git: a3bc6c2e216b - 2022Q1 - databases/db5: strip bins, nuke SQL opt, abandon port
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 26 Jan 2022 23:06:08 UTC
The branch 2022Q1 has been updated by mandree:
URL: https://cgit.FreeBSD.org/ports/commit/?id=a3bc6c2e216bdf94938e1eba88dec3808648eb8b
commit a3bc6c2e216bdf94938e1eba88dec3808648eb8b
Author: Matthias Andree <mandree@FreeBSD.org>
AuthorDate: 2022-01-15 19:19:22 +0000
Commit: Matthias Andree <mandree@FreeBSD.org>
CommitDate: 2022-01-26 23:04:35 +0000
databases/db5: strip bins, nuke SQL opt, abandon port
(cherry picked from commit 91b6c73155beee2b2573b1dac2cf44153d34ac02)
(cherry picked from commit 64fde89d49029e00b86e66041f3dfda16725ead7)
(squashed into one commit, these are interdependent)
Security: CVE-2019-8457
The SQL option is vulnerable, and since this feature was always marked
experimental, nuke it, and backport to 2022Q1.
If someone needs the SQL interface in spite of its vulnerability,
please use: pkg lock -y db5.
MFH: 2022Q1
I am marking the port for expiry and abandoning it because I will no
longer spend the increasing efforts to play hide and seek with Oracle's
patches, or backport sometimes bigger Linux distro patches (Red Hat,
Debian, who else?), or otherwise put up with how they have changed
availability of patches, documentation, or important information.
FOR db5 USERS:
One option is to upgrade to db18, but note that db versions 6 and 18
are under the Affero GNU GPL v3 license, with implications for,
among others, software-as-a-service, and distributability of packages
linking against db. This is in stark contrast with db5's Sleepycat license.
POTENTIAL MAINTAINERS:
If someone wants to adopt this, review all the various patches in the
major other BSD distros and Linux distros, check if their patches can be
licensed under a sufficiently liberal license (ideally, MIT-like or
Sleepycat) and see what you need to import.
---
databases/db5/Makefile | 21 ++++++++++-----------
databases/db5/pkg-plist | 18 ------------------
2 files changed, 10 insertions(+), 29 deletions(-)
diff --git a/databases/db5/Makefile b/databases/db5/Makefile
index 61ee4f591985..9c8e8d0f84fd 100644
--- a/databases/db5/Makefile
+++ b/databases/db5/Makefile
@@ -2,7 +2,7 @@
PORTNAME= db5
PORTVERSION= 5.3.28
-PORTREVISION= 7
+PORTREVISION= 8
CATEGORIES= databases java
MASTER_SITES= https://download.oracle.com/berkeley-db/
PKGNAMEPREFIX?=
@@ -11,7 +11,10 @@ PKGNAMEPREFIX?=
DISTNAME= db-${PORTVERSION}
DIST_SUBDIR= bdb
-MAINTAINER= mandree@FreeBSD.org
+DEPRECATED= EOLd, upstream hiding patches, potential security issues
+EXPIRATION_DATE=2022-06-30
+
+MAINTAINER= ports@FreeBSD.org
COMMENT= Oracle Berkeley DB, revision ${BDBVER}
LICENSE= SLEEPYCAT
@@ -38,12 +41,11 @@ PLIST_SUB= BDBMAJ=${BDBMAJ} BDBVER=${BDBVER}
MAKE_ARGS+= docdir=${DOCSDIR}
CFLAGS+= -Wall -Wextra
-OPTIONS_DEFINE= CRYPTO DEBUG L10N SQL JAVA TCL DOCS
+OPTIONS_DEFINE= CRYPTO DEBUG L10N JAVA TCL DOCS
OPTIONS_DEFAULT=CRYPTO
OPTIONS_SUB= yes
CRYPTO_DESC= Cryptography support
L10N_DESC= Localization support (EXPERIMENTAL)
-SQL_DESC= Enable SQL API (EXPERIMENTAL)
PORTDOCS= *
@@ -52,8 +54,6 @@ DBLIBS= libdb libdb_cxx libdb_stl
DEBUG_CONFIGURE_ENABLE= debug umrw
CRYPTO_CONFIGURE_WITH= cryptography=yes
L10N_CONFIGURE_ENABLE= localization
-SQL_CONFIGURE_ENABLE= sql sql_codegen
-SQL_VARS= DBLIBS+=libdb_sql
JAVA_USE= java
# db5 is incompatible with openjdk8 and causes IllegalArgument
# exceptions during build
@@ -78,10 +78,12 @@ CONFIGURE_ARGS+= --with-mutex=POSIX/pthreads
.endif
post-patch:
- ${REINPLACE_CMD} -e '/^DOCLIST/{s/csharp//;}' ${WRKSRC}/../dist/Makefile.in
- ${REINPLACE_CMD} -Ee 's/[[:<:]]atomic_init[[:>:]]/db_atomic_init/g' ${WRKSRC}/../src/mp/mp* ${WRKSRC}/../src/mutex/mut_*
+ ${REINPLACE_CMD} -i '' -e '/^DOCLIST/{s/csharp//;}' ${WRKSRC}/../dist/Makefile.in
+ ${REINPLACE_CMD} -i '' -Ee 's/[[:<:]]atomic_init[[:>:]]/db_atomic_init/g' ${WRKSRC}/../src/mp/mp* ${WRKSRC}/../src/mutex/mut_*
post-install:
+ ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/db5/db_*
+ ${RM} -r ${STAGEDIR}${DOCSDIR}/bdb-sql
.for i in ${DBLIBS}
${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/${PORTNAME}/${i}-${BDBVER}.so.0
${LN} -s -f ${PORTNAME}/${i}-${BDBVER}.so.0 ${STAGEDIR}${PREFIX}/lib
@@ -100,9 +102,6 @@ post-install-JAVA-off:
${RM} -r ${STAGEDIR}${DOCSDIR}/${i}/JAVA
.endfor
-post-install-SQL-off:
- ${RM} -r ${STAGEDIR}${DOCSDIR}/bdb-sql
-
post-install-TCL-on:
echo "package ifneeded Db_tcl ${BDBVER} \
[list load [file join $$dir libdb_tcl-${BDBVER}.so]] \
diff --git a/databases/db5/pkg-plist b/databases/db5/pkg-plist
index 4786815e655c..2a94abad7208 100644
--- a/databases/db5/pkg-plist
+++ b/databases/db5/pkg-plist
@@ -9,12 +9,10 @@ bin/db5/db_log_verify
bin/db5/db_printlog
bin/db5/db_recover
bin/db5/db_replicate
-%%SQL%%bin/db5/db_sql_codegen
bin/db5/db_stat
bin/db5/db_tuner
bin/db5/db_upgrade
bin/db5/db_verify
-%%SQL%%bin/db5/dbsql
bin/db_archive-%%BDBMAJ%%
bin/db_archive-%%BDBVER%%
bin/db_checkpoint-%%BDBMAJ%%
@@ -37,8 +35,6 @@ bin/db_recover-%%BDBMAJ%%
bin/db_recover-%%BDBVER%%
bin/db_replicate-%%BDBMAJ%%
bin/db_replicate-%%BDBVER%%
-%%SQL%%bin/db_sql_codegen-%%BDBMAJ%%
-%%SQL%%bin/db_sql_codegen-%%BDBVER%%
bin/db_stat-%%BDBMAJ%%
bin/db_stat-%%BDBVER%%
bin/db_tuner-%%BDBMAJ%%
@@ -47,12 +43,9 @@ bin/db_upgrade-%%BDBMAJ%%
bin/db_upgrade-%%BDBVER%%
bin/db_verify-%%BDBMAJ%%
bin/db_verify-%%BDBVER%%
-%%SQL%%bin/dbsql-%%BDBMAJ%%
-%%SQL%%bin/dbsql-%%BDBVER%%
include/db5/db.h
include/db5/db_185.h
include/db5/db_cxx.h
-%%SQL%%include/db5/dbsql.h
include/db5/dbstl_base_iterator.h
include/db5/dbstl_common.h
include/db5/dbstl_container.h
@@ -89,13 +82,6 @@ lib/db5/libdb_cxx.so
%%JAVA%%lib/db5/libdb_java.a
%%JAVA%%lib/db5/libdb_java.so
%%JAVA%%lib/db5/libdb_java-%%BDBMAJ%%.so
-%%SQL%%lib/db5/libdb_sql-%%BDBVER%%.a
-%%SQL%%lib/db5/libdb_sql-%%BDBVER%%.so
-%%SQL%%lib/db5/libdb_sql-%%BDBVER%%.so.0
-%%SQL%%lib/db5/libdb_sql-%%BDBVER%%.so.0.0.0
-%%SQL%%lib/db5/libdb_sql.a
-%%SQL%%lib/db5/libdb_sql.so
-%%SQL%%lib/db5/libdb_sql-%%BDBMAJ%%.so
lib/db5/libdb_stl-%%BDBVER%%.a
lib/db5/libdb_stl-%%BDBVER%%.so
lib/db5/libdb_stl-%%BDBVER%%.so.0
@@ -115,10 +101,6 @@ lib/libdb_cxx-%%BDBVER%%.so.0
%%JAVA%%lib/libdb_java-%%BDBMAJ%%.so.0
%%JAVA%%lib/libdb_java-%%BDBVER%%.so
%%JAVA%%lib/libdb_java-%%BDBVER%%.so.0
-%%SQL%%lib/libdb_sql-%%BDBMAJ%%.so
-%%SQL%%lib/libdb_sql-%%BDBMAJ%%.so.0
-%%SQL%%lib/libdb_sql-%%BDBVER%%.so
-%%SQL%%lib/libdb_sql-%%BDBVER%%.so.0
lib/libdb_stl-%%BDBMAJ%%.so
lib/libdb_stl-%%BDBMAJ%%.so.0
lib/libdb_stl-%%BDBVER%%.so