYD+EG3FFZhThUqIUQaFMH/JkodR ++OtaN05wOkcI5MOmyblNKOqqji87Ak5TJZduJjiErryr/e1oPuQOZ8Osg1Cw5AA5a ++tysX5nhUT1QjNoGy2z5IzY4UNrRPbk2hhGQpt2g8RT7rmpuP4tA1qAzmcE6seHTV ++RapnM4ENAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5T ++U0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBQXYeo/JZJVKwQc2Mep ++9mHJ2ZmkyTAfBgNVHSMEGDAWgBTQJTbk5tuLbk+KTSBIpCE6WH7vxDANBgkqhkiG ++9w0BAQUFAAOCAQEAeOo0T6zFCxe9yfQovbKxzadYdE8AgoLIpXH+9C9U0OCusFeH ++feYuFEpJIUPDtTnkfA/+i8VdXoS8QioqoWkQMNzoprp5i6BWCaujztsyshB6n7d6 ++RoBKkFmvgVzHkiBGnQ4nIOWa2rMmljc7h+cTk7qNvtOdesttlnU2VOHNfv8NLTxq ++zVCzpXOog6Cnoqr6bkm5d/wDFiG7x4pKeV+pfrkhbYSnX5ZgOEL30ILeh3TUBZO4 ++lK7R6wwmlmDV2GzMF0CFL6z4MfX1dtDxP6qHgbmgk3EoarL2dDah+vjcOajNt3V5 ++0EBzbNay3J5YpVHlCfA9wi89FqtBJuw7cQQt6w== + -----END CERTIFICATE----- +diff -rup mysql-5.1.73-orig/mysql-test/std_data/client-key.pem mysql-5.1.73/mysql-test/std_data/client-key.pem +--- mysql-5.1.73-orig/mysql-test/std_data/client-key.pem 2015-06-12 13:55:38.582469752 +0200 ++++ mysql-5.1.73/mysql-test/std_data/client-key.pem 2015-06-12 13:59:37.678969604 +0200 +@@ -1,15 +1,15 @@ + -----BEGIN RSA PRIVATE KEY----- +-MIICWwIBAAKBgQDC5yDPiVkvZ8tMn+gR8iPl8bHuP2Zfw/X9HjHuj0wqvcBKpZ/I +-RNV3jxUbTXhusqJIpSQzBUACs8GHjVk8GgeqhvAE4ZwgSyIyxFGeQOQxw1f1mL8u +-sf0sVr9J2ZvnF8yVX7UIGV6d32UiOSxI+2mWMXo1Td5gtMFgGV+WVn5VGQIDAQAB +-AoGARXcXLKDpVooJ3W+IyQyiWsw//IhANpWjUOm4JiyQmxMyO+i4ACr4Yjpu7WI5 +-MEseqAGj20NdwxjKO0PXsCIe5LmrGZ+SI8+CSERFOWXWRtCWz7y7SG30i1k6suvM +-mwqWom0tJLwn93uA1lm/WSwKQwUrJRahRQd3EaZqrl7DP5kCQQD/8gbuYAT5pxQe +-ULLGM0RvEsXxDYbEDxNbY5wrBazfklBwpumxZpFl6jEAT++7Kh2Ns3A7kB1oUNlA +-FPYr+dYPAkEAwvHEwRtoyUr8jqoqVVJWI76CDmBjEOzVeMKW97ztqbs2LxZW8dYI +-iOh/myFGpdoUwgu0U8w9MmXcj3ZeZCYKVwJALyQ+AJPw9qa+fuLwOq9gsHCtwrty +-EhSQxSlwrz/pWniRll439vPkXfgntF4E0t1r+hiN2Hqv3/HcQgBaYzkuIwJAG023 +-bACFxaOuCeFFepvEms8E8jSHy4gQQhCnCl24v8wLw76SQN7kZSCDNtwLRBFuVNtE +-z3PMonFn2eQPRmGZkwJAP1c1BHprMQx/ruafdscROILv3JrH40C1bR6KVVBKt1dK +-Qpnpgi7hK5rUQjDF8k3bn9ugTt06jyeHe/QhAml0kg== ++MIICXQIBAAKBgQDB9m5B3rWA/hBtxRWYU4VKiFEGhTB/yZKHUTrWjdOcDpHCOTDp ++sm5TSjqqo4vOwJOUyWXbiY4hK68q/3taD7kDmfDrINQsOQAOWrcrF+Z4VE9UIzaB ++sts+SM2OFDa0T25NoYRkKbdoPEU+65qbj+LQNagM5nBOrHh01UWqZzOBDQIDAQAB ++AoGANRzgEFWF6i6oHQbs5OtqAoDVfy2VnEh8QWWy8PGhUoiCzWaPyE69+zzGV9e0 ++/wao4wNLSxSdwOOPcfzHsF/Bz4plBP4GOhq1BJ4TU13RMlVpU0G2CCJNmc7Fz/g/ ++iFk7NrhJ+hS22QuC5R/upQaDmKvn3USppXurh7NbayjQRhkCQQDsd2XEdHzOqr1A ++fvd3tzAbmOoiSz05OHaVNJdHwsnWRASgn//YHCxaQCw/mt3hWjvxgRfS3kuDGFcy ++KAwa/tbnAkEA0fwyfqZERZIRH1sSxXclqbmSRfF9PsDvS8DsjjUVkj/Td4KV7DKI ++OWEv9d3VZvioIVaACeoGgmc6jdD6tAGN6wJBAN5Pyj+OfKAX6WEvfRzx/qqTctvW ++/LJFIUdZcDipKvTkca1Jf1D/+7rFxlPuF1f8a4q7oVhAYaHYSnH/MJJYsFUCQQDB ++ukofvGe6Q7NWWWCtG2p89r7zloM1VSywmBHmdSUso4QGe0yz+D7jqT1lOT872+bJ ++sxM3klhlELXdxtK1JcX3AkBqnkbKafhVdIojRvxwY1NXD2HrxZGNbl+r/0usrQc9 ++viRpCxVsqPeseK9sxbL+xDJ6a1ofJrLg8YJLFapOqWTh + -----END RSA PRIVATE KEY----- +diff -rup mysql-5.1.73-orig/mysql-test/std_data/server8k-cert.pem mysql-5.1.73/mysql-test/std_data/server8k-cert.pem +--- mysql-5.1.73-orig/mysql-test/std_data/server8k-cert.pem 2015-06-12 13:55:38.584469756 +0200 ++++ mysql-5.1.73/mysql-test/std_data/server8k-cert.pem 2015-06-12 13:59:37.682969612 +0200 +@@ -1,69 +1,147 @@ + Certificate: + Data: + Version: 3 (0x2) +- Serial Number: 5 (0x5) +- Signature Algorithm: sha1WithRSAEncryption ++ Serial Number: 2 (0x2) ++ Signature Algorithm: sha1WithRSAEncryption + Issuer: C=SE, ST=Uppsala, L=Uppsala, O=MySQL AB + Validity +- Not Before: Feb 20 03:00:54 2010 GMT +- Not After : Sep 3 03:00:54 2030 GMT ++ Not Before: Jan 29 13:33:49 2015 GMT ++ Not After : Jan 24 13:33:49 2035 GMT + Subject: C=SE, ST=Uppsala, O=MySQL AB, CN=server + Subject Public Key Info: + Public Key Algorithm: rsaEncryption +- RSA Public Key: (1024 bit) +- Modulus (1024 bit): +- 00:c5:da:44:95:06:77:16:21:af:a0:c4:3c:e9:f8: +- 1d:2d:95:f9:63:90:8c:3f:86:ba:77:76:4a:52:4b: +- 6b:af:29:f5:1c:aa:d4:3f:3e:42:9f:6d:46:ba:86: +- 90:b1:2d:cc:db:c6:33:15:a3:f4:af:53:33:4f:a1: +- 56:d1:aa:3b:26:10:f7:64:b5:f9:bf:1b:b1:47:8e: +- cc:a6:d6:0d:aa:4a:77:e3:a3:63:9d:2a:dc:65:f4: +- 7f:91:17:38:2d:d6:cd:4e:8d:53:52:97:6e:87:fc: +- 64:60:a6:a1:00:ac:96:6c:e4:42:94:75:17:46:6f: +- 91:b5:dd:06:47:ed:05:e3:db ++ Public-Key: (8192 bit) ++ Modulus: ++ 00:bd:48:03:11:06:b5:8b:92:f6:9f:2b:27:e0:3d: ++ 6c:8b:87:cc:7b:cf:e5:7b:e9:5f:eb:8d:4c:95:36: ++ 68:a6:1d:dc:81:10:83:c0:bb:97:c9:ac:4b:d1:c2: ++ a1:64:2a:09:e2:1e:5f:26:14:42:6b:b8:8c:82:ea: ++ 6a:d8:df:9b:dd:46:9a:23:52:66:03:51:25:90:2f: ++ 96:d4:c2:ec:1f:6c:a7:de:3a:eb:49:7c:da:81:ae: ++ 42:48:30:59:82:43:d6:ab:00:a1:22:80:e5:1c:f4: ++ 74:3c:59:42:e4:a2:6b:5d:13:69:1e:74:a3:f9:a2: ++ 71:eb:a6:b6:7b:ba:12:49:a8:4b:47:40:ed:f0:2e: ++ 94:80:23:73:5c:51:7a:2a:5c:96:bc:a1:20:7b:bb: ++ 38:b6:41:11:53:92:c4:1c:95:cf:d4:b2:62:ce:65: ++ bc:dd:4a:34:76:71:8f:e3:3e:fb:4c:0c:8f:dd:51: ++ 69:a3:e0:4c:c5:23:fa:c2:fd:5a:24:5d:cb:b1:fe: ++ f1:21:3f:c4:16:f1:d1:53:09:0c:72:bb:9b:01:b6: ++ c0:13:34:8e:bf:39:30:db:c5:f0:fc:6d:38:92:c3: ++ a8:8c:91:59:cb:b1:ce:4f:2e:7b:2f:6c:65:69:d9: ++ 8c:35:f9:b8:ae:1b:9d:2f:ee:b0:26:23:43:9b:d8: ++ ab:08:90:6a:d0:1d:cb:09:73:64:a4:55:95:f4:6f: ++ 0d:17:c5:ef:53:ea:6f:a0:13:3d:c1:cb:60:d0:1c: ++ aa:02:a3:22:4b:05:0a:26:86:ae:ed:73:0e:b7:6c: ++ b4:3b:ee:f1:34:01:60:9d:82:3d:e3:78:b0:ca:af: ++ ed:8e:f2:56:ac:de:1c:9b:f7:2c:55:cc:58:94:11: ++ 92:55:a9:38:75:61:71:c4:da:95:7a:d4:7f:03:2d: ++ 9d:29:76:e3:f7:c9:69:56:54:a0:b9:db:b9:ea:46: ++ e0:1a:55:a2:0f:cd:80:0f:4d:cf:7a:51:9c:f2:d5: ++ e4:6d:9a:59:95:e1:7e:00:2e:2e:e5:30:14:6c:8e: ++ 21:52:3b:f8:01:7c:9b:c8:ba:77:fd:41:1e:d4:b9: ++ a3:58:e1:4e:6d:a6:45:7e:cf:4f:3b:bb:a3:dd:a6: ++ 99:e8:d6:45:e3:28:d7:5b:b1:25:34:cb:15:3c:31: ++ 16:91:3b:01:76:32:b4:dd:c0:07:e9:d9:d9:87:f6: ++ c9:c2:6a:30:05:47:ba:d9:1b:98:b5:2b:50:9f:71: ++ ee:41:76:d6:0a:f5:30:de:0d:c6:d2:e1:ec:f7:7c: ++ 3e:97:13:5b:fb:2f:cf:82:7a:28:c0:98:e3:20:96: ++ 2c:f0:a7:30:19:ee:3d:66:c6:1e:f9:e8:f1:aa:11: ++ aa:fa:38:7f:89:c6:74:fa:7c:22:8e:37:5c:49:20: ++ 98:ae:cd:bc:21:d5:76:7b:66:f8:cf:07:3f:bc:07: ++ bf:75:ec:96:90:7f:62:10:31:eb:fe:60:c5:bf:78: ++ d5:51:f5:87:70:d5:ce:a9:17:4d:f5:b4:69:7e:08: ++ 98:19:cf:31:dd:f4:cd:b9:17:2d:46:d2:23:08:e4: ++ d1:75:c8:c5:a1:c4:5c:d8:26:bc:d8:bc:10:71:e1: ++ 5d:b7:2a:a3:c8:17:1c:7e:55:3c:d5:92:72:50:99: ++ a7:6c:a0:0d:5a:46:89:1c:71:e8:2c:05:b8:60:3d: ++ 03:74:05:2d:f4:20:4f:11:a7:04:82:ba:32:b8:5f: ++ de:ee:b6:bb:b2:7a:c2:64:ff:cc:5a:08:1c:c4:d8: ++ ac:e4:37:be:d4:1d:f2:7b:4a:db:5a:0d:07:25:88: ++ e2:74:91:ec:30:3a:97:b4:87:68:de:d7:53:6a:b8: ++ cd:54:cd:b0:de:55:95:f6:76:41:3f:3c:37:27:0a: ++ d0:bb:54:42:cf:5a:9f:3f:bc:9f:2b:45:f7:64:1e: ++ d5:f8:98:75:8b:e9:b1:9d:32:00:bf:6a:f1:78:eb: ++ f3:db:0b:12:16:62:4b:b3:b3:a9:c4:e2:48:72:cb: ++ c4:a7:f5:26:23:27:32:63:3d:b7:40:70:d0:14:e6: ++ 93:56:e4:8b:c6:21:40:35:4b:2d:59:e2:21:97:df: ++ cb:14:cb:eb:a5:27:a8:56:83:9c:94:ce:76:a6:2b: ++ 25:5d:51:de:0b:40:86:29:ae:2c:e6:74:a7:7d:b8: ++ d7:13:1a:df:fc:d3:de:f8:38:24:d6:69:5e:69:61: ++ 6f:ad:ea:d7:94:61:22:30:6c:08:4a:3f:71:6f:c9: ++ c0:d1:08:ca:06:ef:e4:12:a2:75:dd:a6:15:a2:56: ++ 14:82:e2:5e:b8:fe:87:09:70:c1:12:7d:84:29:5d: ++ cf:b1:a4:45:7a:c6:a6:d3:91:c9:83:ec:0b:d9:95: ++ 25:5c:a7:fb:c4:75:2f:f7:13:31:1d:b5:48:20:2c: ++ fb:eb:95:02:80:2e:81:bb:32:92:28:da:71:5b:42: ++ 97:c7:66:3d:2c:be:b3:ab:ee:30:68:b0:6b:11:f9: ++ 0d:5a:82:0d:5f:d6:3a:2a:99:f3:2a:e4:b5:47:c0: ++ 34:ce:94:ac:17:68:68:cd:72:52:f5:83:bd:17:f9: ++ 7b:ad:76:0a:98:6e:83:6f:4b:02:b6:af:bd:c2:e7: ++ 60:68:e5:e8:a5:90:1c:30:ce:c6:bc:78:e6:0f:77: ++ 7d:9c:7e:62:49:8c:54:4b:a5:98:be:31:b7:05:21: ++ b1:6a:9c:2a:76:7f:20:f5:f5:1f:2a:40:80:b5:05: ++ 57:12:b9:d0:29 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE ++ Netscape Comment: ++ OpenSSL Generated Certificate + X509v3 Subject Key Identifier: +- 6E:60:3F:29:13:60:99:ED:0C:F7:15:B5:DB:7B:1C:FB:6F:60:19:ED ++ DF:F6:30:35:E7:24:29:DF:22:90:5F:EF:7C:1F:14:E9:5B:1C:98:1D + X509v3 Authority Key Identifier: +- keyid:B1:FB:7E:77:B5:40:8D:68:11:7E:D9:11:E5:C3:C6:DA:4D:AC:51:B0 +- DirName:/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB +- serial:BE:58:AD:4C:1F:3D:25:95 ++ keyid:D0:25:36:E4:E6:DB:8B:6E:4F:8A:4D:20:48:A4:21:3A:58:7E:EF:C4 + + Signature Algorithm: sha1WithRSAEncryption +- 63:2e:0f:07:14:06:cf:74:90:3d:37:42:f2:48:70:60:21:bc: +- 34:52:31:f1:87:70:d2:b2:fb:ff:13:38:dc:f0:5e:43:d7:ee: +- a7:c7:1f:ac:aa:d2:8c:4f:fa:3c:4c:73:f6:b6:c2:0c:a0:ea: +- a2:c9:e2:73:61:c3:2e:78:40:0f:2a:d3:63:50:9b:b8:f9:89: +- 40:ed:98:08:97:c3:07:24:17:34:b5:78:89:0a:bb:83:4c:e2: +- 5c:2e:13:d6:21:30:ad:30:48:b5:70:12:ff:4a:6f:42:f0:f8: +- 9f:b1:4b:bd:89:2b:f0:9d:e2:49:2b:35:69:18:1f:76:40:b4: +- 76:bd:cb:dd:27:2f:c0:c1:e2:33:3e:6e:df:68:54:19:92:8a: +- bb:13:9c:cf:d6:17:56:da:bf:0d:64:70:3a:45:b7:aa:5f:e3: +- f5:96:ae:34:f2:17:37:27:d0:4b:e8:30:4a:c0:02:42:e2:d2: +- 30:eb:eb:c7:d7:ec:d8:df:5c:43:58:e2:6f:b7:58:54:0d:c4: +- 01:71:2d:59:8f:44:c7:a1:6c:0b:41:28:fa:b7:63:a7:68:d3: +- 4f:c3:0f:17:9e:b2:32:50:e6:0b:87:3d:e2:39:47:c0:d8:0a: +- 3b:f6:af:50:68:0f:9d:ef:6e:34:0d:3a:07:94:f8:a4:d7:24: +- 86:32:d3:b4 ++ 78:18:7b:57:42:67:41:d3:b8:3e:2f:ad:74:e6:c0:de:2e:83: ++ ea:fa:07:5c:06:fe:d6:47:46:85:5a:df:67:17:86:f3:da:52: ++ 83:98:9a:5f:80:a3:a5:60:ab:07:f0:f0:d8:c5:9d:c5:09:53: ++ ad:79:c4:c0:31:35:af:0c:e7:41:8e:b7:aa:ca:36:ee:90:6b: ++ 34:a6:19:1c:3b:1a:90:3a:91:10:47:12:a0:31:49:0c:c2:38: ++ 68:0e:38:57:24:d6:12:c6:4c:bb:b2:b4:d8:ab:9e:80:93:ad: ++ af:84:01:d0:e8:2b:b3:ea:f6:c0:bc:4a:fa:01:b1:ce:fa:ab: ++ eb:f1:08:b3:0d:83:fc:08:57:79:02:74:4c:09:56:14:0a:52: ++ e0:02:74:76:44:66:2b:12:fe:8d:d4:8c:30:90:41:3b:4a:7b: ++ 3f:1c:7c:86:74:97:94:66:43:39:da:7d:20:4a:ba:3a:17:49: ++ ac:c7:fa:72:ee:d8:84:09:e6:f4:84:8d:e3:2a:7b:70:36:93: ++ 88:f8:60:ef:7f:b8:e8:51:61:16:6f:a0:94:b8:7d:ff:3f:ec: ++ 25:fe:42:cf:0e:0d:ab:06:07:88:7a:e2:ba:d5:62:ff:19:19: ++ 37:43:ff:92:53:8c:ea:31:6f:a1:14:89:3b:b4:d1:3c:45:e8: ++ 9c:ef:bb:2d + -----BEGIN CERTIFICATE----- +-MIIDIjCCAgqgAwIBAgIBBTANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJTRTEQ +-MA4GA1UECBMHVXBwc2FsYTEQMA4GA1UEBxMHVXBwc2FsYTERMA8GA1UEChMITXlT +-UUwgQUIwHhcNMTAwMjIwMDMwMDU0WhcNMzAwOTAzMDMwMDU0WjBDMQswCQYDVQQG +-EwJTRTEQMA4GA1UECBMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwgQUIxDzANBgNV +-BAMTBnNlcnZlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxdpElQZ3FiGv +-oMQ86fgdLZX5Y5CMP4a6d3ZKUktrryn1HKrUPz5Cn21GuoaQsS3M28YzFaP0r1Mz +-T6FW0ao7JhD3ZLX5vxuxR47MptYNqkp346NjnSrcZfR/kRc4LdbNTo1TUpduh/xk +-YKahAKyWbORClHUXRm+Rtd0GR+0F49sCAwEAAaOBozCBoDAJBgNVHRMEAjAAMB0G +-A1UdDgQWBBRuYD8pE2CZ7Qz3FbXbexz7b2AZ7TB0BgNVHSMEbTBrgBSx+353tUCN +-aBF+2RHlw8baTaxRsKFIpEYwRDELMAkGA1UEBhMCU0UxEDAOBgNVBAgTB1VwcHNh +-bGExEDAOBgNVBAcTB1VwcHNhbGExETAPBgNVBAoTCE15U1FMIEFCggkAvlitTB89 +-JZUwDQYJKoZIhvcNAQEFBQADggEBAGMuDwcUBs90kD03QvJIcGAhvDRSMfGHcNKy +-+/8TONzwXkPX7qfHH6yq0oxP+jxMc/a2wgyg6qLJ4nNhwy54QA8q02NQm7j5iUDt +-mAiXwwckFzS1eIkKu4NM4lwuE9YhMK0wSLVwEv9Kb0Lw+J+xS72JK/Cd4kkrNWkY +-H3ZAtHa9y90nL8DB4jM+bt9oVBmSirsTnM/WF1bavw1kcDpFt6pf4/WWrjTyFzcn +-0EvoMErAAkLi0jDr68fX7NjfXENY4m+3WFQNxAFxLVmPRMehbAtBKPq3Y6do00/D +-DxeesjJQ5guHPeI5R8DYCjv2r1BoD53vbjQNOgeU+KTXJIYy07Q= ++MIIGfTCCBWWgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJTRTEQ ++MA4GA1UECAwHVXBwc2FsYTEQMA4GA1UEBwwHVXBwc2FsYTERMA8GA1UECgwITXlT ++UUwgQUIwHhcNMTUwMTI5MTMzMzQ5WhcNMzUwMTI0MTMzMzQ5WjBDMQswCQYDVQQG ++EwJTRTEQMA4GA1UECAwHVXBwc2FsYTERMA8GA1UECgwITXlTUUwgQUIxDzANBgNV ++BAMMBnNlcnZlcjCCBCIwDQYJKoZIhvcNAQEBBQADggQPADCCBAoCggQBAL1IAxEG ++tYuS9p8rJ+A9bIuHzHvP5XvpX+uNTJU2aKYd3IEQg8C7l8msS9HCoWQqCeIeXyYU ++Qmu4jILqatjfm91GmiNSZgNRJZAvltTC7B9sp94660l82oGuQkgwWYJD1qsAoSKA ++5Rz0dDxZQuSia10TaR50o/miceumtnu6EkmoS0dA7fAulIAjc1xReipclryhIHu7 ++OLZBEVOSxByVz9SyYs5lvN1KNHZxj+M++0wMj91RaaPgTMUj+sL9WiRdy7H+8SE/ ++xBbx0VMJDHK7mwG2wBM0jr85MNvF8PxtOJLDqIyRWcuxzk8uey9sZWnZjDX5uK4b ++nS/usCYjQ5vYqwiQatAdywlzZKRVlfRvDRfF71Pqb6ATPcHLYNAcqgKjIksFCiaG ++ru1zDrdstDvu8TQBYJ2CPeN4sMqv7Y7yVqzeHJv3LFXMWJQRklWpOHVhccTalXrU ++fwMtnSl24/fJaVZUoLnbuepG4BpVog/NgA9Nz3pRnPLV5G2aWZXhfgAuLuUwFGyO ++IVI7+AF8m8i6d/1BHtS5o1jhTm2mRX7PTzu7o92mmejWReMo11uxJTTLFTwxFpE7 ++AXYytN3AB+nZ2Yf2ycJqMAVHutkbmLUrUJ9x7kF21gr1MN4NxtLh7Pd8PpcTW/sv ++z4J6KMCY4yCWLPCnMBnuPWbGHvno8aoRqvo4f4nGdPp8Io43XEkgmK7NvCHVdntm +++M8HP7wHv3XslpB/YhAx6/5gxb941VH1h3DVzqkXTfW0aX4ImBnPMd30zbkXLUbS ++Iwjk0XXIxaHEXNgmvNi8EHHhXbcqo8gXHH5VPNWSclCZp2ygDVpGiRxx6CwFuGA9 ++A3QFLfQgTxGnBIK6Mrhf3u62u7J6wmT/zFoIHMTYrOQ3vtQd8ntK21oNByWI4nSR ++7DA6l7SHaN7XU2q4zVTNsN5VlfZ2QT88NycK0LtUQs9anz+8nytF92Qe1fiYdYvp ++sZ0yAL9q8Xjr89sLEhZiS7OzqcTiSHLLxKf1JiMnMmM9t0Bw0BTmk1bki8YhQDVL ++LVniIZffyxTL66UnqFaDnJTOdqYrJV1R3gtAhimuLOZ0p3241xMa3/zT3vg4JNZp ++Xmlhb63q15RhIjBsCEo/cW/JwNEIygbv5BKidd2mFaJWFILiXrj+hwlwwRJ9hCld ++z7GkRXrGptORyYPsC9mVJVyn+8R1L/cTMR21SCAs++uVAoAugbsykijacVtCl8dm ++PSy+s6vuMGiwaxH5DVqCDV/WOiqZ8yrktUfANM6UrBdoaM1yUvWDvRf5e612Cphu ++g29LAravvcLnYGjl6KWQHDDOxrx45g93fZx+YkmMVEulmL4xtwUhsWqcKnZ/IPX1 ++HypAgLUFVxK50CkCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYd ++T3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFN/2MDXnJCnf ++IpBf73wfFOlbHJgdMB8GA1UdIwQYMBaAFNAlNuTm24tuT4pNIEikITpYfu/EMA0G ++CSqGSIb3DQEBBQUAA4IBAQB4GHtXQmdB07g+L6105sDeLoPq+gdcBv7WR0aFWt9n ++F4bz2lKDmJpfgKOlYKsH8PDYxZ3FCVOtecTAMTWvDOdBjreqyjbukGs0phkcOxqQ ++OpEQRxKgMUkMwjhoDjhXJNYSxky7srTYq56Ak62vhAHQ6Cuz6vbAvEr6AbHO+qvr ++8QizDYP8CFd5AnRMCVYUClLgAnR2RGYrEv6N1IwwkEE7Sns/HHyGdJeUZkM52n0g ++Sro6F0msx/py7tiECeb0hI3jKntwNpOI+GDvf7joUWEWb6CUuH3/P+wl/kLPDg2r ++BgeIeuK61WL/GRk3Q/+SU4zqMW+hFIk7tNE8Reic77st + -----END CERTIFICATE----- +diff -rup mysql-5.1.73-orig/mysql-test/std_data/server8k-key.pem mysql-5.1.73/mysql-test/std_data/server8k-key.pem +--- mysql-5.1.73-orig/mysql-test/std_data/server8k-key.pem 2015-06-12 13:55:38.581469750 +0200 ++++ mysql-5.1.73/mysql-test/std_data/server8k-key.pem 2015-06-12 13:59:37.677969602 +0200 +@@ -1,15 +1,99 @@ + -----BEGIN RSA PRIVATE KEY----- +-MIICXgIBAAKBgQDF2kSVBncWIa+gxDzp+B0tlfljkIw/hrp3dkpSS2uvKfUcqtQ/ +-PkKfbUa6hpCxLczbxjMVo/SvUzNPoVbRqjsmEPdktfm/G7FHjsym1g2qSnfjo2Od +-Ktxl9H+RFzgt1s1OjVNSl26H/GRgpqEArJZs5EKUdRdGb5G13QZH7QXj2wIDAQAB +-AoGBAJLCjh7Q9eLnx+QDzH9s+Q/IcH4nSbERmh1lFEopAc6j29qQ6PGkmDy0DUPs +-70VOCOh5A4mo3aZzm9sUfVb24/nRtmyTP/AtMuIVGCsUqzI28dJRGvRlY0aSQG/C +-ILqMP69kiMNGBvuyEIiJhisOmMvDFEp7HrrXHJM9qcc217DpAkEA4nzJ9yyy2e4O +-r6/D711hdfcU/F+ktXw+pL77kSSdTABUap92Uv2RL36UA4q5h8RNvq/GrzMNm6Ye +-u2IMvBCiTQJBAN+iRbiMJCSitTg5YVMluVbT87co7jbTqk7LN1ujyIFEklm4xlHG +-DLJNgEoDR7QJtAkL++FyogC4zsQsey5voscCQQCp54trTbDuI9QIoAaQrrDKWgz4 +-NpfNPeOQm2UFQT5vIWAyjGWrZGViB8bp0UvVOcJI5nxaOiZfOYOcdrWu75uRAkAn +-67zMc9/j1lPJRJz2Dc7nDBD+ikTz7pcBV897AWLCiK4jbBOi91q+3YzgKXO8VNsZ +-nlUJasA2psbqSBJ5OJ5zAkEA2UxoMju54hASjT54Z92IzraVw4Vo8CYwOcw5fr7z +-+m5xg1mmWdLBclmZ+WjARzDuTHIW6u/WCxNGg42AykWzfw== ++MIISJwIBAAKCBAEAvUgDEQa1i5L2nysn4D1si4fMe8/le+lf641MlTZoph3cgRCD ++wLuXyaxL0cKhZCoJ4h5fJhRCa7iMgupq2N+b3UaaI1JmA1ElkC+W1MLsH2yn3jrr ++SXzaga5CSDBZgkPWqwChIoDlHPR0PFlC5KJrXRNpHnSj+aJx66a2e7oSSahLR0Dt ++8C6UgCNzXFF6KlyWvKEge7s4tkERU5LEHJXP1LJizmW83Uo0dnGP4z77TAyP3VFp ++o+BMxSP6wv1aJF3Lsf7xIT/EFvHRUwkMcrubAbbAEzSOvzkw28Xw/G04ksOojJFZ ++y7HOTy57L2xladmMNfm4rhudL+6wJiNDm9irCJBq0B3LCXNkpFWV9G8NF8XvU+pv ++oBM9wctg0ByqAqMiSwUKJoau7XMOt2y0O+7xNAFgnYI943iwyq/tjvJWrN4cm/cs ++VcxYlBGSVak4dWFxxNqVetR/Ay2dKXbj98lpVlSgudu56kbgGlWiD82AD03PelGc ++8tXkbZpZleF+AC4u5TAUbI4hUjv4AXybyLp3/UEe1LmjWOFObaZFfs9PO7uj3aaZ ++6NZF4yjXW7ElNMsVPDEWkTsBdjK03cAH6dnZh/bJwmowBUe62RuYtStQn3HuQXbW ++CvUw3g3G0uHs93w+lxNb+y/PgnoowJjjIJYs8KcwGe49ZsYe+ejxqhGq+jh/icZ0 +++nwijjdcSSCYrs28IdV2e2b4zwc/vAe/deyWkH9iEDHr/mDFv3jVUfWHcNXOqRdN ++9bRpfgiYGc8x3fTNuRctRtIjCOTRdcjFocRc2Ca82LwQceFdtyqjyBccflU81ZJy ++UJmnbKANWkaJHHHoLAW4YD0DdAUt9CBPEacEgroyuF/e7ra7snrCZP/MWggcxNis ++5De+1B3ye0rbWg0HJYjidJHsMDqXtIdo3tdTarjNVM2w3lWV9nZBPzw3JwrQu1RC ++z1qfP7yfK0X3ZB7V+Jh1i+mxnTIAv2rxeOvz2wsSFmJLs7OpxOJIcsvEp/UmIycy ++Yz23QHDQFOaTVuSLxiFANUstWeIhl9/LFMvrpSeoVoOclM52pislXVHeC0CGKa4s ++5nSnfbjXExrf/NPe+Dgk1mleaWFvrerXlGEiMGwISj9xb8nA0QjKBu/kEqJ13aYV ++olYUguJeuP6HCXDBEn2EKV3PsaRFesam05HJg+wL2ZUlXKf7xHUv9xMxHbVIICz7 ++65UCgC6BuzKSKNpxW0KXx2Y9LL6zq+4waLBrEfkNWoINX9Y6KpnzKuS1R8A0zpSs ++F2hozXJS9YO9F/l7rXYKmG6Db0sCtq+9wudgaOXopZAcMM7GvHjmD3d9nH5iSYxU ++S6WYvjG3BSGxapwqdn8g9fUfKkCAtQVXErnQKQIDAQABAoIEAErwZt5n1JrE/cV4 ++1ZnPV9lKU6g1YDsV47cjw01UNEyIiBPFURSOcQMUpxQORc2dYzpWIf+2h7GUaHUw ++kEr7BP+vgzk211K63u9eGA52efvbDf9LPnpi5zPupSllkxqi9yvO3P0HIS68jgSS ++poxUzcMU+0pmjcE5EndlEtybh8AH1H4Kc+ni10KARp0nWQHKlJdsB6tVLZfi3RRE ++iEZ0/crNMZdb6lGGnozCW2ByQBYU5ySNphCOrnZiz1ZB7l11kT8Qm7E5SM54wRJq ++A7atFiqwiw1PgrCs2O46STX3nC1nL6UvquidpfvtgDH/bYth6UQ5cWflYO9oRe9j ++iNH8D4MdglyRXyCHwjHZ/LvA9+MQp7eGmtk6pPnEJrlej+TpZ5tiDGnCayFxq0Lt ++09HiwTaA0RqrRQt5bi1hR+GPisd4TMVnL/NsKym8Zz5o+ARpJxz0Gbh+xyaf+ZhA ++DPO+l2jpqpTLLKlXlER44Of2yZvFh75673OpQX4vXQadN0ClCEYPKhbskr63JXKZ ++PihTw0vOa4F3WffHhECfUuZo94rDuJX57vejVhogwlr4IK3tNaQWH0Qyo1qDqt4c ++uEVazegpyimh1w9QHeb1KRmZY5stBVJ/1TCTcNyJgc1eS26Uj0dLD+C8RiD3cokG ++Pu5Y5sQEvWOW0lKNYBg7pOpbgmD8LHIvQQeM/Jut5B3hT8kmBbvbjts5tsrgSlM3 ++0LB1tUHRqGlFYOC3l4/vQPt+OnNeajh0iF8MiCMyWLWssZbKJYR5T2zWQZFd0cNw ++I1Dssspmx98dF//tA9cgv9joVeWM2mDZIFsYuo3BnMAzFMlXgMogE4vhGbxuAq9T ++iqar7zueu0sEkbgzJUFLzQEkh6cXM5jixtG0ryxzogk6sSkFqEnowYxBMzGh44yy ++ownBTwULKfs1UCRrW7O5DnoUNQ5kK1v8Nm+mEanadKe5qiqrBu6q7lYwPeSG2t/6 ++LSlQ5KRVPxWrf30zzwqzLJy08/P42wPM1zZFOyqFtdamV1k2nhvSefiq/b+aIXK4 ++fN0gtBcO6fStqNvRBeMHO0DjHz49/HZGjqa1ZWjCA8oGuTMXfrmlgrf+RBlWJgLA ++ST3RAFQ7Nyw2D5ABuSk/2m1yGcuyEgwsqOqr8qDY11nNgmiAxuVF9Atf3zmoB6Mp +++4GE3EQuATyBhcZ/ZJiMn02roQ/lkrDOkdE1DrRnF7Jjw6y9XpBbhH6dwlWIMmmZ ++EZAhhKo9vtP9SKAGy43IE8JMHFnMVpr1nEMT54WsyU3cNKORUKL6diOl2trGjsSr ++T4tE1jWqry/sfLg8OxqWxGoca6UUjngLfBcnUSbcaDhlGPqCl+kahmummozNcziS ++mogK5N0CggIBAPA1BMon7N+1Q/1saE/SsPsgbUcWzjb5M2mwHURUamQRQ2OnltSr ++/qjKoe++TzF19QnAGCJMsKhTUIdWW988xEUUnwSlPGZ6h+vx779Nc9870r1B8WgA ++ejwx7oH14EVNg6WECXZEYvVSvQn1LsXEWfpujlxeDYoaOMHZSq7MFzyrzJxKgUIB ++e35mCPzXPvh3XUz6MR9RtfRZk/XaSIV1LRR56H4xDTXOp8nejmvTALLbX9RaSV1K ++64KbEPdWe4FZ7WK+qLBglO/JR0OE5f7y86MqUztjNfnUKubABfo9lBS574u26rbW ++Y+kFHux9WjkVPIkQsO5kGjs+dWWkyeUKoNEyE5otxJ7p8nXaUU9ZSd7c1VvK8Cof +++uIsFpwCpyAJdo+zfgCNf0WzFwAM5UIB8PsbmMQnbTdDr+VYhxaEh9e0oLCApjCz +++RUm5I6ElXKpzejkMn5FGlknQ3aEghmOfTo1WmZ2B31ZnJrRLuYRKRZXqieIvHm8 ++NGiyJx4oi6jQzf4QxKjbH0brW2lSkxArE8sgKrJImSLI7TxPVlQ8JmuLR4MU2xHp ++48PC0AxnBB/0l+2EWG37yPmPVCNQ5oEKjzqp8fgnCzuLKe2wG2QE2IkLUEJUtZjD ++fHkCArilVmZDvAUDpYDu9AbgDhsRlyV6fKAo+S05EiuwjbKExhn4Iry3AoICAQDJ ++udlnRSVxoHEPFfg2IQzAg2v3e6OAWNc/c+Unc88eEZJXUHIGt0fqWN2OrVvx3HEg ++ZrwhiByThLHPqmfqLjr/s9KuxYBSoC/5YhYb9KGYHEcwdSrxFo3bvCULmIjDGqbU ++1m3AbHVPe6Zj0dw13hgf7HDcW/ZK/mtvjgBMQiRjI5RWlkh9kGkxKKOiAZFsGx0T ++dB+ocXhC5SVbISARkCesMKmuYQfo285JNSudaJ4JWJkLOj1+Ovfczj3KxWo4nLV2 ++HYJlWugL6RBVETu2iDlrcO1RlxcH6942N4DbN3SVNYMWQ2vjbro8tC2RBU2L60/u ++v5tDlMag8IotVSVQWInda/Dwk9WKpxHyHjUHreqj22wrECmizmTD2CTfTtLgfGoa ++4qXZUfuMGLgxBiAdxQyRJsjzVKtY6CAlzBuF9kNfIaGJGtDAumG2f3/YC17rfyYq ++vlNtJKbRPkif5g97de1x/H5gNzXlKx2+lJ7wWW2lH3fRF14tji/1xjHGSZeO0Rrs ++bPJvqLAQHu9AsBmA5qsyydFkwks21NxUXjnr98iIVYusNvNPvsQQzAOLcHWTxtel ++uhjPh6Wa2w68WW2f+u0Wp6t8ksFt/QmYVWZ67UOpGQFU36k+qXJvSQpRwNNlkkcP ++aZQbA7SstkspiMFmPitqQptbUnBr5iYA8z7h6di6HwKCAgATPgwOLbiaCylRKdgJ ++XPV0iJp4cWk/miL2Ond9u81yCrf9SbWZf9W8q87hJ7usWKiyiULlrIMSWOpAjTh6 ++36FRb191vc7i3rn4ur7b8lZv8ZjmNFwkWrVwEQfsPUgkBRugrL0dTkknIeOm4o9G ++pH4Yw7Z/y8EF6SfWz5NeAVdzMsgHVSiZowjDjWT27D9NJDLDMd+xhJgw5OQnc78P ++gd2EoGdxhHhscQub7ko2dQa/TTeWCU2LPa80HTv0tGbca9nKaT+WMYZ81wDwdbr+ +++3NtBLz6Ku5t/wMYzRUtgLVWG7cG2DZhQzdpuVFK3JfXrs3UpROnZTl8uXoqFFNg ++F8PePka3uSbhHBiiPET7OEnkoogs/ErU9Q7iA2okQUomFNv8kwJrBOrHKJuVE3Ni ++IEmvs/w+6nGjVbbHhpn7wc4oB34/5W5qxGAVw7HXgON/9f5aw70PxHVh4vVSjzbk ++2TdK7G87egULk5wqAsvg/kruUUN+O0Pt9Je2M19S2Sim82MtESbP6A3PXpdKDqVd ++TDYftYn2Ej7CPJpUlH5z7QWe499srsUF4Fiwm/CSrcX00WFCU7HJzbvB0iuJULfG ++apQivO53VJlfwbwwIEVxc7ns8I0TYznQ7QgRoYmaRRRwyMhNFoexlnLSAizfGj+j ++bvaA1gdwCfxcp54SSPSdq/UMbQKCAgBTyZrwVvsfgAmVv4VSTlXynGO67qLRy5TU ++KTo0MdkEXz4OgD5sZbI8N18HRSBcjDh8wc9Aij18VHBaligFT+B3luRabXRIXXqv ++tbsDL4/zE0PKb9A/RSP08efdMiUUDLzgyJPbifEL64sICQHTagVRNS8HiDb7nUNY ++mX2sLwjYGM4jTNadON9IaN3Wi5owce6YxvHjUAYomu7yNAcS5HJmBexknq7fXHUJ ++WUldXzfNH/ypei5SgQG0uAFYeLkO/KAuiEFCAglB8TM0ci0AOwLGiqg37G7HfoPU ++tycRZq5Iz2o8VBK666H1Vs1aX/5+sGWKABHodyItdNufyq7t+WiCDLSN6ImYxp4g ++l8VlBCrilmAOXu88TUfzRJLEIgRa87JKqntCkdfOr/HJgwbR9qeqnpZ242MsUXYQ ++3P9NnCUNnXVv8jBk7MVrPPgH72kknbJnrJgQTFnxrVITAEbL/AZ9Augm5KfBITCA ++mVCO+kYdgL2Onosilt160zCXcLe/vUDWlMX59PH0MDUmBD8DmEvhk4wissT06GL/ ++tAeQ6GFlp0qVZFmZdN4RL/wE7dgYYk3t6yclA+2YLYaoWui6u0nA0DHdU0N+gMx8 ++dnRTeLtSwC0aaK/udAkxCgB8RoBHvwM+9pZqxhZEao87mC7kXcxAnZvTyaEiX/zH ++BkHHKg839wKCAgAAvo9BfWg3gf0rRnbXsGbYGeiodCMGiskI/QmboM1uJ27oMrcn ++pHeIuNP7Ag9L88DYewznq6IqHk2PHLU4Gzt+AAiiiEE5SFIJP1J5NR28u//MQC9v ++K+cPDjGjPXJHhE084VFqz3nV+R/M8MdwD/Wm2JWevDnMKBpZxLJuQNzv1UBLVSMb ++kdkYWvS8Be8p4sv2zcrgygawCHJRVlwrm6EZcpSDr0ohNd2KuAHQpi1DGBDDWEBv ++0WylbTmqiNf8LCE+1a5n6CvrdUmEe43FKpLPnvN+lqyCmSxR7pUrjoIzlVCGkAQ8 ++y1nAmhStjC/TM4S3M7ip6036AAFqHe9y8Rwt2D8YaTQXxr6seyMmWLYPWMZeF/mm ++fYV2pNmjwLCN5TOnjn2EJABzsxA9Ex814BDcZhb6vam29K1mkEo32khrqP22YXB7 ++XT7BNE8vczQ1lnUclfZIeuOgdFLwmrT7R95BX2xfR6yGZUpqqZOePoLvBKIC28Hf ++sp88Jm8QTZfjQiLAu8kuu2+bPkooIdyXZqYO8qrRCza2QjJwM1xuyxABqoz4a6OW ++YfT+WHRUQLJTkSvD95B2B4fKWnK+C8QeTP42SZbDNwzrbUyQgqlNbH2MFEIYE/b4 ++ipfcemR7T7zP7DEL8VkqGR33q/qFOtHvijb6H3W0IO06MmDOaenbMpkmyA== + -----END RSA PRIVATE KEY----- +diff -rup mysql-5.1.73-orig/mysql-test/std_data/server-cert.pem mysql-5.1.73/mysql-test/std_data/server-cert.pem +--- mysql-5.1.73-orig/mysql-test/std_data/server-cert.pem 2015-06-12 13:55:38.584469756 +0200 ++++ mysql-5.1.73/mysql-test/std_data/server-cert.pem 2015-06-12 13:59:37.681969610 +0200 +@@ -1,69 +1,68 @@ + Certificate: + Data: + Version: 3 (0x2) +- Serial Number: 4 (0x4) +- Signature Algorithm: sha1WithRSAEncryption ++ Serial Number: 1 (0x1) ++ Signature Algorithm: sha1WithRSAEncryption + Issuer: C=SE, ST=Uppsala, L=Uppsala, O=MySQL AB + Validity +- Not Before: Feb 20 02:55:06 2010 GMT +- Not After : Sep 3 02:55:06 2030 GMT ++ Not Before: Jan 29 13:33:36 2015 GMT ++ Not After : Jan 24 13:33:36 2035 GMT + Subject: C=SE, ST=Uppsala, O=MySQL AB, CN=localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption +- RSA Public Key: (1024 bit) +- Modulus (1024 bit): +- 00:e3:7d:4f:c2:23:77:a9:3a:2c:d2:69:59:a0:2f: +- 4e:d1:51:4c:ae:8d:f5:17:cc:ce:58:9c:83:4f:0b: +- a3:bb:29:a2:b8:1d:3e:1b:04:f9:a9:3e:e2:61:d0: +- e6:7b:b9:7c:12:d8:1f:86:c9:53:b5:04:dd:df:26: +- e9:c0:2b:de:4a:96:2e:f3:23:6f:79:6d:a9:d2:4e: +- 17:af:2f:de:8b:68:44:ae:de:a3:e2:c4:37:1c:04: +- ad:73:4b:85:f9:83:ac:fe:b7:c1:54:47:2e:96:d4: +- 31:96:85:94:69:d6:5a:63:24:04:99:89:19:1d:56: +- 8a:d1:77:aa:87:fb:38:cd:b7 ++ Public-Key: (1024 bit) ++ Modulus: ++ 00:9c:3a:93:e6:10:8c:b3:e2:57:2f:57:5d:03:4f: ++ 0a:e6:fd:44:1a:f3:49:42:70:58:3a:d5:a3:96:ef: ++ f2:98:39:09:fa:8c:57:12:d5:8b:1e:a5:b8:35:c0: ++ 81:18:6d:45:c8:43:17:28:47:cc:67:8d:dc:3f:9e: ++ 29:0a:f8:e5:99:ec:01:ca:d1:42:62:91:47:ee:85: ++ 1b:b6:65:95:49:08:99:b8:b9:b6:2a:cf:04:05:e9: ++ 5f:a3:7f:d1:c3:08:a0:37:3f:d6:fe:eb:d4:dd:7c: ++ 0a:37:ad:00:43:d1:5d:cf:21:56:9c:d4:6b:d2:7c: ++ 56:5e:25:fa:e4:2a:ef:14:95 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE ++ Netscape Comment: ++ OpenSSL Generated Certificate + X509v3 Subject Key Identifier: +- CC:8C:71:40:D0:0F:BF:D1:99:79:3F:1B:E9:10:76:19:67:36:0F:A3 ++ E2:04:9A:5D:CB:44:EC:98:C9:84:13:36:A4:7A:41:AC:34:3D:CD:0C + X509v3 Authority Key Identifier: +- keyid:B1:FB:7E:77:B5:40:8D:68:11:7E:D9:11:E5:C3:C6:DA:4D:AC:51:B0 +- DirName:/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB +- serial:BE:58:AD:4C:1F:3D:25:95 ++ keyid:D0:25:36:E4:E6:DB:8B:6E:4F:8A:4D:20:48:A4:21:3A:58:7E:EF:C4 + + Signature Algorithm: sha1WithRSAEncryption +- 6f:ad:5e:59:fa:84:3a:be:e2:72:b1:e8:66:2a:4e:f8:73:19: +- 11:06:11:92:78:56:3e:d6:e8:68:29:90:8b:59:d2:fe:aa:ae: +- 25:59:c7:e9:99:bb:4a:06:43:dd:40:bd:cb:f4:ae:79:95:7d: +- 8e:90:ef:58:d2:a8:fc:bf:07:f3:37:b2:9b:bd:da:e6:8c:56: +- dd:5e:c6:4a:70:7c:3e:3d:a1:e8:35:06:b8:a7:7b:ac:26:85: +- 54:5d:09:a2:7b:77:b4:17:7f:72:31:cb:ff:cc:67:6d:e6:3e: +- c6:dc:96:eb:4a:0a:ae:e9:48:ae:8a:e0:d6:73:57:6e:32:4c: +- 00:dc:28:da:55:b3:9f:9f:d8:98:cc:d9:f1:b6:b3:14:67:2e: +- a1:47:1e:51:11:cf:70:9f:31:8f:ba:59:29:f2:d0:88:0b:e2: +- 51:6b:f8:31:ed:6d:ac:00:5e:d3:78:4c:95:97:02:cc:74:2b: +- 3b:c6:28:e6:2a:c3:30:99:35:b4:4d:31:46:d4:90:f2:47:ed: +- 64:85:1a:75:2a:72:0a:2f:c6:3a:2f:d2:ac:6b:31:cc:e5:a8: +- 07:c2:d6:22:f3:c6:0f:bf:67:d9:d6:b2:79:cd:48:b5:c3:e0: +- e3:18:7f:b5:74:c9:43:19:fb:c4:93:29:ca:cc:90:2b:1b:6f: +- 45:f6:25:f9 ++ 28:f8:8b:22:d4:8e:00:29:cb:0e:b2:82:f1:a6:3b:e2:c6:76: ++ 0a:79:b5:e3:6b:b2:80:c9:af:8b:df:c5:d7:f4:cb:ab:37:3c: ++ b2:be:78:b7:2d:ac:77:f1:52:bd:6c:ae:a4:70:1d:98:92:e5: ++ 07:71:99:6c:70:4e:f2:c5:9d:da:c4:31:29:3e:fb:df:82:90: ++ 5c:76:97:0a:70:c3:dd:0c:cc:be:7d:4c:40:f7:25:9f:6f:d3: ++ 37:c5:9b:1a:09:e1:fe:28:08:59:79:17:ac:64:cb:aa:e0:ac: ++ 17:f3:3e:72:69:91:f2:16:8d:c6:3e:89:33:77:be:74:8f:69: ++ ad:9f:4d:96:e1:51:68:ba:4c:7b:3f:26:7f:14:38:be:e9:07: ++ 5d:2b:c2:fb:58:1d:40:c3:b8:21:a8:ee:0e:69:82:7a:21:67: ++ 36:16:41:08:dc:71:e4:7c:d2:f1:58:3b:c8:7b:56:63:b4:1c: ++ f6:7c:2a:3e:95:2b:03:9f:9c:41:b9:95:1a:bc:ab:b7:39:1b: ++ 8e:68:6e:78:ac:2e:18:00:3c:bf:c6:42:c0:62:5f:ba:ec:9f: ++ 81:da:0e:76:94:a7:88:68:71:22:ef:d1:4a:15:94:5e:cb:5a: ++ 9c:af:59:b3:f7:1a:ad:8f:74:e8:fc:a5:b1:da:f9:4f:fc:d6: ++ f8:11:4c:a9 + -----BEGIN CERTIFICATE----- +-MIIDJTCCAg2gAwIBAgIBBDANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJTRTEQ +-MA4GA1UECBMHVXBwc2FsYTEQMA4GA1UEBxMHVXBwc2FsYTERMA8GA1UEChMITXlT +-UUwgQUIwHhcNMTAwMjIwMDI1NTA2WhcNMzAwOTAzMDI1NTA2WjBGMQswCQYDVQQG +-EwJTRTEQMA4GA1UECBMHVXBwc2FsYTERMA8GA1UEChMITXlTUUwgQUIxEjAQBgNV +-BAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA431PwiN3 +-qTos0mlZoC9O0VFMro31F8zOWJyDTwujuymiuB0+GwT5qT7iYdDme7l8EtgfhslT +-tQTd3ybpwCveSpYu8yNveW2p0k4Xry/ei2hErt6j4sQ3HAStc0uF+YOs/rfBVEcu +-ltQxloWUadZaYyQEmYkZHVaK0Xeqh/s4zbcCAwEAAaOBozCBoDAJBgNVHRMEAjAA +-MB0GA1UdDgQWBBTMjHFA0A+/0Zl5PxvpEHYZZzYPozB0BgNVHSMEbTBrgBSx+353 +-tUCNaBF+2RHlw8baTaxRsKFIpEYwRDELMAkGA1UEBhMCU0UxEDAOBgNVBAgTB1Vw +-cHNhbGExEDAOBgNVBAcTB1VwcHNhbGExETAPBgNVBAoTCE15U1FMIEFCggkAvlit +-TB89JZUwDQYJKoZIhvcNAQEFBQADggEBAG+tXln6hDq+4nKx6GYqTvhzGREGEZJ4 +-Vj7W6GgpkItZ0v6qriVZx+mZu0oGQ91Avcv0rnmVfY6Q71jSqPy/B/M3spu92uaM +-Vt1exkpwfD49oeg1Brine6wmhVRdCaJ7d7QXf3Ixy//MZ23mPsbclutKCq7pSK6K +-4NZzV24yTADcKNpVs5+f2JjM2fG2sxRnLqFHHlERz3CfMY+6WSny0IgL4lFr+DHt +-bawAXtN4TJWXAsx0KzvGKOYqwzCZNbRNMUbUkPJH7WSFGnUqcgovxjov0qxrMczl +-qAfC1iLzxg+/Z9nWsnnNSLXD4OMYf7V0yUMZ+8STKcrMkCsbb0X2Jfk= ++MIIC/DCCAeSgAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJTRTEQ ++MA4GA1UECAwHVXBwc2FsYTEQMA4GA1UEBwwHVXBwc2FsYTERMA8GA1UECgwITXlT ++UUwgQUIwHhcNMTUwMTI5MTMzMzM2WhcNMzUwMTI0MTMzMzM2WjBGMQswCQYDVQQG ++EwJTRTEQMA4GA1UECAwHVXBwc2FsYTERMA8GA1UECgwITXlTUUwgQUIxEjAQBgNV ++BAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAnDqT5hCM ++s+JXL1ddA08K5v1EGvNJQnBYOtWjlu/ymDkJ+oxXEtWLHqW4NcCBGG1FyEMXKEfM ++Z43cP54pCvjlmewBytFCYpFH7oUbtmWVSQiZuLm2Ks8EBelfo3/RwwigNz/W/uvU ++3XwKN60AQ9FdzyFWnNRr0nxWXiX65CrvFJUCAwEAAaN7MHkwCQYDVR0TBAIwADAs ++BglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYD ++VR0OBBYEFOIEml3LROyYyYQTNqR6Qaw0Pc0MMB8GA1UdIwQYMBaAFNAlNuTm24tu ++T4pNIEikITpYfu/EMA0GCSqGSIb3DQEBBQUAA4IBAQAo+Isi1I4AKcsOsoLxpjvi ++xnYKebXja7KAya+L38XX9MurNzyyvni3Lax38VK9bK6kcB2YkuUHcZlscE7yxZ3a ++xDEpPvvfgpBcdpcKcMPdDMy+fUxA9yWfb9M3xZsaCeH+KAhZeResZMuq4KwX8z5y ++aZHyFo3GPokzd750j2mtn02W4VFoukx7PyZ/FDi+6QddK8L7WB1Aw7ghqO4OaYJ6 ++IWc2FkEI3HHkfNLxWDvIe1ZjtBz2fCo+lSsDn5xBuZUavKu3ORuOaG54rC4YADy/ ++xkLAYl+67J+B2g52lKeIaHEi79FKFZRey1qcr1mz9xqtj3To/KWx2vlP/Nb4EUyp + -----END CERTIFICATE----- +diff -rup mysql-5.1.73-orig/mysql-test/std_data/server-key.pem mysql-5.1.73/mysql-test/std_data/server-key.pem +--- mysql-5.1.73-orig/mysql-test/std_data/server-key.pem 2015-06-12 13:55:38.582469752 +0200 ++++ mysql-5.1.73/mysql-test/std_data/server-key.pem 2015-06-12 13:59:37.678969604 +0200 +@@ -1,15 +1,15 @@ + -----BEGIN RSA PRIVATE KEY----- +-MIICXgIBAAKBgQDjfU/CI3epOizSaVmgL07RUUyujfUXzM5YnINPC6O7KaK4HT4b +-BPmpPuJh0OZ7uXwS2B+GyVO1BN3fJunAK95Kli7zI295banSThevL96LaESu3qPi +-xDccBK1zS4X5g6z+t8FURy6W1DGWhZRp1lpjJASZiRkdVorRd6qH+zjNtwIDAQAB +-AoGAUb0o91y/FjMs/72S0pes/lDz+JRRSGfyjKxQEgrgndNsADOhqRu0iTdrKDJj +-XnlbN3ooecnFJfnFrvTQcJhSmlS30j6VrBw6LXpCBK3dvjYgJ9LOne7WK+dF1+vS +-FMQtsP04C56Sxy6HJDpMyWJ6oS3Bu169ygG2AxKo+Fk+E6ECQQD38w/MzmrARz2Z +-AGeEPDUnVZPYgtmXkmks95S0/2jSoLhmgpvJimzxwpYwVG/BG8dSDVuTDu5kp05D +-3bZIp3EzAkEA6uAwJsCZPtHXlWU3wYZJsA697rUNjPaCQOIaZ/lnh5RUHTmUiw1h +-Oj/VORqKB0kXqcDfawwLjZEvh1Xli+H5bQJBANTmhw2TvEPnp/OFTl1UGUvyBmXl +-TRMB639qAu07VfVtfYi/4ya1zn/0VmOfTOoigQ5qW9Q1AOu6YNCTQl62L9MCQQDc +-YfEsW2kvNYxYJHoVfuBjbuGuOnn1e1Oqd70ZND59S6NFLMMBWlORaVWzWACNZ3rp +-kAzSj6HDeqgjD2jsQONdAkEAt7S1YHUn8F760bRn4AnAto2TVOYdArtTP/wYjd4o +-9rJREO/d8AYkYJ96APLvF0SZ4n3t1pLwQRsKKN8ZGTmzLA== ++MIICXAIBAAKBgQCcOpPmEIyz4lcvV10DTwrm/UQa80lCcFg61aOW7/KYOQn6jFcS ++1Ysepbg1wIEYbUXIQxcoR8xnjdw/nikK+OWZ7AHK0UJikUfuhRu2ZZVJCJm4ubYq ++zwQF6V+jf9HDCKA3P9b+69TdfAo3rQBD0V3PIVac1GvSfFZeJfrkKu8UlQIDAQAB ++AoGAPWQDZD+SmslRi0fgRAGWfih9z71UR2hQM2ZqL1DA2rJnSm5FdSA21+c1GOI5 ++mHiwGD7M5cY4+2RSbSlgZXBjAFj+V0NReudoRMymTLCB8LsuaOSbPxMn92NffGKH ++BQmZRncj+Sj+dTvTmnbaCzjGMEw6UUFBIus6nOH/dl3+TA0CQQDKuiwhreU2gUOT ++ztmc+DggMWOWMs2Ji2jMJCpMrdxDSwxVas6jgaDesQ/9nL7F8RzPtliv6qaDCMfT ++XoXGKPuvAkEAxUhfb/FkZ6MwDs2MyKCNhZjAoEvFESdGP/xiBzLlbDZSRDEUMNRS ++sJrUYOIDUl3TIOvFJVh7tCQftygM3ciw+wJALcvy7kTPdAmtj3V6GYjFfRhLLAIc ++Bod0zDEbUSkxig4pIh63wZ4mDkinmR5Qxnyaip3h2RPEO/O+2JQQ2lwlxwJBAKPi ++TTXHB6t4SrHhWzRG+4mhrVL73oczYw5AcIaeZyuPrKNtSeKOXurKk+avmibQPlU4 ++xpsReCHbaGVUZevPjgUCQAU5WDLCV2DTXEb42PDuvRn7M7yw853CaN2d7j5Kliun ++7lS42fcyaFttfLpopCvAhZ0fVRpJGgCcAvoA/zN8uco= + -----END RSA PRIVATE KEY----- +diff -rup mysql-5.1.73-orig/mysql-test/t/openssl_1.test mysql-5.1.73/mysql-test/t/openssl_1.test +--- mysql-5.1.73-orig/mysql-test/t/openssl_1.test 2015-06-12 13:55:38.587469763 +0200 ++++ mysql-5.1.73/mysql-test/t/openssl_1.test 2015-06-12 13:56:14.478546279 +0200 +@@ -214,7 +214,6 @@ DROP TABLE t1; + # Common ciphers to openssl and yassl + --exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=DHE-RSA-AES256-SHA + --exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC3-SHA +---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC-SHA + --exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=RC4-SHA + --disable_query_log + --disable_result_log diff --git a/mysql-relay-logging.patch b/mysql-relay-logging.patch new file mode 100644 index 0000000..074e141 --- /dev/null +++ b/mysql-relay-logging.patch @@ -0,0 +1,20 @@ +--- mysql-5.1.73/sql/sql_parse.cc.orig 2013-11-04 19:52:27.000000000 +0100 ++++ mysql-5.1.73/sql/sql_parse.cc 2015-11-18 13:04:53.692712812 +0100 +@@ -19,6 +19,7 @@ + #include "mysql_priv.h" + #include "sql_repl.h" + #include "rpl_filter.h" ++#include "rpl_mi.h" + #include "repl_failsafe.h" + #include + #include +@@ -7022,7 +7023,9 @@ bool reload_acl_and_cache(THD *thd, ulon + #ifdef HAVE_REPLICATION + int rotate_error= 0; + pthread_mutex_lock(&LOCK_active_mi); ++ pthread_mutex_lock(&active_mi->data_lock); + rotate_error= rotate_relay_log(active_mi); ++ pthread_mutex_unlock(&active_mi->data_lock); + pthread_mutex_unlock(&LOCK_active_mi); + if (rotate_error) + *write_to_binlog= -1; diff --git a/mysql-rhbz1059545.patch b/mysql-rhbz1059545.patch new file mode 100644 index 0000000..ece8ef1 --- /dev/null +++ b/mysql-rhbz1059545.patch @@ -0,0 +1,17 @@ +Unsifficient limit check aims to security issue. + +MariaDB upstream fix: http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 +RHBZ#1059545 + +diff -up mysql-5.6.15/client/mysql.cc.bz1059545 mysql-5.6.15/client/mysql.cc +--- mysql-5.6.15/client/mysql.cc.bz1059545 2014-01-30 18:09:47.209588217 +0100 ++++ mysql-5.6.15/client/mysql.cc 2014-01-30 18:09:59.016581192 +0100 +@@ -1315,7 +1315,7 @@ int main(int argc,char *argv[]) + + put_info("Welcome to the MySQL monitor. Commands end with ; or \\g.", + INFO_INFO); +- sprintf((char*) glob_buffer.ptr(), ++ my_snprintf((char*) glob_buffer.ptr(), glob_buffer.alloced_length(), + "Your MySQL connection id is %lu\nServer version: %s\n", + mysql_thread_id(&mysql), server_version_string(&mysql)); + put_info((char*) glob_buffer.ptr(),INFO_INFO); diff --git a/mysql-strmov.patch b/mysql-strmov.patch index 07e5914..7aa3ed1 100644 --- a/mysql-strmov.patch +++ b/mysql-strmov.patch @@ -13,9 +13,10 @@ of any real performance gain from optimizing these calls. So I'm keeping this patch. ---- mysql-5.1.54/include/m_string.h.orig 2010-11-29 11:38:01.000000000 +0100 -+++ mysql-5.1.54/include/m_string.h 2010-12-16 17:52:57.914976701 +0100 -@@ -73,14 +73,6 @@ +diff -Naur mysql-5.1.61.orig/include/m_string.h mysql-5.1.61/include/m_string.h +--- mysql-5.1.61.orig/include/m_string.h 2011-12-16 14:06:02.000000000 -0500 ++++ mysql-5.1.61/include/m_string.h 2012-02-03 15:33:26.044959627 -0500 +@@ -75,15 +75,6 @@ extern void *(*my_str_malloc)(size_t); extern void (*my_str_free)(void *); @@ -27,6 +28,7 @@ this patch. -extern char *stpcpy(char *, const char *); /* For AIX with gcc 2.95.3 */ -#endif -#endif - +- /* Declared in int2str() */ extern char NEAR _dig_vec_upper[]; + extern char NEAR _dig_vec_lower[]; diff --git a/mysql-test-events_1.patch b/mysql-test-events_1.patch new file mode 100644 index 0000000..7206d45 --- /dev/null +++ b/mysql-test-events_1.patch @@ -0,0 +1,22 @@ +--- mysql-5.1.73/mysql-test/t/events_1.test.orig 2016-02-25 09:30:15.833946483 +0100 ++++ mysql-5.1.73/mysql-test/t/events_1.test 2016-02-25 09:31:17.780888027 +0100 +@@ -125,7 +125,7 @@ drop event existant; + + create table t_event3 (a int, b float); + drop event if exists event3; +-create event event3 on schedule every 50 + 10 minute starts date_add("20100101", interval 5 minute) ends date_add("20151010", interval 5 day) comment "portokala_comment" DO insert into t_event3 values (unix_timestamp(), rand()); ++create event event3 on schedule every 50 + 10 minute starts date_add("20150101", interval 5 minute) ends date_add("20201010", interval 5 day) comment "portokala_comment" DO insert into t_event3 values (unix_timestamp(), rand()); + let $wait_condition=SELECT count(*)=0 from t_event3; + --source include/wait_condition.inc + select count(*) from t_event3; +--- mysql-5.1.73/mysql-test/r/events_1.result.orig 2016-02-25 10:30:29.011536883 +0100 ++++ mysql-5.1.73/mysql-test/r/events_1.result 2016-02-25 10:30:47.410519521 +0100 +@@ -114,7 +114,7 @@ create table t_event3 (a int, b float); + drop event if exists event3; + Warnings: + Note 1305 Event event3 does not exist +-create event event3 on schedule every 50 + 10 minute starts date_add("20100101", interval 5 minute) ends date_add("20151010", interval 5 day) comment "portokala_comment" DO insert into t_event3 values (unix_timestamp(), rand()); ++create event event3 on schedule every 50 + 10 minute starts date_add("20150101", interval 5 minute) ends date_add("20201010", interval 5 day) comment "portokala_comment" DO insert into t_event3 values (unix_timestamp(), rand()); + select count(*) from t_event3; + count(*) + 0 diff --git a/mysql-testing.patch b/mysql-testing.patch new file mode 100644 index 0000000..7438713 --- /dev/null +++ b/mysql-testing.patch @@ -0,0 +1,23 @@ +Hack the top-level Makefile to enable the openssl regression tests. +(Why doesn't this happen automatically given the configure option??) + +Also, increase the overall timeout for the regression tests to 12 hours, +because on a slow or heavily-loaded build machine sometimes the default of +5 hours isn't enough. (This has been demonstrated to fail in mass-rebuild +scenarios, which aren't that uncommon for Fedora.) Similarly increase the +per-testcase timeout to 30 minutes, since the default of 15 hasn't got a +great deal of headroom either. + + +diff -Naur mysql-5.1.32.orig/Makefile.am mysql-5.1.32/Makefile.am +--- mysql-5.1.32.orig/Makefile.am 2009-02-13 19:51:56.000000000 -0500 ++++ mysql-5.1.32/Makefile.am 2009-03-04 18:12:36.000000000 -0500 +@@ -98,7 +98,7 @@ + + test-ns: + cd mysql-test ; \ +- @PERL@ ./mysql-test-run.pl $(force) $(mem) --mysqld=--binlog-format=mixed ++ @PERL@ ./mysql-test-run.pl $(force) $(mem) --ssl --mysqld=--binlog-format=mixed --suite-timeout=720 --testcase-timeout=30 + + test-binlog-statement: + cd mysql-test ; \ diff --git a/mysql-tls.patch b/mysql-tls.patch new file mode 100644 index 0000000..751e89b --- /dev/null +++ b/mysql-tls.patch @@ -0,0 +1,295 @@ +diff -rupN mysql-5.1.73.orig/mysql-test/r/openssl_1.result mysql-5.1.73/mysql-test/r/openssl_1.result +--- mysql-5.1.73.orig/mysql-test/r/openssl_1.result 2016-02-25 16:34:16.096559322 +0100 ++++ mysql-5.1.73/mysql-test/r/openssl_1.result 2016-02-25 16:38:38.685377646 +0100 +@@ -2,16 +2,16 @@ drop table if exists t1; + create table t1(f1 int); + insert into t1 values (5); + grant select on test.* to ssl_user1@localhost require SSL; +-grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA"; +-grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB"; +-grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; +-grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx"; ++grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-GCM-SHA384"; ++grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-GCM-SHA384" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB"; ++grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-GCM-SHA384" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; ++grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-GCM-SHA384" AND SUBJECT "xxx"; + flush privileges; + connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET); + ERROR 28000: Access denied for user 'ssl_user5'@'localhost' (using password: NO) + SHOW STATUS LIKE 'Ssl_cipher'; + Variable_name Value +-Ssl_cipher DHE-RSA-AES256-SHA ++Ssl_cipher DHE-RSA-AES256-GCM-SHA384 + select * from t1; + f1 + 5 +@@ -19,7 +19,7 @@ delete from t1; + ERROR 42000: DELETE command denied to user 'ssl_user1'@'localhost' for table 't1' + SHOW STATUS LIKE 'Ssl_cipher'; + Variable_name Value +-Ssl_cipher DHE-RSA-AES256-SHA ++Ssl_cipher DHE-RSA-AES256-GCM-SHA384 + select * from t1; + f1 + 5 +@@ -27,7 +27,7 @@ delete from t1; + ERROR 42000: DELETE command denied to user 'ssl_user2'@'localhost' for table 't1' + SHOW STATUS LIKE 'Ssl_cipher'; + Variable_name Value +-Ssl_cipher DHE-RSA-AES256-SHA ++Ssl_cipher DHE-RSA-AES256-GCM-SHA384 + select * from t1; + f1 + 5 +@@ -35,7 +35,7 @@ delete from t1; + ERROR 42000: DELETE command denied to user 'ssl_user3'@'localhost' for table 't1' + SHOW STATUS LIKE 'Ssl_cipher'; + Variable_name Value +-Ssl_cipher DHE-RSA-AES256-SHA ++Ssl_cipher DHE-RSA-AES256-GCM-SHA384 + select * from t1; + f1 + 5 +diff -rupN mysql-5.1.73.orig/mysql-test/r/openssl_6975,tlsv10.result mysql-5.1.73/mysql-test/r/openssl_6975,tlsv10.result +--- mysql-5.1.73.orig/mysql-test/r/openssl_6975,tlsv10.result 1970-01-01 01:00:00.000000000 +0100 ++++ mysql-5.1.73/mysql-test/r/openssl_6975,tlsv10.result 2016-02-25 16:34:45.356539140 +0100 +@@ -0,0 +1,25 @@ ++grant select on test.* to ssl_sslv3@localhost require cipher "RC4-SHA"; ++grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256"; ++TLS1.2 ciphers: user is ok with any cipher ++ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ++ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ++TLS1.2 ciphers: user requires SSLv3 cipher RC4-SHA ++ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ++ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ++TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256 ++ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ++ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ++SSLv3 ciphers: user is ok with any cipher ++Variable_name Value ++Ssl_cipher RC4-SHA ++Variable_name Value ++Ssl_cipher DHE-RSA-AES256-SHA ++SSLv3 ciphers: user requires SSLv3 cipher RC4-SHA ++Variable_name Value ++Ssl_cipher RC4-SHA ++ERROR 1045 (28000): Access denied for user 'ssl_sslv3'@'localhost' (using password: NO) ++SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256 ++ERROR 1045 (28000): Access denied for user 'ssl_tls12'@'localhost' (using password: NO) ++ERROR 1045 (28000): Access denied for user 'ssl_tls12'@'localhost' (using password: NO) ++drop user ssl_sslv3@localhost; ++drop user ssl_tls12@localhost; +diff -rupN mysql-5.1.73.orig/mysql-test/r/openssl_6975,tlsv12.result mysql-5.1.73/mysql-test/r/openssl_6975,tlsv12.result +--- mysql-5.1.73.orig/mysql-test/r/openssl_6975,tlsv12.result 1970-01-01 01:00:00.000000000 +0100 ++++ mysql-5.1.73/mysql-test/r/openssl_6975,tlsv12.result 2016-02-25 16:34:45.356539140 +0100 +@@ -0,0 +1,25 @@ ++grant select on test.* to ssl_sslv3@localhost require cipher "RC4-SHA"; ++grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256"; ++TLS1.2 ciphers: user is ok with any cipher ++Variable_name Value ++Ssl_cipher AES128-SHA256 ++Variable_name Value ++Ssl_cipher DHE-RSA-AES256-GCM-SHA384 ++TLS1.2 ciphers: user requires SSLv3 cipher RC4-SHA ++ERROR 1045 (28000): Access denied for user 'ssl_sslv3'@'localhost' (using password: NO) ++ERROR 1045 (28000): Access denied for user 'ssl_sslv3'@'localhost' (using password: NO) ++TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256 ++Variable_name Value ++Ssl_cipher AES128-SHA256 ++ERROR 1045 (28000): Access denied for user 'ssl_tls12'@'localhost' (using password: NO) ++SSLv3 ciphers: user is ok with any cipher ++ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ++ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ++SSLv3 ciphers: user requires SSLv3 cipher RC4-SHA ++ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ++ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ++SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256 ++ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ++ERROR 2026 (HY000): SSL connection error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure ++drop user ssl_sslv3@localhost; ++drop user ssl_tls12@localhost; +diff -rupN mysql-5.1.73.orig/mysql-test/r/ssl_8k_key.result mysql-5.1.73/mysql-test/r/ssl_8k_key.result +--- mysql-5.1.73.orig/mysql-test/r/ssl_8k_key.result 2013-11-04 20:07:39.000000000 +0100 ++++ mysql-5.1.73/mysql-test/r/ssl_8k_key.result 2016-02-25 17:28:26.913129053 +0100 +@@ -1,2 +1,2 @@ + Variable_name Value +-Ssl_cipher DHE-RSA-AES256-SHA ++Ssl_cipher DHE-RSA-AES256-GCM-SHA384 +diff -rupN mysql-5.1.73.orig/mysql-test/t/openssl_1.test mysql-5.1.73/mysql-test/t/openssl_1.test +--- mysql-5.1.73.orig/mysql-test/t/openssl_1.test 2016-02-25 16:34:16.098559321 +0100 ++++ mysql-5.1.73/mysql-test/t/openssl_1.test 2016-02-25 16:37:32.668423736 +0100 +@@ -14,10 +14,10 @@ create table t1(f1 int); + insert into t1 values (5); + + grant select on test.* to ssl_user1@localhost require SSL; +-grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA"; +-grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB"; +-grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; +-grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx"; ++grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-GCM-SHA384"; ++grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-GCM-SHA384" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB"; ++grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-GCM-SHA384" AND SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; ++grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-GCM-SHA384" AND SUBJECT "xxx"; + flush privileges; + + connect (con1,localhost,ssl_user1,,,,,SSL); +@@ -125,6 +125,7 @@ drop table t1; + # verification of servers certificate by setting both ca certificate + # and ca path to NULL + # ++--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA + --exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1 + --echo End of 5.0 tests + +@@ -250,6 +251,7 @@ select 'is still running; no cipher requ + GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509; + FLUSH PRIVILEGES; + connect(con1,localhost,bug42158,,,,,SSL); ++--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA + SHOW STATUS LIKE 'Ssl_cipher'; + disconnect con1; + connection default; +diff -rupN mysql-5.1.73.orig/mysql-test/t/openssl_6975.combinations mysql-5.1.73/mysql-test/t/openssl_6975.combinations +--- mysql-5.1.73.orig/mysql-test/t/openssl_6975.combinations 1970-01-01 01:00:00.000000000 +0100 ++++ mysql-5.1.73/mysql-test/t/openssl_6975.combinations 2016-02-25 16:34:45.356539140 +0100 +@@ -0,0 +1,6 @@ ++[tlsv12] ++loose-ssl-cipher=TLSv1.2 ++ ++[tlsv10] ++loose-ssl-cipher=SSLv3 ++ +diff -rupN mysql-5.1.73.orig/mysql-test/t/openssl_6975.test mysql-5.1.73/mysql-test/t/openssl_6975.test +--- mysql-5.1.73.orig/mysql-test/t/openssl_6975.test 1970-01-01 01:00:00.000000000 +0100 ++++ mysql-5.1.73/mysql-test/t/openssl_6975.test 2016-02-25 16:57:03.081601243 +0100 +@@ -0,0 +1,37 @@ ++# ++# MDEV-6975 Implement TLS protocol ++# ++# test SSLv3 and TLSv1.2 ciphers when OpenSSL is restricted to SSLv3 or TLSv1.2 ++# ++ ++# this is OpenSSL test. ++ ++grant select on test.* to ssl_sslv3@localhost require cipher "RC4-SHA"; ++grant select on test.* to ssl_tls12@localhost require cipher "AES128-SHA256"; ++ ++let $mysql=$MYSQL --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1; ++ ++disable_abort_on_error; ++echo TLS1.2 ciphers: user is ok with any cipher; ++exec $mysql --ssl-cipher=AES128-SHA256; ++exec $mysql --ssl-cipher=TLSv1.2; ++echo TLS1.2 ciphers: user requires SSLv3 cipher RC4-SHA; ++exec $mysql --user ssl_sslv3 --ssl-cipher=AES128-SHA256; ++exec $mysql --user ssl_sslv3 --ssl-cipher=TLSv1.2; ++echo TLS1.2 ciphers: user requires TLSv1.2 cipher AES128-SHA256; ++exec $mysql --user ssl_tls12 --ssl-cipher=AES128-SHA256; ++exec $mysql --user ssl_tls12 --ssl-cipher=TLSv1.2; ++ ++echo SSLv3 ciphers: user is ok with any cipher; ++exec $mysql --ssl-cipher=RC4-SHA; ++exec $mysql --ssl-cipher=SSLv3; ++echo SSLv3 ciphers: user requires SSLv3 cipher RC4-SHA; ++exec $mysql --user ssl_sslv3 --ssl-cipher=RC4-SHA; ++exec $mysql --user ssl_sslv3 --ssl-cipher=SSLv3; ++echo SSLv3 ciphers: user requires TLSv1.2 cipher AES128-SHA256; ++exec $mysql --user ssl_tls12 --ssl-cipher=RC4-SHA; ++exec $mysql --user ssl_tls12 --ssl-cipher=SSLv3; ++ ++drop user ssl_sslv3@localhost; ++drop user ssl_tls12@localhost; ++ +diff -rupN mysql-5.1.73.orig/mysql-test/t/ssl_compress.test mysql-5.1.73/mysql-test/t/ssl_compress.test +--- mysql-5.1.73.orig/mysql-test/t/ssl_compress.test 2013-11-04 20:07:29.000000000 +0100 ++++ mysql-5.1.73/mysql-test/t/ssl_compress.test 2016-02-25 16:34:45.356539140 +0100 +@@ -10,6 +10,7 @@ + connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS); + + # Check ssl turned on ++--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA + SHOW STATUS LIKE 'Ssl_cipher'; + + # Check compression turned on +@@ -19,6 +20,7 @@ SHOW STATUS LIKE 'Compression'; + -- source include/common-tests.inc + + # Check ssl turned on ++--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA + SHOW STATUS LIKE 'Ssl_cipher'; + + # Check compression turned on +diff -rupN mysql-5.1.73.orig/mysql-test/t/ssl.test mysql-5.1.73/mysql-test/t/ssl.test +--- mysql-5.1.73.orig/mysql-test/t/ssl.test 2013-11-04 20:07:29.000000000 +0100 ++++ mysql-5.1.73/mysql-test/t/ssl.test 2016-02-25 16:34:45.356539140 +0100 +@@ -9,12 +9,14 @@ + connect (ssl_con,localhost,root,,,,,SSL); + + # Check ssl turned on ++--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA + SHOW STATUS LIKE 'Ssl_cipher'; + + # Source select test case + -- source include/common-tests.inc + + # Check ssl turned on ++--replace_result DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA + SHOW STATUS LIKE 'Ssl_cipher'; + + connection default; +diff -rupN mysql-5.1.73.orig/vio/viossl.c mysql-5.1.73/vio/viossl.c +--- mysql-5.1.73.orig/vio/viossl.c 2013-11-04 19:52:27.000000000 +0100 ++++ mysql-5.1.73/vio/viossl.c 2016-02-25 16:34:45.357539140 +0100 +@@ -147,7 +147,7 @@ int vio_ssl_close(Vio *vio) + break; + default: /* Shutdown failed */ + DBUG_PRINT("vio_error", ("SSL_shutdown() failed, error: %d", +- SSL_get_error(ssl, r))); ++ (int)SSL_get_error(ssl, r))); + break; + } + } +@@ -176,6 +176,7 @@ void vio_ssl_delete(Vio *vio) + static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout, + int (*connect_accept_func)(SSL*)) + { ++ long options; + SSL *ssl; + my_bool unused; + my_bool was_blocking; +@@ -199,7 +200,11 @@ static int ssl_do(struct st_VioSSLFd *pt + SSL_SESSION_set_timeout(SSL_get_session(ssl), timeout); + SSL_set_fd(ssl, vio->sd); + #ifndef HAVE_YASSL +- SSL_set_options(ssl, SSL_OP_NO_COMPRESSION); ++ options = SSL_OP_ALL; ++ options |= SSL_OP_NO_SSLv2; ++ options |= SSL_OP_NO_SSLv3; ++ options |= SSL_OP_NO_COMPRESSION; ++ SSL_set_options(ssl, options); + #endif + + if (connect_accept_func(ssl) < 1) +diff -rupN mysql-5.1.73.orig/vio/viosslfactories.c mysql-5.1.73/vio/viosslfactories.c +--- mysql-5.1.73.orig/vio/viosslfactories.c 2016-02-25 16:34:16.095559323 +0100 ++++ mysql-5.1.73/vio/viosslfactories.c 2016-02-25 16:34:45.357539140 +0100 +@@ -245,8 +245,8 @@ new_VioSSLFd(const char *key_file, const + DBUG_RETURN(0); + + if (!(ssl_fd->ssl_context= SSL_CTX_new(is_client_method ? +- TLSv1_client_method() : +- TLSv1_server_method()))) ++ SSLv23_client_method() : ++ SSLv23_server_method()))) + { + *error= SSL_INITERR_MEMFAIL; + DBUG_PRINT("error", ("%s", sslGetErrString(*error))); +@@ -255,6 +255,8 @@ new_VioSSLFd(const char *key_file, const + DBUG_RETURN(0); + } + ++ SSL_CTX_set_options(ssl_fd->ssl_context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); ++ + /* + Set the ciphers that can be used + NOTE: SSL_CTX_set_cipher_list will return 0 if -- cgit