[packages/mysql/MYSQL_8_0] - enable client authentication plugins (SASL-based ldap, oci, webauthn), use system icu and libfido2

qboosh qboosh at pld-linux.org
Sat Oct 5 17:24:19 CEST 2024 

commit a969d822cbffa9dd693b1d8f5b30f5ac3473d74c
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date:   Sat Oct 5 16:55:55 2024 +0200

    - enable client authentication plugins (SASL-based ldap, oci, webauthn), use system icu and libfido2

 mysql.spec | 29 ++++++++++++++---------------
 1 file changed, 14 insertions(+), 15 deletions(-)
---
diff --git a/mysql.spec b/mysql.spec
index d8b7bd3..66af6aa 100644
--- a/mysql.spec
+++ b/mysql.spec
@@ -1,9 +1,5 @@
 # TODO:
-# - -DWITH_AUTHENTICATION_LDAP=ON (it's OFF by default)?
 # - -DWITH_AUTHENTICATION_KERBEROS=ON (BR: MIT krb5)
-# - -DWITH_AUTHENTICATION_FIDO=ON (using system libfido?)
-# - if not LDAP or KERBEROS, maybe WITH_AUTHENTICATION_CLIENT_PLUGINS or WITH_AUTHENTICATION_FIDO (BR: libfido2)
-# - -DWITH_ICU=system ?
 # - mysqldump ... (invalid usage) prints to stdout not stderr (idiotic if you want to create dump and get usage in .sql)
 # - http://bugs.mysql.com/bug.php?id=16470
 # - innodb are dynamic (= as plugins) ?
@@ -28,7 +24,7 @@
 %bcond_with	system_boost
 %bcond_without	tests		# run test suite
 %bcond_with	ndb		# NDB is now a separate product, this here is broken, so disable it
-%bcond_without	ldap		# LDAP auth support (requires MIT Kerberos)
+%bcond_with	ldap		# LDAP (server) auth support (requires MIT Kerberos)
 
 Summary:	MySQL: a very fast and reliable SQL database engine
 Summary(de.UTF-8):	MySQL: ist eine SQL-Datenbank
@@ -81,12 +77,14 @@ URL:		https://www.mysql.com/products/community/
 BuildRequires:	bison >= 1.875
 %{?with_system_boost:BuildRequires:	boost-devel >= 1.77.0}
 BuildRequires:	cmake >= 3.5.1
-%{?with_ldap:BuildRequires:	cyrus-sasl-devel}
+BuildRequires:	cyrus-sasl-devel
 # for configure and tests
-%{?with_ldap:BuildRequires:	cyrus-sasl-scram}
-#%{?with_ldap:BuildRequires:	krb5-devel}
+BuildRequires:	cyrus-sasl-scram
+%{?with_ldap:BuildRequires:	krb5-devel}
 BuildRequires:	libaio-devel
 BuildRequires:	libevent-devel
+BuildRequires:	libfido2-devel
+BuildRequires:	libicu-devel
 BuildRequires:	libstdc++-devel >= 5:7.1
 BuildRequires:	libtirpc-devel
 %{?with_tcpd:BuildRequires:	libwrap-devel}
@@ -539,10 +537,13 @@ CPPFLAGS="%{rpmcppflags}" \
 	%{?debug:-DWITH_DEBUG=ON} \
 	-DWITH_EDITLINE=system \
 	-DWITHOUT_EXAMPLE_STORAGE_ENGINE=1 \
-	%{!?with_ldap:-DWITH_AUTHENTICATION_LDAP=OFF} \
+	-DWITH_AUTHENTICATION_CLIENT_PLUGINS=ON \
+	%{?with_ldap:-DWITH_AUTHENTICATION_LDAP=ON} \
 	%{!?with_system_boost:-DWITH_BOOST="$(pwd)/$(ls -1d ../boost_*)"} \
-	%{?with_ldap:-DWITH_LDAP=system} \
+	-DWITH_FIDO=system \
+	-DWITH_ICU=system \
 	-DWITH_KERBEROS=system \
+	%{?with_ldap:-DWITH_LDAP=system} \
 	-DWITH_LIBEVENT=system \
 	-DWITH_LIBWRAP=%{?with_tcpd:ON}%{!?with_tcpd:OFF} \
 	-DWITH_LZ4=system \
@@ -755,9 +756,9 @@ fi
 %attr(755,root,root) %{_libdir}/%{name}/plugin/auth.so
 %attr(755,root,root) %{_libdir}/%{name}/plugin/auth_socket.so
 %attr(755,root,root) %{_libdir}/%{name}/plugin/auth_test_plugin.so
-#%attr(755,root,root) %{_libdir}/%{name}/plugin/authentication_fido_client.so
-#%{?with_ldap:%attr(755,root,root) %{_libdir}/%{name}/plugin/authentication_ldap_sasl_client.so}
-#%attr(755,root,root) %{_libdir}/%{name}/plugin/authentication_oci_client.so
+%attr(755,root,root) %{_libdir}/%{name}/plugin/authentication_fido_client.so
+%attr(755,root,root) %{_libdir}/%{name}/plugin/authentication_ldap_sasl_client.so
+%attr(755,root,root) %{_libdir}/%{name}/plugin/authentication_oci_client.so
 %attr(755,root,root) %{_libdir}/%{name}/plugin/component_audit_api_message_emit.so
 %attr(755,root,root) %{_libdir}/%{name}/plugin/component_keyring_file.so
 %attr(755,root,root) %{_libdir}/%{name}/plugin/component_log_filter_dragnet.so
@@ -797,8 +798,6 @@ fi
 %if %{with sphinx}
 %attr(755,root,root) %{_libdir}/%{name}/plugin/ha_sphinx.so
 %endif
-%dir %{_libdir}/%{name}/private
-%{_libdir}/%{name}/private/icudt*l
 %dir %{_libdir}/%{name}router
 %attr(755,root,root) %{_libdir}/%{name}router/connection_pool.so
 %attr(755,root,root) %{_libdir}/%{name}router/destination_status.so
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/mysql.git/commitdiff/a969d822cbffa9dd693b1d8f5b30f5ac3473d74c

More information about the pld-cvs-commit mailing list