diff options
| author |   Patrick Lauer <patrick@gentoo.org> | 2024-02-02 13:34:14 +0000 |
|---|---|---|
| committer | Patrick Lauer <patrick@gentoo.org> | 2024-02-02 14:05:15 +0000 |
| commit | 7f9c4cc23884adb65595e0f125c41eaa09212c42 (patch) | |
| tree | 3384fbdde826b269bd0d3457b39adb57e00191f7 /dev-db | |
| parent | dev-libs/tree-sitter-javascript: add 0.20.3 (diff) | |
| download | gentoo-7f9c4cc23884adb65595e0f125c41eaa09212c42.tar.gz gentoo-7f9c4cc23884adb65595e0f125c41eaa09212c42.tar.bz2 gentoo-7f9c4cc23884adb65595e0f125c41eaa09212c42.zip | |
dev-db/postgresql: backport openssl fixes
Bug: https://bugs.gentoo.org/923620
Signed-off-by: Patrick Lauer <patrick@gentoo.org>
Diffstat (limited to 'dev-db')
| -rw-r--r-- | dev-db/postgresql/files/postgresql-12-openssl3.2.patch | 178 | ||||
| -rw-r--r-- | dev-db/postgresql/files/postgresql-13-openssl3.2.patch | 172 | ||||
| -rw-r--r-- | dev-db/postgresql/files/postgresql-14-openssl3.2.patch | 195 | ||||
| -rw-r--r-- | dev-db/postgresql/files/postgresql-15-openssl3.2.patch | 194 | ||||
| -rw-r--r-- | dev-db/postgresql/files/postgresql-16-openssl3.2.patch | 216 | ||||
| -rw-r--r-- | dev-db/postgresql/postgresql-12.17-r1.ebuild | 453 | ||||
| -rw-r--r-- | dev-db/postgresql/postgresql-13.13-r1.ebuild | 465 | ||||
| -rw-r--r-- | dev-db/postgresql/postgresql-14.10-r1.ebuild | 465 | ||||
| -rw-r--r-- | dev-db/postgresql/postgresql-15.5-r1.ebuild | 467 | ||||
| -rw-r--r-- | dev-db/postgresql/postgresql-16.1-r1.ebuild | 468 |
10 files changed, 3273 insertions, 0 deletions
diff --git a/dev-db/postgresql/files/postgresql-12-openssl3.2.patch b/dev-db/postgresql/files/postgresql-12-openssl3.2.patch new file mode 100644 index 000000000000..62b254d220c6 --- /dev/null +++ b/dev-db/postgresql/files/postgresql-12-openssl3.2.patch @@ -0,0 +1,178 @@ +commit 6bb4ce36b302296fd09abb097b5e28b66117be92 +Author: Tom Lane <tgl@sss.pgh.pa.us> +Date: Tue Nov 28 12:34:03 2023 -0500 + + Use BIO_{get,set}_app_data instead of BIO_{get,set}_data. + + We should have done it this way all along, but we accidentally got + away with using the wrong BIO field up until OpenSSL 3.2. There, + the library's BIO routines that we rely on use the "data" field + for their own purposes, and our conflicting use causes assorted + weird behaviors up to and including core dumps when SSL connections + are attempted. Switch to using the approved field for the purpose, + i.e. app_data. + + While at it, remove our configure probes for BIO_get_data as well + as the fallback implementation. BIO_{get,set}_app_data have been + there since long before any OpenSSL version that we still support, + even in the back branches. + + Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor + change in an error message spelling that evidently came in with 3.2. + + Tristan Partin and Bo Andreson. Back-patch to all supported branches. + + Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com + +diff --git a/configure b/configure +index cce104aebb..346ea8e2c1 100755 +--- a/configure ++++ b/configure +@@ -12641,7 +12641,7 @@ done + # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it + # doesn't have these OpenSSL 1.1.0 functions. So check for individual + # functions. +- for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data ++ for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data + do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` + ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +diff --git a/configure.in b/configure.in +index 3c93e7a944..2c15b20049 100644 +--- a/configure.in ++++ b/configure.in +@@ -1290,7 +1290,7 @@ if test "$with_openssl" = yes ; then + # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it + # doesn't have these OpenSSL 1.1.0 functions. So check for individual + # functions. +- AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data]) ++ AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data]) + # OpenSSL versions before 1.1.0 required setting callback functions, for + # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock() + # function was removed. +diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c +index b0a1f7258a..34f8f9e71e 100644 +--- a/src/backend/libpq/be-secure-openssl.c ++++ b/src/backend/libpq/be-secure-openssl.c +@@ -699,11 +699,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor) + * to retry; do we need to adopt their logic for that? + */ + +-#ifndef HAVE_BIO_GET_DATA +-#define BIO_get_data(bio) (bio->ptr) +-#define BIO_set_data(bio, data) (bio->ptr = data) +-#endif +- + static BIO_METHOD *my_bio_methods = NULL; + + static int +@@ -713,7 +708,7 @@ my_sock_read(BIO *h, char *buf, int size) + + if (buf != NULL) + { +- res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size); ++ res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size); + BIO_clear_retry_flags(h); + if (res <= 0) + { +@@ -733,7 +728,7 @@ my_sock_write(BIO *h, const char *buf, int size) + { + int res = 0; + +- res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size); ++ res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size); + BIO_clear_retry_flags(h); + if (res <= 0) + { +@@ -809,7 +804,7 @@ my_SSL_set_fd(Port *port, int fd) + SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); + goto err; + } +- BIO_set_data(bio, port); ++ BIO_set_app_data(bio, port); + + BIO_set_fd(bio, fd, BIO_NOCLOSE); + SSL_set_bio(port->ssl, bio, bio); +diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in +index 457a8713cc..1e9d21c3e4 100644 +--- a/src/include/pg_config.h.in ++++ b/src/include/pg_config.h.in +@@ -96,9 +96,6 @@ + /* Define to 1 if you have the <atomic.h> header file. */ + #undef HAVE_ATOMIC_H + +-/* Define to 1 if you have the `BIO_get_data' function. */ +-#undef HAVE_BIO_GET_DATA +- + /* Define to 1 if you have the `BIO_meth_new' function. */ + #undef HAVE_BIO_METH_NEW + +diff --git a/src/include/pg_config.h.win32 b/src/include/pg_config.h.win32 +index 42fd7067f1..37accc560b 100644 +--- a/src/include/pg_config.h.win32 ++++ b/src/include/pg_config.h.win32 +@@ -75,9 +75,6 @@ + /* Define to 1 if you have the `ASN1_STRING_get0_data' function. */ + /* #undef HAVE_ASN1_STRING_GET0_DATA */ + +-/* Define to 1 if you have the `BIO_get_data' function. */ +-/* #undef HAVE_BIO_GET_DATA */ +- + /* Define to 1 if you have the `BIO_meth_new' function. */ + /* #undef HAVE_BIO_METH_NEW */ + +diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c +index 5948a37983..5729dd9acf 100644 +--- a/src/interfaces/libpq/fe-secure-openssl.c ++++ b/src/interfaces/libpq/fe-secure-openssl.c +@@ -1491,10 +1491,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name) + * to retry; do we need to adopt their logic for that? + */ + +-#ifndef HAVE_BIO_GET_DATA +-#define BIO_get_data(bio) (bio->ptr) +-#define BIO_set_data(bio, data) (bio->ptr = data) +-#endif ++/* protected by ssl_config_mutex */ + + static BIO_METHOD *my_bio_methods; + +@@ -1503,7 +1500,7 @@ my_sock_read(BIO *h, char *buf, int size) + { + int res; + +- res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size); ++ res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size); + BIO_clear_retry_flags(h); + if (res < 0) + { +@@ -1533,7 +1530,7 @@ my_sock_write(BIO *h, const char *buf, int size) + { + int res; + +- res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size); ++ res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size); + BIO_clear_retry_flags(h); + if (res < 0) + { +@@ -1624,7 +1621,7 @@ my_SSL_set_fd(PGconn *conn, int fd) + SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); + goto err; + } +- BIO_set_data(bio, conn); ++ BIO_set_app_data(bio, conn); + + SSL_set_bio(conn->ssl, bio, bio); + BIO_set_fd(bio, fd, BIO_NOCLOSE); +diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm +index 20ce233af4..a7e5fdbda9 100644 +--- a/src/tools/msvc/Solution.pm ++++ b/src/tools/msvc/Solution.pm +@@ -273,7 +273,6 @@ sub GenerateFiles + || ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0')) + { + print $o "#define HAVE_ASN1_STRING_GET0_DATA 1\n"; +- print $o "#define HAVE_BIO_GET_DATA 1\n"; + print $o "#define HAVE_BIO_METH_NEW 1\n"; + print $o "#define HAVE_OPENSSL_INIT_SSL 1\n"; + } diff --git a/dev-db/postgresql/files/postgresql-13-openssl3.2.patch b/dev-db/postgresql/files/postgresql-13-openssl3.2.patch new file mode 100644 index 000000000000..fbb80a3ecb20 --- /dev/null +++ b/dev-db/postgresql/files/postgresql-13-openssl3.2.patch @@ -0,0 +1,172 @@ +commit dc8936b9dba79c80aaba8e7232434fb200e95725 +Author: Tom Lane <tgl@sss.pgh.pa.us> +Date: Tue Nov 28 12:34:03 2023 -0500 + + Use BIO_{get,set}_app_data instead of BIO_{get,set}_data. + + We should have done it this way all along, but we accidentally got + away with using the wrong BIO field up until OpenSSL 3.2. There, + the library's BIO routines that we rely on use the "data" field + for their own purposes, and our conflicting use causes assorted + weird behaviors up to and including core dumps when SSL connections + are attempted. Switch to using the approved field for the purpose, + i.e. app_data. + + While at it, remove our configure probes for BIO_get_data as well + as the fallback implementation. BIO_{get,set}_app_data have been + there since long before any OpenSSL version that we still support, + even in the back branches. + + Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor + change in an error message spelling that evidently came in with 3.2. + + Tristan Partin and Bo Andreson. Back-patch to all supported branches. + + Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com + +diff --git a/configure b/configure +index 2fc7dca504..b7caf88229 100755 +--- a/configure ++++ b/configure +@@ -12713,7 +12713,7 @@ done + # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it + # doesn't have these OpenSSL 1.1.0 functions. So check for individual + # functions. +- for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data ++ for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data + do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` + ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +diff --git a/configure.in b/configure.in +index eaca132607..9aec28c8d1 100644 +--- a/configure.in ++++ b/configure.in +@@ -1275,7 +1275,7 @@ if test "$with_openssl" = yes ; then + # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it + # doesn't have these OpenSSL 1.1.0 functions. So check for individual + # functions. +- AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data]) ++ AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data]) + # OpenSSL versions before 1.1.0 required setting callback functions, for + # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock() + # function was removed. +diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c +index 55fe59276a..9e22911379 100644 +--- a/src/backend/libpq/be-secure-openssl.c ++++ b/src/backend/libpq/be-secure-openssl.c +@@ -748,11 +748,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor) + * to retry; do we need to adopt their logic for that? + */ + +-#ifndef HAVE_BIO_GET_DATA +-#define BIO_get_data(bio) (bio->ptr) +-#define BIO_set_data(bio, data) (bio->ptr = data) +-#endif +- + static BIO_METHOD *my_bio_methods = NULL; + + static int +@@ -762,7 +757,7 @@ my_sock_read(BIO *h, char *buf, int size) + + if (buf != NULL) + { +- res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size); ++ res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size); + BIO_clear_retry_flags(h); + if (res <= 0) + { +@@ -782,7 +777,7 @@ my_sock_write(BIO *h, const char *buf, int size) + { + int res = 0; + +- res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size); ++ res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size); + BIO_clear_retry_flags(h); + if (res <= 0) + { +@@ -858,7 +853,7 @@ my_SSL_set_fd(Port *port, int fd) + SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); + goto err; + } +- BIO_set_data(bio, port); ++ BIO_set_app_data(bio, port); + + BIO_set_fd(bio, fd, BIO_NOCLOSE); + SSL_set_bio(port->ssl, bio, bio); +diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in +index 13fc4e0db6..978e685c70 100644 +--- a/src/include/pg_config.h.in ++++ b/src/include/pg_config.h.in +@@ -86,9 +86,6 @@ + /* Define to 1 if you have the `backtrace_symbols' function. */ + #undef HAVE_BACKTRACE_SYMBOLS + +-/* Define to 1 if you have the `BIO_get_data' function. */ +-#undef HAVE_BIO_GET_DATA +- + /* Define to 1 if you have the `BIO_meth_new' function. */ + #undef HAVE_BIO_METH_NEW + +diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c +index 07d5daf4d9..73b1720c4c 100644 +--- a/src/interfaces/libpq/fe-secure-openssl.c ++++ b/src/interfaces/libpq/fe-secure-openssl.c +@@ -1602,10 +1602,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name) + * to retry; do we need to adopt their logic for that? + */ + +-#ifndef HAVE_BIO_GET_DATA +-#define BIO_get_data(bio) (bio->ptr) +-#define BIO_set_data(bio, data) (bio->ptr = data) +-#endif ++/* protected by ssl_config_mutex */ + + static BIO_METHOD *my_bio_methods; + +@@ -1614,7 +1611,7 @@ my_sock_read(BIO *h, char *buf, int size) + { + int res; + +- res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size); ++ res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size); + BIO_clear_retry_flags(h); + if (res < 0) + { +@@ -1644,7 +1641,7 @@ my_sock_write(BIO *h, const char *buf, int size) + { + int res; + +- res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size); ++ res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size); + BIO_clear_retry_flags(h); + if (res < 0) + { +@@ -1735,7 +1732,7 @@ my_SSL_set_fd(PGconn *conn, int fd) + SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); + goto err; + } +- BIO_set_data(bio, conn); ++ BIO_set_app_data(bio, conn); + + SSL_set_bio(conn->ssl, bio, bio); + BIO_set_fd(bio, fd, BIO_NOCLOSE); +diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm +index 78328e1fac..e88e3967cd 100644 +--- a/src/tools/msvc/Solution.pm ++++ b/src/tools/msvc/Solution.pm +@@ -226,7 +226,6 @@ sub GenerateFiles + HAVE_ATOMICS => 1, + HAVE_ATOMIC_H => undef, + HAVE_BACKTRACE_SYMBOLS => undef, +- HAVE_BIO_GET_DATA => undef, + HAVE_BIO_METH_NEW => undef, + HAVE_CLOCK_GETTIME => undef, + HAVE_COMPUTED_GOTO => undef, +@@ -543,7 +542,6 @@ sub GenerateFiles + || ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0')) + { + $define{HAVE_ASN1_STRING_GET0_DATA} = 1; +- $define{HAVE_BIO_GET_DATA} = 1; + $define{HAVE_BIO_METH_NEW} = 1; + $define{HAVE_OPENSSL_INIT_SSL} = 1; + } diff --git a/dev-db/postgresql/files/postgresql-14-openssl3.2.patch b/dev-db/postgresql/files/postgresql-14-openssl3.2.patch new file mode 100644 index 000000000000..c8064adc23a6 --- /dev/null +++ b/dev-db/postgresql/files/postgresql-14-openssl3.2.patch @@ -0,0 +1,195 @@ +commit 50e866f5f3be671620490e3cb3eea533f1677f6c +Author: Tom Lane <tgl@sss.pgh.pa.us> +Date: Tue Nov 28 12:34:03 2023 -0500 + + Use BIO_{get,set}_app_data instead of BIO_{get,set}_data. + + We should have done it this way all along, but we accidentally got + away with using the wrong BIO field up until OpenSSL 3.2. There, + the library's BIO routines that we rely on use the "data" field + for their own purposes, and our conflicting use causes assorted + weird behaviors up to and including core dumps when SSL connections + are attempted. Switch to using the approved field for the purpose, + i.e. app_data. + + While at it, remove our configure probes for BIO_get_data as well + as the fallback implementation. BIO_{get,set}_app_data have been + there since long before any OpenSSL version that we still support, + even in the back branches. + + Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor + change in an error message spelling that evidently came in with 3.2. + + Tristan Partin and Bo Andreson. Back-patch to all supported branches. + + Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com + +diff --git a/configure b/configure +index 62a921b5e7..f74b9862a0 100755 +--- a/configure ++++ b/configure +@@ -13071,7 +13071,7 @@ done + # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it + # doesn't have these OpenSSL 1.1.0 functions. So check for individual + # functions. +- for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free ++ for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free + do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` + ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +diff --git a/configure.ac b/configure.ac +index a3243cc7e8..46624d2a11 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1311,7 +1311,7 @@ if test "$with_ssl" = openssl ; then + # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it + # doesn't have these OpenSSL 1.1.0 functions. So check for individual + # functions. +- AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free]) ++ AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free]) + # OpenSSL versions before 1.1.0 required setting callback functions, for + # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock() + # function was removed. +diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c +index 13ac961442..e39952494e 100644 +--- a/src/backend/libpq/be-secure-openssl.c ++++ b/src/backend/libpq/be-secure-openssl.c +@@ -823,11 +823,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor) + * to retry; do we need to adopt their logic for that? + */ + +-#ifndef HAVE_BIO_GET_DATA +-#define BIO_get_data(bio) (bio->ptr) +-#define BIO_set_data(bio, data) (bio->ptr = data) +-#endif +- + static BIO_METHOD *my_bio_methods = NULL; + + static int +@@ -837,7 +832,7 @@ my_sock_read(BIO *h, char *buf, int size) + + if (buf != NULL) + { +- res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size); ++ res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size); + BIO_clear_retry_flags(h); + if (res <= 0) + { +@@ -857,7 +852,7 @@ my_sock_write(BIO *h, const char *buf, int size) + { + int res = 0; + +- res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size); ++ res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size); + BIO_clear_retry_flags(h); + if (res <= 0) + { +@@ -933,7 +928,7 @@ my_SSL_set_fd(Port *port, int fd) + SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); + goto err; + } +- BIO_set_data(bio, port); ++ BIO_set_app_data(bio, port); + + BIO_set_fd(bio, fd, BIO_NOCLOSE); + SSL_set_bio(port->ssl, bio, bio); +diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in +index 40d513c128..51fa911fb6 100644 +--- a/src/include/pg_config.h.in ++++ b/src/include/pg_config.h.in +@@ -86,9 +86,6 @@ + /* Define to 1 if you have the `backtrace_symbols' function. */ + #undef HAVE_BACKTRACE_SYMBOLS + +-/* Define to 1 if you have the `BIO_get_data' function. */ +-#undef HAVE_BIO_GET_DATA +- + /* Define to 1 if you have the `BIO_meth_new' function. */ + #undef HAVE_BIO_METH_NEW + +diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c +index 7f27767da6..383fdbe80e 100644 +--- a/src/interfaces/libpq/fe-secure-openssl.c ++++ b/src/interfaces/libpq/fe-secure-openssl.c +@@ -1661,11 +1661,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name) + * to retry; do we need to adopt their logic for that? + */ + +-#ifndef HAVE_BIO_GET_DATA +-#define BIO_get_data(bio) (bio->ptr) +-#define BIO_set_data(bio, data) (bio->ptr = data) +-#endif +- ++/* protected by ssl_config_mutex */ + static BIO_METHOD *my_bio_methods; + + static int +@@ -1673,7 +1669,7 @@ my_sock_read(BIO *h, char *buf, int size) + { + int res; + +- res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size); ++ res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size); + BIO_clear_retry_flags(h); + if (res < 0) + { +@@ -1703,7 +1699,7 @@ my_sock_write(BIO *h, const char *buf, int size) + { + int res; + +- res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size); ++ res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size); + BIO_clear_retry_flags(h); + if (res < 0) + { +@@ -1794,7 +1790,7 @@ my_SSL_set_fd(PGconn *conn, int fd) + SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); + goto err; + } +- BIO_set_data(bio, conn); ++ BIO_set_app_data(bio, conn); + + SSL_set_bio(conn->ssl, bio, bio); + BIO_set_fd(bio, fd, BIO_NOCLOSE); +diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl +index 8cdd0d2e68..cc7bd98c83 100644 +--- a/src/test/ssl/t/001_ssltests.pl ++++ b/src/test/ssl/t/001_ssltests.pl +@@ -538,7 +538,7 @@ $node->connect_fails( + $node->connect_fails( + "$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt sslkey=ssl/client-revoked_tmp.key", + "certificate authorization fails with revoked client cert", +- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/, ++ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|, + # revoked certificates should not authenticate the user + log_unlike => [qr/connection authenticated:/],); + +@@ -591,7 +591,7 @@ switch_server_cert($node, 'server-cn-only', undef, undef, + $node->connect_fails( + "$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt sslkey=ssl/client-revoked_tmp.key", + "certificate authorization fails with revoked client cert with server-side CRL directory", +- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/); ++ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|); + + # clean up + foreach my $key (@keys) +diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm +index 577b5afea7..53d60dbd25 100644 +--- a/src/tools/msvc/Solution.pm ++++ b/src/tools/msvc/Solution.pm +@@ -229,7 +229,6 @@ sub GenerateFiles + HAVE_ATOMICS => 1, + HAVE_ATOMIC_H => undef, + HAVE_BACKTRACE_SYMBOLS => undef, +- HAVE_BIO_GET_DATA => undef, + HAVE_BIO_METH_NEW => undef, + HAVE_CLOCK_GETTIME => undef, + HAVE_COMPUTED_GOTO => undef, +@@ -562,7 +561,6 @@ sub GenerateFiles + || ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0')) + { + $define{HAVE_ASN1_STRING_GET0_DATA} = 1; +- $define{HAVE_BIO_GET_DATA} = 1; + $define{HAVE_BIO_METH_NEW} = 1; + $define{HAVE_HMAC_CTX_FREE} = 1; + $define{HAVE_HMAC_CTX_NEW} = 1; diff --git a/dev-db/postgresql/files/postgresql-15-openssl3.2.patch b/dev-db/postgresql/files/postgresql-15-openssl3.2.patch new file mode 100644 index 000000000000..6e0b954a9f0b --- /dev/null +++ b/dev-db/postgresql/files/postgresql-15-openssl3.2.patch @@ -0,0 +1,194 @@ +commit a4927ebffae000198f6054eea26191ac2e50697f +Author: Tom Lane <tgl@sss.pgh.pa.us> +Date: Tue Nov 28 12:34:03 2023 -0500 + + Use BIO_{get,set}_app_data instead of BIO_{get,set}_data. + + We should have done it this way all along, but we accidentally got + away with using the wrong BIO field up until OpenSSL 3.2. There, + the library's BIO routines that we rely on use the "data" field + for their own purposes, and our conflicting use causes assorted + weird behaviors up to and including core dumps when SSL connections + are attempted. Switch to using the approved field for the purpose, + i.e. app_data. + + While at it, remove our configure probes for BIO_get_data as well + as the fallback implementation. BIO_{get,set}_app_data have been + there since long before any OpenSSL version that we still support, + even in the back branches. + + Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor + change in an error message spelling that evidently came in with 3.2. + + Tristan Partin and Bo Andreson. Back-patch to all supported branches. + + Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com + +diff --git a/configure b/configure +index d83a402ea1..d55440cd6a 100755 +--- a/configure ++++ b/configure +@@ -13239,7 +13239,7 @@ done + # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it + # doesn't have these OpenSSL 1.1.0 functions. So check for individual + # functions. +- for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free ++ for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free + do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` + ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +diff --git a/configure.ac b/configure.ac +index 570daced81..2bc752ca1a 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1347,7 +1347,7 @@ if test "$with_ssl" = openssl ; then + # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it + # doesn't have these OpenSSL 1.1.0 functions. So check for individual + # functions. +- AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free]) ++ AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free]) + # OpenSSL versions before 1.1.0 required setting callback functions, for + # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock() + # function was removed. +diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c +index f5c5ed210e..aed8a75345 100644 +--- a/src/backend/libpq/be-secure-openssl.c ++++ b/src/backend/libpq/be-secure-openssl.c +@@ -839,11 +839,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor) + * to retry; do we need to adopt their logic for that? + */ + +-#ifndef HAVE_BIO_GET_DATA +-#define BIO_get_data(bio) (bio->ptr) +-#define BIO_set_data(bio, data) (bio->ptr = data) +-#endif +- + static BIO_METHOD *my_bio_methods = NULL; + + static int +@@ -853,7 +848,7 @@ my_sock_read(BIO *h, char *buf, int size) + + if (buf != NULL) + { +- res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size); ++ res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size); + BIO_clear_retry_flags(h); + if (res <= 0) + { +@@ -873,7 +868,7 @@ my_sock_write(BIO *h, const char *buf, int size) + { + int res = 0; + +- res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size); ++ res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size); + BIO_clear_retry_flags(h); + if (res <= 0) + { +@@ -949,7 +944,7 @@ my_SSL_set_fd(Port *port, int fd) + SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); + goto err; + } +- BIO_set_data(bio, port); ++ BIO_set_app_data(bio, port); + + BIO_set_fd(bio, fd, BIO_NOCLOSE); + SSL_set_bio(port->ssl, bio, bio); +diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in +index d09e9f9a1c..768e3d719c 100644 +--- a/src/include/pg_config.h.in ++++ b/src/include/pg_config.h.in +@@ -77,9 +77,6 @@ + /* Define to 1 if you have the `backtrace_symbols' function. */ + #undef HAVE_BACKTRACE_SYMBOLS + +-/* Define to 1 if you have the `BIO_get_data' function. */ +-#undef HAVE_BIO_GET_DATA +- + /* Define to 1 if you have the `BIO_meth_new' function. */ + #undef HAVE_BIO_METH_NEW + +diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c +index af59ff49f7..c19b0dc078 100644 +--- a/src/interfaces/libpq/fe-secure-openssl.c ++++ b/src/interfaces/libpq/fe-secure-openssl.c +@@ -1800,11 +1800,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name) + * to retry; do we need to adopt their logic for that? + */ + +-#ifndef HAVE_BIO_GET_DATA +-#define BIO_get_data(bio) (bio->ptr) +-#define BIO_set_data(bio, data) (bio->ptr = data) +-#endif +- ++/* protected by ssl_config_mutex */ + static BIO_METHOD *my_bio_methods; + + static int +@@ -1812,7 +1808,7 @@ my_sock_read(BIO *h, char *buf, int size) + { + int res; + +- res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size); ++ res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size); + BIO_clear_retry_flags(h); + if (res < 0) + { +@@ -1842,7 +1838,7 @@ my_sock_write(BIO *h, const char *buf, int size) + { + int res; + +- res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size); ++ res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size); + BIO_clear_retry_flags(h); + if (res < 0) + { +@@ -1933,7 +1929,7 @@ my_SSL_set_fd(PGconn *conn, int fd) + SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); + goto err; + } +- BIO_set_data(bio, conn); ++ BIO_set_app_data(bio, conn); + + SSL_set_bio(conn->ssl, bio, bio); + BIO_set_fd(bio, fd, BIO_NOCLOSE); +diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl +index 707f4005af..c570b48a1b 100644 +--- a/src/test/ssl/t/001_ssltests.pl ++++ b/src/test/ssl/t/001_ssltests.pl +@@ -682,7 +682,7 @@ $node->connect_fails( + "$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt " + . sslkey('client-revoked.key'), + "certificate authorization fails with revoked client cert", +- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/, ++ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|, + # revoked certificates should not authenticate the user + log_unlike => [qr/connection authenticated:/],); + +@@ -743,6 +743,6 @@ $node->connect_fails( + "$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt " + . sslkey('client-revoked.key'), + "certificate authorization fails with revoked client cert with server-side CRL directory", +- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/); ++ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|); + + done_testing(); +diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm +index 790f03b05e..a53239fa28 100644 +--- a/src/tools/msvc/Solution.pm ++++ b/src/tools/msvc/Solution.pm +@@ -226,7 +226,6 @@ sub GenerateFiles + HAVE_ATOMICS => 1, + HAVE_ATOMIC_H => undef, + HAVE_BACKTRACE_SYMBOLS => undef, +- HAVE_BIO_GET_DATA => undef, + HAVE_BIO_METH_NEW => undef, + HAVE_CLOCK_GETTIME => undef, + HAVE_COMPUTED_GOTO => undef, +@@ -566,7 +565,6 @@ sub GenerateFiles + || ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0')) + { + $define{HAVE_ASN1_STRING_GET0_DATA} = 1; +- $define{HAVE_BIO_GET_DATA} = 1; + $define{HAVE_BIO_METH_NEW} = 1; + $define{HAVE_HMAC_CTX_FREE} = 1; + $define{HAVE_HMAC_CTX_NEW} = 1; diff --git a/dev-db/postgresql/files/postgresql-16-openssl3.2.patch b/dev-db/postgresql/files/postgresql-16-openssl3.2.patch new file mode 100644 index 000000000000..2740187d9f4e --- /dev/null +++ b/dev-db/postgresql/files/postgresql-16-openssl3.2.patch @@ -0,0 +1,216 @@ +commit 9140a24b312176ebb4e6eb6458b33ce640c04440 +Author: Tom Lane <tgl@sss.pgh.pa.us> +Date: Tue Nov 28 12:34:03 2023 -0500 + + Use BIO_{get,set}_app_data instead of BIO_{get,set}_data. + + We should have done it this way all along, but we accidentally got + away with using the wrong BIO field up until OpenSSL 3.2. There, + the library's BIO routines that we rely on use the "data" field + for their own purposes, and our conflicting use causes assorted + weird behaviors up to and including core dumps when SSL connections + are attempted. Switch to using the approved field for the purpose, + i.e. app_data. + + While at it, remove our configure probes for BIO_get_data as well + as the fallback implementation. BIO_{get,set}_app_data have been + there since long before any OpenSSL version that we still support, + even in the back branches. + + Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor + change in an error message spelling that evidently came in with 3.2. + + Tristan Partin and Bo Andreson. Back-patch to all supported branches. + + Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com + +diff --git a/configure b/configure +index 82e45657b2..907c777b9c 100755 +--- a/configure ++++ b/configure +@@ -12982,7 +12982,7 @@ done + # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it + # doesn't have these OpenSSL 1.1.0 functions. So check for individual + # functions. +- for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free ++ for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free + do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` + ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +diff --git a/configure.ac b/configure.ac +index fcea0bcab4..ab32bfdd08 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1385,7 +1385,7 @@ if test "$with_ssl" = openssl ; then + # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it + # doesn't have these OpenSSL 1.1.0 functions. So check for individual + # functions. +- AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free]) ++ AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free]) + # OpenSSL versions before 1.1.0 required setting callback functions, for + # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock() + # function was removed. +diff --git a/meson.build b/meson.build +index 51b5285924..96fc2e139a 100644 +--- a/meson.build ++++ b/meson.build +@@ -1278,7 +1278,6 @@ if sslopt in ['auto', 'openssl'] + # doesn't have these OpenSSL 1.1.0 functions. So check for individual + # functions. + ['OPENSSL_init_ssl'], +- ['BIO_get_data'], + ['BIO_meth_new'], + ['ASN1_STRING_get0_data'], + ['HMAC_CTX_new'], +diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c +index e9c86d08df..49dca0cda9 100644 +--- a/src/backend/libpq/be-secure-openssl.c ++++ b/src/backend/libpq/be-secure-openssl.c +@@ -844,11 +844,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor) + * to retry; do we need to adopt their logic for that? + */ + +-#ifndef HAVE_BIO_GET_DATA +-#define BIO_get_data(bio) (bio->ptr) +-#define BIO_set_data(bio, data) (bio->ptr = data) +-#endif +- + static BIO_METHOD *my_bio_methods = NULL; + + static int +@@ -858,7 +853,7 @@ my_sock_read(BIO *h, char *buf, int size) + + if (buf != NULL) + { +- res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size); ++ res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size); + BIO_clear_retry_flags(h); + if (res <= 0) + { +@@ -878,7 +873,7 @@ my_sock_write(BIO *h, const char *buf, int size) + { + int res = 0; + +- res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size); ++ res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size); + BIO_clear_retry_flags(h); + if (res <= 0) + { +@@ -954,7 +949,7 @@ my_SSL_set_fd(Port *port, int fd) + SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); + goto err; + } +- BIO_set_data(bio, port); ++ BIO_set_app_data(bio, port); + + BIO_set_fd(bio, fd, BIO_NOCLOSE); + SSL_set_bio(port->ssl, bio, bio); +diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in +index 6d572c3820..174544630e 100644 +--- a/src/include/pg_config.h.in ++++ b/src/include/pg_config.h.in +@@ -70,9 +70,6 @@ + /* Define to 1 if you have the `backtrace_symbols' function. */ + #undef HAVE_BACKTRACE_SYMBOLS + +-/* Define to 1 if you have the `BIO_get_data' function. */ +-#undef HAVE_BIO_GET_DATA +- + /* Define to 1 if you have the `BIO_meth_new' function. */ + #undef HAVE_BIO_METH_NEW + +diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c +index 390c888c96..fb6404ade0 100644 +--- a/src/interfaces/libpq/fe-secure-openssl.c ++++ b/src/interfaces/libpq/fe-secure-openssl.c +@@ -1830,11 +1830,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name) + * to retry; do we need to adopt their logic for that? + */ + +-#ifndef HAVE_BIO_GET_DATA +-#define BIO_get_data(bio) (bio->ptr) +-#define BIO_set_data(bio, data) (bio->ptr = data) +-#endif +- ++/* protected by ssl_config_mutex */ + static BIO_METHOD *my_bio_methods; + + static int +@@ -1842,7 +1838,7 @@ my_sock_read(BIO *h, char *buf, int size) + { + int res; + +- res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size); ++ res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size); + BIO_clear_retry_flags(h); + if (res < 0) + { +@@ -1872,7 +1868,7 @@ my_sock_write(BIO *h, const char *buf, int size) + { + int res; + +- res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size); ++ res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size); + BIO_clear_retry_flags(h); + if (res < 0) + { +@@ -1963,7 +1959,7 @@ my_SSL_set_fd(PGconn *conn, int fd) + SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); + goto err; + } +- BIO_set_data(bio, conn); ++ BIO_set_app_data(bio, conn); + + SSL_set_bio(conn->ssl, bio, bio); + BIO_set_fd(bio, fd, BIO_NOCLOSE); +diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl +index 76442de063..9bb28fbc83 100644 +--- a/src/test/ssl/t/001_ssltests.pl ++++ b/src/test/ssl/t/001_ssltests.pl +@@ -781,7 +781,7 @@ $node->connect_fails( + "$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt " + . sslkey('client-revoked.key'), + "certificate authorization fails with revoked client cert", +- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/, ++ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|, + # temporarily(?) skip this check due to timing issue + # log_like => [ + # qr{Client certificate verification failed at depth 0: certificate revoked}, +@@ -886,7 +886,7 @@ $node->connect_fails( + "$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt " + . sslkey('client-revoked.key'), + "certificate authorization fails with revoked client cert with server-side CRL directory", +- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/, ++ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|, + # temporarily(?) skip this check due to timing issue + # log_like => [ + # qr{Client certificate verification failed at depth 0: certificate revoked}, +@@ -899,7 +899,7 @@ $node->connect_fails( + "$common_connstr user=ssltestuser sslcert=ssl/client-revoked-utf8.crt " + . sslkey('client-revoked-utf8.key'), + "certificate authorization fails with revoked UTF-8 client cert with server-side CRL directory", +- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/, ++ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|, + # temporarily(?) skip this check due to timing issue + # log_like => [ + # qr{Client certificate verification failed at depth 0: certificate revoked}, +diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm +index b6d31c3583..711fae853f 100644 +--- a/src/tools/msvc/Solution.pm ++++ b/src/tools/msvc/Solution.pm +@@ -225,7 +225,6 @@ sub GenerateFiles + HAVE_ATOMICS => 1, + HAVE_ATOMIC_H => undef, + HAVE_BACKTRACE_SYMBOLS => undef, +- HAVE_BIO_GET_DATA => undef, + HAVE_BIO_METH_NEW => undef, + HAVE_COMPUTED_GOTO => undef, + HAVE_COPYFILE => undef, +@@ -503,7 +502,6 @@ sub GenerateFiles + || ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0')) + { + $define{HAVE_ASN1_STRING_GET0_DATA} = 1; +- $define{HAVE_BIO_GET_DATA} = 1; + $define{HAVE_BIO_METH_NEW} = 1; + $define{HAVE_HMAC_CTX_FREE} = 1; + $define{HAVE_HMAC_CTX_NEW} = 1; diff --git a/dev-db/postgresql/postgresql-12.17-r1.ebuild b/dev-db/postgresql/postgresql-12.17-r1.ebuild new file mode 100644 index 000000000000..98c061b70e09 --- /dev/null +++ b/dev-db/postgresql/postgresql-12.17-r1.ebuild @@ -0,0 +1,453 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10,11,12} ) +LLVM_MAX_SLOT=17 + +inherit flag-o-matic linux-info llvm pam python-single-r1 systemd tmpfiles + +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris" + +SLOT=$(ver_cut 1) + +MY_PV=${PV/_/} +S="${WORKDIR}/${PN}-${MY_PV}" + +SRC_URI="https://ftp.postgresql.org/pub/source/v${MY_PV}/postgresql-${MY_PV}.tar.bz2" + +LICENSE="POSTGRESQL GPL-2" +DESCRIPTION="PostgreSQL RDBMS" +HOMEPAGE="https://www.postgresql.org/" + +IUSE="debug doc icu kerberos ldap llvm nls pam perl python +readline + selinux +server systemd ssl static-libs tcl uuid xml zlib" + +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +CDEPEND=" +>=app-eselect/eselect-postgresql-2.0 +acct-group/postgres +acct-user/postgres +sys-apps/less +virtual/libintl +icu? ( dev-libs/icu:= ) +kerberos? ( virtual/krb5 ) +ldap? ( net-nds/openldap:= ) +llvm? ( + <sys-devel/llvm-18:= + <sys-devel/clang-18:= +) +pam? ( sys-libs/pam ) +perl? ( >=dev-lang/perl-5.8:= ) +python? ( ${PYTHON_DEPS} ) +readline? ( sys-libs/readline:0= ) +server? ( systemd? ( sys-apps/systemd ) ) +ssl? ( >=dev-libs/openssl-0.9.6-r1:0= ) +tcl? ( >=dev-lang/tcl-8:0= ) +xml? ( dev-libs/libxml2 dev-libs/libxslt ) +zlib? ( sys-libs/zlib ) +" + +# uuid flags -- depend on sys-apps/util-linux for Linux libcs, or if no +# supported libc in use depend on dev-libs/ossp-uuid. For BSD systems, +# the libc includes UUID functions. +UTIL_LINUX_LIBC=( elibc_{glibc,musl} ) + +nest_usedep() { + local front back + while [[ ${#} -gt 1 ]]; do + front+="${1}? ( " + back+=" )" + shift + done + echo "${front}${1}${back}" +} + +CDEPEND+=" +uuid? ( + ${UTIL_LINUX_LIBC[@]/%/? ( sys-apps/util-linux )} + $(nest_usedep ${UTIL_LINUX_LIBC[@]/#/!} dev-libs/ossp-uuid) +)" + +DEPEND="${CDEPEND} +sys-devel/bison +app-alternatives/lex +nls? ( sys-devel/gettext ) +xml? ( virtual/pkgconfig ) +" + +RDEPEND="${CDEPEND} +selinux? ( sec-policy/selinux-postgresql ) +" + +pkg_setup() { + use llvm && llvm_pkg_setup + + use server && CONFIG_CHECK="~SYSVIPC" linux-info_pkg_setup + + use python && python-single-r1_pkg_setup +} + +src_prepare() { + # Set proper run directory + sed "s|\(PGSOCKET_DIR\s\+\)\"/tmp\"|\1\"${EPREFIX}/run/postgresql\"|" \ + -i src/include/pg_config_manual.h || die + + # Rely on $PATH being in the proper order so that the correct + # install program is used for modules utilizing PGXS in both + # hardened and non-hardened environments. (Bug #528786) + sed 's/@install_bin@/install -c/' -i src/Makefile.global.in || die + + use server || eapply "${FILESDIR}/${PN}-12.1-no-server.patch" + + if use pam ; then + sed "s/\(#define PGSQL_PAM_SERVICE \"postgresql\)/\1-${SLOT}/" \ + -i src/backend/libpq/auth.c || \ + die 'PGSQL_PAM_SERVICE rename failed.' + fi + + eapply "${FILESDIR}"/postgresql-12-openssl3.2.patch + + eapply_user +} + +src_configure() { + case ${CHOST} in + *-darwin*|*-solaris*) + use nls && append-libs intl + ;; + esac + + export LDFLAGS_SL="${LDFLAGS}" + export LDFLAGS_EX="${LDFLAGS}" + + local PO="${EPREFIX}" + + local i uuid_config="" + if use uuid; then + for i in ${UTIL_LINUX_LIBC[@]}; do + use ${i} && uuid_config="--with-uuid=e2fs" + done + [[ -z $uuid_config ]] && uuid_config="--with-uuid=ossp" + fi + + econf \ + --prefix="${PO}/usr/$(get_libdir)/postgresql-${SLOT}" \ + --datadir="${PO}/usr/share/postgresql-${SLOT}" \ + --includedir="${PO}/usr/include/postgresql-${SLOT}" \ + --mandir="${PO}/usr/share/postgresql-${SLOT}/man" \ + --sysconfdir="${PO}/etc/postgresql-${SLOT}" \ + --with-system-tzdata="${PO}/usr/share/zoneinfo" \ + $(use_enable !alpha spinlocks) \ + $(use_enable debug) \ + $(use_with icu) \ + $(use_with kerberos gssapi) \ + $(use_with ldap) \ + $(use_with llvm) \ + $(use_with pam) \ + $(use_with perl) \ + $(use_with python) \ + $(use_with readline) \ + $(use_with ssl openssl) \ + $(usex server "$(use_with systemd)" '--without-systemd') \ + $(use_with tcl) \ + ${uuid_config} \ + $(use_with xml libxml) \ + $(use_with xml libxslt) \ + $(use_with zlib) \ + $(use_enable nls) +} + +src_compile() { + emake + emake -C contrib +} + +src_install() { + emake DESTDIR="${D}" install + emake DESTDIR="${D}" install -C contrib + + dodoc README HISTORY + + # man pages are already built, but if we have the target make them, + # they'll be generated from source before being installed so we + # manually install man pages. + # We use ${SLOT} instead of doman for postgresql.eselect + insinto /usr/share/postgresql-${SLOT}/man/ + doins -r doc/src/sgml/man{1,3,7} + if ! use server; then + # Remove man pages for non-existent binaries + serverman=( + initdb + pg_{archivecleanup,controldata,ctl,resetwal,rewind,standby} + pg_{test_{fsync,timing},upgrade,waldump} + post{gres,master} + ) + for m in ${serverman[@]} ; do + rm "${ED}/usr/share/postgresql-${SLOT}/man/man1/${m}.1" + done + fi + docompress /usr/share/postgresql-${SLOT}/man/man{1,3,7} + + # Create slot specific man pages + local bn f mansec slotted_name + for mansec in 1 3 7 ; do + local rel_manpath="../../postgresql-${SLOT}/man/man${mansec}" + + mkdir -p "${ED}"/usr/share/man/man${mansec} || die "making man dir" + pushd "${ED}"/usr/share/man/man${mansec} > /dev/null || die "pushd failed" + + for f in "${ED}/usr/share/postgresql-${SLOT}/man/man${mansec}"/* ; do + bn=$(basename "${f}") + slotted_name=${bn%.${mansec}}${SLOT}.${mansec} + case ${bn} in + TABLE.7|WITH.7) + echo ".so ${rel_manpath}/SELECT.7" > ${slotted_name} + ;; + *) + echo ".so ${rel_manpath}/${bn}" > ${slotted_name} + ;; + esac + done + + popd > /dev/null + done + + insinto /etc/postgresql-${SLOT} + newins src/bin/psql/psqlrc.sample psqlrc + + # Don't delete libpg{port,common}.a (Bug #571046). They're always + # needed by extensions utilizing PGXS. + use static-libs || \ + find "${ED}" -name '*.a' ! -name libpgport.a ! -name libpgcommon.a \ + -delete + + # Make slot specific links to programs + local f bn + for f in $(find "${ED}/usr/$(get_libdir)/postgresql-${SLOT}/bin" \ + -mindepth 1 -maxdepth 1) + do + bn=$(basename "${f}") + dosym "../$(get_libdir)/postgresql-${SLOT}/bin/${bn}" \ + "/usr/bin/${bn}${SLOT/.}" + done + + if use doc ; then + docinto html + dodoc doc/src/sgml/html/* + fi + + if use server; then + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.confd-9.3" | newconfd - ${PN}-${SLOT} + + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.init-9.3-r1" | newinitd - ${PN}-${SLOT} + + if use systemd; then + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.service-9.6-r1" | \ + systemd_newunit - ${PN}-${SLOT}.service + newbin "${FILESDIR}"/${PN}-check-db-dir ${PN}-${SLOT}-check-db-dir + newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}-${SLOT}.conf + fi + + use pam && pamd_mimic system-auth ${PN}-${SLOT} auth account session + + if use prefix ; then + keepdir /run/postgresql + fperms 1775 /run/postgresql + fi + fi +} + +pkg_postinst() { + use server && use systemd && tmpfiles_process ${PN}-${SLOT}.conf + postgresql-config update + + elog "If you need a global psqlrc-file, you can place it in:" + elog " ${EROOT}/etc/postgresql-${SLOT}/" + + if use server ; then + elog + elog "Gentoo specific documentation:" + elog "https://wiki.gentoo.org/wiki/PostgreSQL" + elog + elog "Official documentation:" + elog "https://www.postgresql.org/docs/${SLOT}/static/index.html" + elog + elog "The default location of the Unix-domain socket is:" + elog " ${EROOT}/run/postgresql/" + elog + elog "Before initializing the database, you may want to edit PG_INITDB_OPTS" + elog "so that it contains your preferred locale in:" + elog " ${EROOT}/etc/conf.d/postgresql-${SLOT}" + elog + elog "Then, execute the following command to setup the initial database" + elog "environment:" + elog " emerge --config =${CATEGORY}/${PF}" + + if [[ -n ${REPLACING_VERSIONS} ]] ; then + ewarn "If your system is using 'pg_stat_statements' and you are running a" + ewarn "version of PostgreSQL ${SLOT}, we advise that you execute" + ewarn "the following command after upgrading:" + ewarn + ewarn "ALTER EXTENSION pg_stat_statements UPDATE;" + fi + fi +} + +pkg_prerm() { + if use server && [[ -z ${REPLACED_BY_VERSION} ]] ; then + ewarn "Have you dumped and/or migrated the ${SLOT} database cluster?" + ewarn "\thttps://wiki.gentoo.org/wiki/PostgreSQL/QuickStart#Migrating_PostgreSQL" + + ebegin "Resuming removal in 10 seconds (Control-C to cancel)" + sleep 10 + eend 0 + fi +} + +pkg_postrm() { + postgresql-config update +} + +pkg_config() { + use server || die "USE flag 'server' not enabled. Nothing to configure." + + [[ -f "${EROOT}/etc/conf.d/postgresql-${SLOT}" ]] \ + && source "${EROOT}/etc/conf.d/postgresql-${SLOT}" + [[ -z "${PGDATA}" ]] && PGDATA="${EROOT}/etc/postgresql-${SLOT}/" + [[ -z "${DATA_DIR}" ]] \ + && DATA_DIR="${EROOT}/var/lib/postgresql/${SLOT}/data" + + # environment.bz2 may not contain the same locale as the current system + # locale. Unset and source from the current system locale. + if [ -f "${EROOT}/etc/env.d/02locale" ]; then + unset LANG + unset LC_CTYPE + unset LC_NUMERIC + unset LC_TIME + unset LC_COLLATE + unset LC_MONETARY + unset LC_MESSAGES + unset LC_ALL + source "${EROOT}/etc/env.d/02locale" + [ -n "${LANG}" ] && export LANG + [ -n "${LC_CTYPE}" ] && export LC_CTYPE + [ -n "${LC_NUMERIC}" ] && export LC_NUMERIC + [ -n "${LC_TIME}" ] && export LC_TIME + [ -n "${LC_COLLATE}" ] && export LC_COLLATE + [ -n "${LC_MONETARY}" ] && export LC_MONETARY + [ -n "${LC_MESSAGES}" ] && export LC_MESSAGES + [ -n "${LC_ALL}" ] && export LC_ALL + fi + + einfo "You can modify the paths and options passed to initdb by editing:" + einfo " ${EROOT}/etc/conf.d/postgresql-${SLOT}" + einfo + einfo "Information on options that can be passed to initdb are found at:" + einfo " https://www.postgresql.org/docs/${SLOT}/static/creating-cluster.html" + einfo " https://www.postgresql.org/docs/${SLOT}/static/app-initdb.html" + einfo + einfo "PG_INITDB_OPTS is currently set to:" + if [[ -z "${PG_INITDB_OPTS}" ]] ; then + einfo " (none)" + else + einfo " ${PG_INITDB_OPTS}" + fi + einfo + einfo "Configuration files will be installed to:" + einfo " ${PGDATA}" + einfo + einfo "The database cluster will be created in:" + einfo " ${DATA_DIR}" + einfo + + ebegin "Continuing initialization in 5 seconds (Control-C to cancel)" + sleep 5 + eend 0 + + if [ -n "$(ls -A ${DATA_DIR} 2> /dev/null)" ] ; then + eerror "The given directory, '${DATA_DIR}', is not empty." + eerror "Modify DATA_DIR to point to an empty directory." + die "${DATA_DIR} is not empty." + fi + + einfo "Creating the data directory ..." + if [[ ${EUID} == 0 ]] ; then + mkdir -p "$(dirname ${DATA_DIR%/})" || die "Couldn't parent dirs" + mkdir -m 0700 "${DATA_DIR%/}" || die "Couldn't make DATA_DIR" + chown -h postgres:postgres "${DATA_DIR%/}" || die "Couldn't chown" + fi + + einfo "Initializing the database ..." + + if [[ ${EUID} == 0 ]] ; then + su - postgres -c "${EROOT}/usr/$(get_libdir)/postgresql-${SLOT}/bin/initdb -D \"${DATA_DIR}\" ${PG_INITDB_OPTS}" + else + "${EROOT}"/usr/$(get_libdir)/postgresql-${SLOT}/bin/initdb -U postgres -D "${DATA_DIR}" ${PG_INITDB_OPTS} + fi + + if [[ "${DATA_DIR%/}" != "${PGDATA%/}" ]] ; then + mv "${DATA_DIR%/}"/{pg_{hba,ident},postgresql}.conf "${PGDATA}" + ln -s "${PGDATA%/}"/{pg_{hba,ident},postgresql}.conf "${DATA_DIR%/}" + fi + + # unix_socket_directory has no effect in postgresql.conf as it's + # overridden in the initscript + sed '/^#unix_socket_directories/,+1d' -i "${PGDATA%/}"/postgresql.conf + + cat <<- EOF >> "${PGDATA%/}"/postgresql.conf + # This is here because of https://bugs.gentoo.org/show_bug.cgi?id=518522 + # On the off-chance that you might need to work with UTF-8 encoded + # characters in PL/Perl + plperl.on_init = 'use utf8; use re; package utf8; require "utf8_heavy.pl";' + EOF + + einfo "The autovacuum function, which was in contrib, has been moved to the main" + einfo "PostgreSQL functions starting with 8.1, and starting with 8.4 is now enabled" + einfo "by default. You can disable it in the cluster's:" + einfo " ${PGDATA%/}/postgresql.conf" + einfo + if ! use systemd; then + einfo "The PostgreSQL server, by default, will log events to:" + einfo " ${DATA_DIR%/}/postmaster.log" + einfo + fi + if use prefix ; then + einfo "The location of the configuration files have moved to:" + einfo " ${PGDATA}" + einfo "To start the server:" + einfo " pg_ctl start -D ${DATA_DIR} -o '-D ${PGDATA} --data-directory=${DATA_DIR}'" + einfo "To stop:" + einfo " pg_ctl stop -D ${DATA_DIR}" + einfo + einfo "Or move the configuration files back:" + einfo "mv ${PGDATA}*.conf ${DATA_DIR}" + elif use systemd; then + einfo "You should use the 'postgresql-${SLOT}.service' unit to run PostgreSQL" + einfo "instead of 'pg_ctl'." + else + einfo "You should use the '${EROOT}/etc/init.d/postgresql-${SLOT}' script to run PostgreSQL" + einfo "instead of 'pg_ctl'." + fi +} + +src_test() { + if use server && [[ ${UID} -ne 0 ]] ; then + emake check + + einfo "If you think other tests besides the regression tests are necessary, please" + einfo "submit a bug including a patch for this ebuild to enable them." + else + use server || \ + ewarn 'Tests cannot be run without the "server" use flag enabled.' + [[ ${UID} -eq 0 ]] || \ + ewarn 'Tests cannot be run as root. Enable "userpriv" in FEATURES.' + + ewarn 'Skipping.' + fi +} diff --git a/dev-db/postgresql/postgresql-13.13-r1.ebuild b/dev-db/postgresql/postgresql-13.13-r1.ebuild new file mode 100644 index 000000000000..603471f9df11 --- /dev/null +++ b/dev-db/postgresql/postgresql-13.13-r1.ebuild @@ -0,0 +1,465 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10,11,12} ) +LLVM_MAX_SLOT=17 + +inherit flag-o-matic linux-info llvm pam python-single-r1 systemd tmpfiles + +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris" + +SLOT=$(ver_cut 1) + +MY_PV=${PV/_/} +S="${WORKDIR}/${PN}-${MY_PV}" + +SRC_URI="https://ftp.postgresql.org/pub/source/v${MY_PV}/postgresql-${MY_PV}.tar.bz2" + +LICENSE="POSTGRESQL GPL-2" +DESCRIPTION="PostgreSQL RDBMS" +HOMEPAGE="https://www.postgresql.org/" + +IUSE="debug doc icu kerberos ldap llvm nls pam perl python +readline + selinux +server systemd ssl static-libs tcl uuid xml zlib" + +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +CDEPEND=" +>=app-eselect/eselect-postgresql-2.0 +acct-group/postgres +acct-user/postgres +sys-apps/less +virtual/libintl +icu? ( dev-libs/icu:= ) +kerberos? ( virtual/krb5 ) +ldap? ( net-nds/openldap:= ) +llvm? ( + <sys-devel/llvm-18:= + <sys-devel/clang-18:= +) +pam? ( sys-libs/pam ) +perl? ( >=dev-lang/perl-5.8:= ) +python? ( ${PYTHON_DEPS} ) +readline? ( sys-libs/readline:0= ) +server? ( systemd? ( sys-apps/systemd ) ) +ssl? ( >=dev-libs/openssl-0.9.6-r1:0= ) +tcl? ( >=dev-lang/tcl-8:0= ) +xml? ( dev-libs/libxml2 dev-libs/libxslt ) +zlib? ( sys-libs/zlib ) +" + +# uuid flags -- depend on sys-apps/util-linux for Linux libcs, or if no +# supported libc in use depend on dev-libs/ossp-uuid. For BSD systems, +# the libc includes UUID functions. +UTIL_LINUX_LIBC=( elibc_{glibc,musl} ) + +nest_usedep() { + local front back + while [[ ${#} -gt 1 ]]; do + front+="${1}? ( " + back+=" )" + shift + done + echo "${front}${1}${back}" +} + +CDEPEND+=" +uuid? ( + ${UTIL_LINUX_LIBC[@]/%/? ( sys-apps/util-linux )} + $(nest_usedep ${UTIL_LINUX_LIBC[@]/#/!} dev-libs/ossp-uuid) +)" + +DEPEND="${CDEPEND} +sys-devel/bison +app-alternatives/lex +nls? ( sys-devel/gettext ) +xml? ( virtual/pkgconfig ) +" + +RDEPEND="${CDEPEND} +selinux? ( sec-policy/selinux-postgresql ) +" + +pkg_setup() { + use llvm && llvm_pkg_setup + + use server && CONFIG_CHECK="~SYSVIPC" linux-info_pkg_setup + + use python && python-single-r1_pkg_setup +} + +src_prepare() { + eapply "${FILESDIR}"/${PN}-13.3-riscv-spinlocks.patch + + # Set proper run directory + sed "s|\(PGSOCKET_DIR\s\+\)\"/tmp\"|\1\"${EPREFIX}/run/postgresql\"|" \ + -i src/include/pg_config_manual.h || die + + # Rely on $PATH being in the proper order so that the correct + # install program is used for modules utilizing PGXS in both + # hardened and non-hardened environments. (Bug #528786) + sed 's/@install_bin@/install -c/' -i src/Makefile.global.in || die + + use server || eapply "${FILESDIR}/${PN}-13.8-no-server.patch" + + if use pam ; then + sed "s/\(#define PGSQL_PAM_SERVICE \"postgresql\)/\1-${SLOT}/" \ + -i src/backend/libpq/auth.c || \ + die 'PGSQL_PAM_SERVICE rename failed.' + fi + + eapply "${FILESDIR}"/postgresql-13-openssl3.2.patch + + eapply_user +} + +src_configure() { + case ${CHOST} in + *-darwin*|*-solaris*) + use nls && append-libs intl + ;; + esac + + export LDFLAGS_SL="${LDFLAGS}" + export LDFLAGS_EX="${LDFLAGS}" + + local PO="${EPREFIX}" + + local i uuid_config="" + if use uuid; then + for i in ${UTIL_LINUX_LIBC[@]}; do + use ${i} && uuid_config="--with-uuid=e2fs" + done + [[ -z $uuid_config ]] && uuid_config="--with-uuid=ossp" + fi + + local myconf="\ + --prefix="${PO}/usr/$(get_libdir)/postgresql-${SLOT}" \ + --datadir="${PO}/usr/share/postgresql-${SLOT}" \ + --includedir="${PO}/usr/include/postgresql-${SLOT}" \ + --mandir="${PO}/usr/share/postgresql-${SLOT}/man" \ + --sysconfdir="${PO}/etc/postgresql-${SLOT}" \ + --with-system-tzdata="${PO}/usr/share/zoneinfo" \ + $(use_enable debug) \ + $(use_with icu) \ + $(use_with kerberos gssapi) \ + $(use_with ldap) \ + $(use_with llvm) \ + $(use_with pam) \ + $(use_with perl) \ + $(use_with python) \ + $(use_with readline) \ + $(use_with ssl openssl) \ + $(usex server "$(use_with systemd)" '--without-systemd') \ + $(use_with tcl) \ + ${uuid_config} \ + $(use_with xml libxml) \ + $(use_with xml libxslt) \ + $(use_with zlib) \ + $(use_enable nls)" + if use alpha; then + myconf+=" --disable-spinlocks" + else + # Should be the default but just in case + myconf+=" --enable-spinlocks" + fi + econf ${myconf} +} + +src_compile() { + emake + emake -C contrib +} + +src_install() { + emake DESTDIR="${D}" install + emake DESTDIR="${D}" install -C contrib + + dodoc README HISTORY + + # man pages are already built, but if we have the target make them, + # they'll be generated from source before being installed so we + # manually install man pages. + # We use ${SLOT} instead of doman for postgresql.eselect + insinto /usr/share/postgresql-${SLOT}/man/ + doins -r doc/src/sgml/man{1,3,7} + if ! use server; then + # Remove man pages for non-existent binaries + serverman=( + initdb + pg_{archivecleanup,controldata,ctl,resetwal,rewind,standby} + pg_{test_{fsync,timing},upgrade,waldump} + post{gres,master} + ) + for m in ${serverman[@]} ; do + rm "${ED}/usr/share/postgresql-${SLOT}/man/man1/${m}.1" + done + fi + docompress /usr/share/postgresql-${SLOT}/man/man{1,3,7} + + # Create slot specific man pages + local bn f mansec slotted_name + for mansec in 1 3 7 ; do + local rel_manpath="../../postgresql-${SLOT}/man/man${mansec}" + + mkdir -p "${ED}"/usr/share/man/man${mansec} || die "making man dir" + pushd "${ED}"/usr/share/man/man${mansec} > /dev/null || die "pushd failed" + + for f in "${ED}/usr/share/postgresql-${SLOT}/man/man${mansec}"/* ; do + bn=$(basename "${f}") + slotted_name=${bn%.${mansec}}${SLOT}.${mansec} + case ${bn} in + TABLE.7|WITH.7) + echo ".so ${rel_manpath}/SELECT.7" > ${slotted_name} + ;; + *) + echo ".so ${rel_manpath}/${bn}" > ${slotted_name} + ;; + esac + done + + popd > /dev/null + done + + insinto /etc/postgresql-${SLOT} + newins src/bin/psql/psqlrc.sample psqlrc + + # Don't delete libpg{port,common}.a (Bug #571046). They're always + # needed by extensions utilizing PGXS. + use static-libs || \ + find "${ED}" -name '*.a' ! -name libpgport.a ! -name libpgcommon.a \ + -delete + + # Make slot specific links to programs + local f bn + for f in $(find "${ED}/usr/$(get_libdir)/postgresql-${SLOT}/bin" \ + -mindepth 1 -maxdepth 1) + do + bn=$(basename "${f}") + dosym "../$(get_libdir)/postgresql-${SLOT}/bin/${bn}" \ + "/usr/bin/${bn}${SLOT/.}" + done + + if use doc ; then + docinto html + dodoc doc/src/sgml/html/* + fi + + if use server; then + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.confd-9.3" | newconfd - ${PN}-${SLOT} + + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.init-9.3-r1" | newinitd - ${PN}-${SLOT} + + if use systemd; then + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.service-9.6-r1" | \ + systemd_newunit - ${PN}-${SLOT}.service + newbin "${FILESDIR}"/${PN}-check-db-dir ${PN}-${SLOT}-check-db-dir + newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}-${SLOT}.conf + fi + + use pam && pamd_mimic system-auth ${PN}-${SLOT} auth account session + + if use prefix ; then + keepdir /run/postgresql + fperms 1775 /run/postgresql + fi + fi +} + +pkg_postinst() { + use server && use systemd && tmpfiles_process ${PN}-${SLOT}.conf + postgresql-config update + + elog "If you need a global psqlrc-file, you can place it in:" + elog " ${EROOT}/etc/postgresql-${SLOT}/" + + if use server ; then + elog + elog "Gentoo specific documentation:" + elog "https://wiki.gentoo.org/wiki/PostgreSQL" + elog + elog "Official documentation:" + elog "https://www.postgresql.org/docs/${SLOT}/static/index.html" + elog + elog "The default location of the Unix-domain socket is:" + elog " ${EROOT}/run/postgresql/" + elog + elog "Before initializing the database, you may want to edit PG_INITDB_OPTS" + elog "so that it contains your preferred locale in:" + elog " ${EROOT}/etc/conf.d/postgresql-${SLOT}" + elog + elog "Then, execute the following command to setup the initial database" + elog "environment:" + elog " emerge --config =${CATEGORY}/${PF}" + + if [[ -n ${REPLACING_VERSIONS} ]] ; then + ewarn "If your system is using 'pg_stat_statements' and you are running a" + ewarn "version of PostgreSQL ${SLOT}, we advise that you execute" + ewarn "the following command after upgrading:" + ewarn + ewarn "ALTER EXTENSION pg_stat_statements UPDATE;" + fi + fi +} + +pkg_prerm() { + if use server && [[ -z ${REPLACED_BY_VERSION} ]] ; then + ewarn "Have you dumped and/or migrated the ${SLOT} database cluster?" + ewarn "\thttps://wiki.gentoo.org/wiki/PostgreSQL/QuickStart#Migrating_PostgreSQL" + + ebegin "Resuming removal in 10 seconds (Control-C to cancel)" + sleep 10 + eend 0 + fi +} + +pkg_postrm() { + postgresql-config update +} + +pkg_config() { + use server || die "USE flag 'server' not enabled. Nothing to configure." + + [[ -f "${EROOT}/etc/conf.d/postgresql-${SLOT}" ]] \ + && source "${EROOT}/etc/conf.d/postgresql-${SLOT}" + [[ -z "${PGDATA}" ]] && PGDATA="${EROOT}/etc/postgresql-${SLOT}/" + [[ -z "${DATA_DIR}" ]] \ + && DATA_DIR="${EROOT}/var/lib/postgresql/${SLOT}/data" + + # environment.bz2 may not contain the same locale as the current system + # locale. Unset and source from the current system locale. + if [ -f "${EROOT}/etc/env.d/02locale" ]; then + unset LANG + unset LC_CTYPE + unset LC_NUMERIC + unset LC_TIME + unset LC_COLLATE + unset LC_MONETARY + unset LC_MESSAGES + unset LC_ALL + source "${EROOT}/etc/env.d/02locale" + [ -n "${LANG}" ] && export LANG + [ -n "${LC_CTYPE}" ] && export LC_CTYPE + [ -n "${LC_NUMERIC}" ] && export LC_NUMERIC + [ -n "${LC_TIME}" ] && export LC_TIME + [ -n "${LC_COLLATE}" ] && export LC_COLLATE + [ -n "${LC_MONETARY}" ] && export LC_MONETARY + [ -n "${LC_MESSAGES}" ] && export LC_MESSAGES + [ -n "${LC_ALL}" ] && export LC_ALL + fi + + einfo "You can modify the paths and options passed to initdb by editing:" + einfo " ${EROOT}/etc/conf.d/postgresql-${SLOT}" + einfo + einfo "Information on options that can be passed to initdb are found at:" + einfo " https://www.postgresql.org/docs/${SLOT}/static/creating-cluster.html" + einfo " https://www.postgresql.org/docs/${SLOT}/static/app-initdb.html" + einfo + einfo "PG_INITDB_OPTS is currently set to:" + if [[ -z "${PG_INITDB_OPTS}" ]] ; then + einfo " (none)" + else + einfo " ${PG_INITDB_OPTS}" + fi + einfo + einfo "Configuration files will be installed to:" + einfo " ${PGDATA}" + einfo + einfo "The database cluster will be created in:" + einfo " ${DATA_DIR}" + einfo + + ebegin "Continuing initialization in 5 seconds (Control-C to cancel)" + sleep 5 + eend 0 + + if [ -n "$(ls -A ${DATA_DIR} 2> /dev/null)" ] ; then + eerror "The given directory, '${DATA_DIR}', is not empty." + eerror "Modify DATA_DIR to point to an empty directory." + die "${DATA_DIR} is not empty." + fi + + einfo "Creating the data directory ..." + if [[ ${EUID} == 0 ]] ; then + mkdir -p "$(dirname ${DATA_DIR%/})" || die "Couldn't parent dirs" + mkdir -m 0700 "${DATA_DIR%/}" || die "Couldn't make DATA_DIR" + chown -h postgres:postgres "${DATA_DIR%/}" || die "Couldn't chown" + fi + + einfo "Initializing the database ..." + + if [[ ${EUID} == 0 ]] ; then + su - postgres -c "${EROOT}/usr/$(get_libdir)/postgresql-${SLOT}/bin/initdb -D \"${DATA_DIR}\" ${PG_INITDB_OPTS}" + else + "${EROOT}"/usr/$(get_libdir)/postgresql-${SLOT}/bin/initdb -U postgres -D "${DATA_DIR}" ${PG_INITDB_OPTS} + fi + + if [[ "${DATA_DIR%/}" != "${PGDATA%/}" ]] ; then + mv "${DATA_DIR%/}"/{pg_{hba,ident},postgresql}.conf "${PGDATA}" + ln -s "${PGDATA%/}"/{pg_{hba,ident},postgresql}.conf "${DATA_DIR%/}" + fi + + # unix_socket_directory has no effect in postgresql.conf as it's + # overridden in the initscript + sed '/^#unix_socket_directories/,+1d' -i "${PGDATA%/}"/postgresql.conf + + cat <<- EOF >> "${PGDATA%/}"/postgresql.conf + # This is here because of https://bugs.gentoo.org/show_bug.cgi?id=518522 + # On the off-chance that you might need to work with UTF-8 encoded + # characters in PL/Perl + plperl.on_init = 'use utf8; use re; package utf8; require "utf8_heavy.pl";' + EOF + + einfo "The autovacuum function, which was in contrib, has been moved to the main" + einfo "PostgreSQL functions starting with 8.1, and starting with 8.4 is now enabled" + einfo "by default. You can disable it in the cluster's:" + einfo " ${PGDATA%/}/postgresql.conf" + einfo + if ! use systemd; then + einfo "The PostgreSQL server, by default, will log events to:" + einfo " ${DATA_DIR%/}/postmaster.log" + einfo + fi + if use prefix ; then + einfo "The location of the configuration files have moved to:" + einfo " ${PGDATA}" + einfo "To start the server:" + einfo " pg_ctl start -D ${DATA_DIR} -o '-D ${PGDATA} --data-directory=${DATA_DIR}'" + einfo "To stop:" + einfo " pg_ctl stop -D ${DATA_DIR}" + einfo + einfo "Or move the configuration files back:" + einfo "mv ${PGDATA}*.conf ${DATA_DIR}" + elif use systemd; then + einfo "You should use the 'postgresql-${SLOT}.service' unit to run PostgreSQL" + einfo "instead of 'pg_ctl'." + else + einfo "You should use the '${EROOT}/etc/init.d/postgresql-${SLOT}' script to run PostgreSQL" + einfo "instead of 'pg_ctl'." + fi +} + +src_test() { + if use server && [[ ${UID} -ne 0 ]] ; then + # Some ICU tests fail if LC_CTYPE and LC_COLLATE aren't the same. We set + # LC_CTYPE to be equal to LC_COLLATE since LC_COLLATE is set by Portage. + local old_ctype=${LC_CTYPE} + export LC_CTYPE=${LC_COLLATE} + emake check + export LC_CTYPE=${old_ctype} + einfo "If you think other tests besides the regression tests are necessary, please" + einfo "submit a bug including a patch for this ebuild to enable them." + else + use server || \ + ewarn 'Tests cannot be run without the "server" use flag enabled.' + [[ ${UID} -eq 0 ]] || \ + ewarn 'Tests cannot be run as root. Enable "userpriv" in FEATURES.' + + ewarn 'Skipping.' + fi +} diff --git a/dev-db/postgresql/postgresql-14.10-r1.ebuild b/dev-db/postgresql/postgresql-14.10-r1.ebuild new file mode 100644 index 000000000000..6ac2f9b4d22c --- /dev/null +++ b/dev-db/postgresql/postgresql-14.10-r1.ebuild @@ -0,0 +1,465 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10,11,12} ) +LLVM_MAX_SLOT=17 + +inherit flag-o-matic linux-info llvm pam python-single-r1 systemd tmpfiles + +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris" + +SLOT=$(ver_cut 1) + +MY_PV=${PV/_/} +S="${WORKDIR}/${PN}-${MY_PV}" + +SRC_URI="https://ftp.postgresql.org/pub/source/v${MY_PV}/postgresql-${MY_PV}.tar.bz2" + +LICENSE="POSTGRESQL GPL-2" +DESCRIPTION="PostgreSQL RDBMS" +HOMEPAGE="https://www.postgresql.org/" + +IUSE="debug doc icu kerberos ldap llvm lz4 nls pam perl python +readline + selinux +server systemd ssl static-libs tcl uuid xml zlib" + +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +CDEPEND=" +>=app-eselect/eselect-postgresql-2.0 +acct-group/postgres +acct-user/postgres +sys-apps/less +virtual/libintl +icu? ( dev-libs/icu:= ) +kerberos? ( virtual/krb5 ) +ldap? ( net-nds/openldap:= ) +llvm? ( + <sys-devel/llvm-18:= + <sys-devel/clang-18:= +) +lz4? ( app-arch/lz4 ) +pam? ( sys-libs/pam ) +perl? ( >=dev-lang/perl-5.8:= ) +python? ( ${PYTHON_DEPS} ) +readline? ( sys-libs/readline:0= ) +server? ( systemd? ( sys-apps/systemd ) ) +ssl? ( >=dev-libs/openssl-0.9.6-r1:0= ) +tcl? ( >=dev-lang/tcl-8:0= ) +xml? ( dev-libs/libxml2 dev-libs/libxslt ) +zlib? ( sys-libs/zlib ) +" + +# uuid flags -- depend on sys-apps/util-linux for Linux libcs, or if no +# supported libc in use depend on dev-libs/ossp-uuid. For BSD systems, +# the libc includes UUID functions. +UTIL_LINUX_LIBC=( elibc_{glibc,musl} ) + +nest_usedep() { + local front back + while [[ ${#} -gt 1 ]]; do + front+="${1}? ( " + back+=" )" + shift + done + echo "${front}${1}${back}" +} + +CDEPEND+=" +uuid? ( + ${UTIL_LINUX_LIBC[@]/%/? ( sys-apps/util-linux )} + $(nest_usedep ${UTIL_LINUX_LIBC[@]/#/!} dev-libs/ossp-uuid) +)" + +DEPEND="${CDEPEND} +sys-devel/bison +app-alternatives/lex +nls? ( sys-devel/gettext ) +xml? ( virtual/pkgconfig ) +" + +RDEPEND="${CDEPEND} +selinux? ( sec-policy/selinux-postgresql ) +" + +pkg_setup() { + use llvm && llvm_pkg_setup + + use server && CONFIG_CHECK="~SYSVIPC" linux-info_pkg_setup + + use python && python-single-r1_pkg_setup +} + +src_prepare() { + # Set proper run directory + sed "s|\(PGSOCKET_DIR\s\+\)\"/tmp\"|\1\"${EPREFIX}/run/postgresql\"|" \ + -i src/include/pg_config_manual.h || die + + # Rely on $PATH being in the proper order so that the correct + # install program is used for modules utilizing PGXS in both + # hardened and non-hardened environments. (Bug #528786) + sed 's/@install_bin@/install -c/' -i src/Makefile.global.in || die + + use server || eapply "${FILESDIR}/${PN}-14.5-no-server.patch" + + if use pam ; then + sed "s/\(#define PGSQL_PAM_SERVICE \"postgresql\)/\1-${SLOT}/" \ + -i src/backend/libpq/auth.c || \ + die 'PGSQL_PAM_SERVICE rename failed.' + fi + + eapply "${FILESDIR}"/postgresql-14-openssl3.2.patch + + eapply_user +} + +src_configure() { + case ${CHOST} in + *-darwin*|*-solaris*) + use nls && append-libs intl + ;; + esac + + export LDFLAGS_SL="${LDFLAGS}" + export LDFLAGS_EX="${LDFLAGS}" + + local PO="${EPREFIX}" + + local i uuid_config="" + if use uuid; then + for i in ${UTIL_LINUX_LIBC[@]}; do + use ${i} && uuid_config="--with-uuid=e2fs" + done + [[ -z $uuid_config ]] && uuid_config="--with-uuid=ossp" + fi + + local myconf="\ + --prefix="${PO}/usr/$(get_libdir)/postgresql-${SLOT}" \ + --datadir="${PO}/usr/share/postgresql-${SLOT}" \ + --includedir="${PO}/usr/include/postgresql-${SLOT}" \ + --mandir="${PO}/usr/share/postgresql-${SLOT}/man" \ + --sysconfdir="${PO}/etc/postgresql-${SLOT}" \ + --with-system-tzdata="${PO}/usr/share/zoneinfo" \ + $(use_enable debug) \ + $(use_with icu) \ + $(use_with kerberos gssapi) \ + $(use_with ldap) \ + $(use_with llvm) \ + $(use_with lz4) \ + $(use_with pam) \ + $(use_with perl) \ + $(use_with python) \ + $(use_with readline) \ + $(use_with ssl openssl) \ + $(usex server "$(use_with systemd)" '--without-systemd') \ + $(use_with tcl) \ + ${uuid_config} \ + $(use_with xml libxml) \ + $(use_with xml libxslt) \ + $(use_with zlib) \ + $(use_enable nls)" + if use alpha; then + myconf+=" --disable-spinlocks" + else + # Should be the default but just in case + myconf+=" --enable-spinlocks" + fi + econf ${myconf} +} + +src_compile() { + emake + emake -C contrib +} + +src_install() { + emake DESTDIR="${D}" install + emake DESTDIR="${D}" install -C contrib + + dodoc README HISTORY + + # man pages are already built, but if we have the target make them, + # they'll be generated from source before being installed so we + # manually install man pages. + # We use ${SLOT} instead of doman for postgresql.eselect + insinto /usr/share/postgresql-${SLOT}/man/ + doins -r doc/src/sgml/man{1,3,7} + if ! use server; then + # Remove man pages for non-existent binaries + serverman=( + initdb + pg_{archivecleanup,controldata,ctl,resetwal,rewind,standby} + pg_{test_{fsync,timing},upgrade,waldump} + post{gres,master} + ) + for m in ${serverman[@]} ; do + rm "${ED}/usr/share/postgresql-${SLOT}/man/man1/${m}.1" + done + fi + docompress /usr/share/postgresql-${SLOT}/man/man{1,3,7} + + # Create slot specific man pages + local bn f mansec slotted_name + for mansec in 1 3 7 ; do + local rel_manpath="../../postgresql-${SLOT}/man/man${mansec}" + + mkdir -p "${ED}"/usr/share/man/man${mansec} || die "making man dir" + pushd "${ED}"/usr/share/man/man${mansec} > /dev/null || die "pushd failed" + + for f in "${ED}/usr/share/postgresql-${SLOT}/man/man${mansec}"/* ; do + bn=$(basename "${f}") + slotted_name=${bn%.${mansec}}${SLOT}.${mansec} + case ${bn} in + TABLE.7|WITH.7) + echo ".so ${rel_manpath}/SELECT.7" > ${slotted_name} + ;; + *) + echo ".so ${rel_manpath}/${bn}" > ${slotted_name} + ;; + esac + done + + popd > /dev/null + done + + insinto /etc/postgresql-${SLOT} + newins src/bin/psql/psqlrc.sample psqlrc + + # Don't delete libpg{port,common}.a (Bug #571046). They're always + # needed by extensions utilizing PGXS. + use static-libs || \ + find "${ED}" -name '*.a' ! -name libpgport.a ! -name libpgcommon.a \ + -delete + + # Make slot specific links to programs + local f bn + for f in $(find "${ED}/usr/$(get_libdir)/postgresql-${SLOT}/bin" \ + -mindepth 1 -maxdepth 1) + do + bn=$(basename "${f}") + dosym "../$(get_libdir)/postgresql-${SLOT}/bin/${bn}" \ + "/usr/bin/${bn}${SLOT/.}" + done + + if use doc ; then + docinto html + dodoc doc/src/sgml/html/* + fi + + if use server; then + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.confd-9.3" | newconfd - ${PN}-${SLOT} + + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.init-9.3-r1" | newinitd - ${PN}-${SLOT} + + if use systemd; then + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.service-9.6-r1" | \ + systemd_newunit - ${PN}-${SLOT}.service + newbin "${FILESDIR}"/${PN}-check-db-dir ${PN}-${SLOT}-check-db-dir + newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}-${SLOT}.conf + fi + + use pam && pamd_mimic system-auth ${PN}-${SLOT} auth account session + + if use prefix ; then + keepdir /run/postgresql + fperms 1775 /run/postgresql + fi + fi +} + +pkg_postinst() { + use server && use systemd && tmpfiles_process ${PN}-${SLOT}.conf + postgresql-config update + + elog "If you need a global psqlrc-file, you can place it in:" + elog " ${EROOT}/etc/postgresql-${SLOT}/" + + if use server ; then + elog + elog "Gentoo specific documentation:" + elog "https://wiki.gentoo.org/wiki/PostgreSQL" + elog + elog "Official documentation:" + elog "https://www.postgresql.org/docs/${SLOT}/static/index.html" + elog + elog "The default location of the Unix-domain socket is:" + elog " ${EROOT}/run/postgresql/" + elog + elog "Before initializing the database, you may want to edit PG_INITDB_OPTS" + elog "so that it contains your preferred locale in:" + elog " ${EROOT}/etc/conf.d/postgresql-${SLOT}" + elog + elog "Then, execute the following command to setup the initial database" + elog "environment:" + elog " emerge --config =${CATEGORY}/${PF}" + + if [[ -n ${REPLACING_VERSIONS} ]] ; then + ewarn "If your system is using 'pg_stat_statements' and you are running a" + ewarn "version of PostgreSQL ${SLOT}, we advise that you execute" + ewarn "the following command after upgrading:" + ewarn + ewarn "ALTER EXTENSION pg_stat_statements UPDATE;" + fi + fi +} + +pkg_prerm() { + if use server && [[ -z ${REPLACED_BY_VERSION} ]] ; then + ewarn "Have you dumped and/or migrated the ${SLOT} database cluster?" + ewarn "\thttps://wiki.gentoo.org/wiki/PostgreSQL/QuickStart#Migrating_PostgreSQL" + + ebegin "Resuming removal in 10 seconds (Control-C to cancel)" + sleep 10 + eend 0 + fi +} + +pkg_postrm() { + postgresql-config update +} + +pkg_config() { + use server || die "USE flag 'server' not enabled. Nothing to configure." + + [[ -f "${EROOT}/etc/conf.d/postgresql-${SLOT}" ]] \ + && source "${EROOT}/etc/conf.d/postgresql-${SLOT}" + [[ -z "${PGDATA}" ]] && PGDATA="${EROOT}/etc/postgresql-${SLOT}/" + [[ -z "${DATA_DIR}" ]] \ + && DATA_DIR="${EROOT}/var/lib/postgresql/${SLOT}/data" + + # environment.bz2 may not contain the same locale as the current system + # locale. Unset and source from the current system locale. + if [ -f "${EROOT}/etc/env.d/02locale" ]; then + unset LANG + unset LC_CTYPE + unset LC_NUMERIC + unset LC_TIME + unset LC_COLLATE + unset LC_MONETARY + unset LC_MESSAGES + unset LC_ALL + source "${EROOT}/etc/env.d/02locale" + [ -n "${LANG}" ] && export LANG + [ -n "${LC_CTYPE}" ] && export LC_CTYPE + [ -n "${LC_NUMERIC}" ] && export LC_NUMERIC + [ -n "${LC_TIME}" ] && export LC_TIME + [ -n "${LC_COLLATE}" ] && export LC_COLLATE + [ -n "${LC_MONETARY}" ] && export LC_MONETARY + [ -n "${LC_MESSAGES}" ] && export LC_MESSAGES + [ -n "${LC_ALL}" ] && export LC_ALL + fi + + einfo "You can modify the paths and options passed to initdb by editing:" + einfo " ${EROOT}/etc/conf.d/postgresql-${SLOT}" + einfo + einfo "Information on options that can be passed to initdb are found at:" + einfo " https://www.postgresql.org/docs/${SLOT}/static/creating-cluster.html" + einfo " https://www.postgresql.org/docs/${SLOT}/static/app-initdb.html" + einfo + einfo "PG_INITDB_OPTS is currently set to:" + if [[ -z "${PG_INITDB_OPTS}" ]] ; then + einfo " (none)" + else + einfo " ${PG_INITDB_OPTS}" + fi + einfo + einfo "Configuration files will be installed to:" + einfo " ${PGDATA}" + einfo + einfo "The database cluster will be created in:" + einfo " ${DATA_DIR}" + einfo + + ebegin "Continuing initialization in 5 seconds (Control-C to cancel)" + sleep 5 + eend 0 + + if [ -n "$(ls -A ${DATA_DIR} 2> /dev/null)" ] ; then + eerror "The given directory, '${DATA_DIR}', is not empty." + eerror "Modify DATA_DIR to point to an empty directory." + die "${DATA_DIR} is not empty." + fi + + einfo "Creating the data directory ..." + if [[ ${EUID} == 0 ]] ; then + mkdir -p "$(dirname ${DATA_DIR%/})" || die "Couldn't parent dirs" + mkdir -m 0700 "${DATA_DIR%/}" || die "Couldn't make DATA_DIR" + chown -h postgres:postgres "${DATA_DIR%/}" || die "Couldn't chown" + fi + + einfo "Initializing the database ..." + + if [[ ${EUID} == 0 ]] ; then + su - postgres -c "${EROOT}/usr/$(get_libdir)/postgresql-${SLOT}/bin/initdb -D \"${DATA_DIR}\" ${PG_INITDB_OPTS}" + else + "${EROOT}"/usr/$(get_libdir)/postgresql-${SLOT}/bin/initdb -U postgres -D "${DATA_DIR}" ${PG_INITDB_OPTS} + fi + + if [[ "${DATA_DIR%/}" != "${PGDATA%/}" ]] ; then + mv "${DATA_DIR%/}"/{pg_{hba,ident},postgresql}.conf "${PGDATA}" + ln -s "${PGDATA%/}"/{pg_{hba,ident},postgresql}.conf "${DATA_DIR%/}" + fi + + # unix_socket_directory has no effect in postgresql.conf as it's + # overridden in the initscript + sed '/^#unix_socket_directories/,+1d' -i "${PGDATA%/}"/postgresql.conf + + cat <<- EOF >> "${PGDATA%/}"/postgresql.conf + # This is here because of https://bugs.gentoo.org/show_bug.cgi?id=518522 + # On the off-chance that you might need to work with UTF-8 encoded + # characters in PL/Perl + plperl.on_init = 'use utf8; use re; package utf8; require "utf8_heavy.pl";' + EOF + + einfo "The autovacuum function, which was in contrib, has been moved to the main" + einfo "PostgreSQL functions starting with 8.1, and starting with 8.4 is now enabled" + einfo "by default. You can disable it in the cluster's:" + einfo " ${PGDATA%/}/postgresql.conf" + einfo + if ! use systemd; then + einfo "The PostgreSQL server, by default, will log events to:" + einfo " ${DATA_DIR%/}/postmaster.log" + einfo + fi + if use prefix ; then + einfo "The location of the configuration files have moved to:" + einfo " ${PGDATA}" + einfo "To start the server:" + einfo " pg_ctl start -D ${DATA_DIR} -o '-D ${PGDATA} --data-directory=${DATA_DIR}'" + einfo "To stop:" + einfo " pg_ctl stop -D ${DATA_DIR}" + einfo + einfo "Or move the configuration files back:" + einfo "mv ${PGDATA}*.conf ${DATA_DIR}" + elif use systemd; then + einfo "You should use the 'postgresql-${SLOT}.service' unit to run PostgreSQL" + einfo "instead of 'pg_ctl'." + else + einfo "You should use the '${EROOT}/etc/init.d/postgresql-${SLOT}' script to run PostgreSQL" + einfo "instead of 'pg_ctl'." + fi +} + +src_test() { + if use server && [[ ${UID} -ne 0 ]] ; then + # Some ICU tests fail if LC_CTYPE and LC_COLLATE aren't the same. We set + # LC_CTYPE to be equal to LC_COLLATE since LC_COLLATE is set by Portage. + local old_ctype=${LC_CTYPE} + export LC_CTYPE=${LC_COLLATE} + emake check + export LC_CTYPE=${old_ctype} + einfo "If you think other tests besides the regression tests are necessary, please" + einfo "submit a bug including a patch for this ebuild to enable them." + else + use server || \ + ewarn 'Tests cannot be run without the "server" use flag enabled.' + [[ ${UID} -eq 0 ]] || \ + ewarn 'Tests cannot be run as root. Enable "userpriv" in FEATURES.' + + ewarn 'Skipping.' + fi +} diff --git a/dev-db/postgresql/postgresql-15.5-r1.ebuild b/dev-db/postgresql/postgresql-15.5-r1.ebuild new file mode 100644 index 000000000000..6d928ddac1b1 --- /dev/null +++ b/dev-db/postgresql/postgresql-15.5-r1.ebuild @@ -0,0 +1,467 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10,11,12} ) +LLVM_MAX_SLOT=17 + +inherit flag-o-matic linux-info llvm pam python-single-r1 systemd tmpfiles + +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris" + +SLOT=$(ver_cut 1) + +MY_PV=${PV/_/} +S="${WORKDIR}/${PN}-${MY_PV}" + +SRC_URI="https://ftp.postgresql.org/pub/source/v${MY_PV}/postgresql-${MY_PV}.tar.bz2" + +LICENSE="POSTGRESQL GPL-2" +DESCRIPTION="PostgreSQL RDBMS" +HOMEPAGE="https://www.postgresql.org/" + +IUSE="debug doc icu kerberos ldap llvm lz4 nls pam perl python +readline + selinux +server systemd ssl static-libs tcl uuid xml zlib zstd" + +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +CDEPEND=" +>=app-eselect/eselect-postgresql-2.0 +acct-group/postgres +acct-user/postgres +sys-apps/less +virtual/libintl +icu? ( dev-libs/icu:= ) +kerberos? ( virtual/krb5 ) +ldap? ( net-nds/openldap:= ) +llvm? ( + <sys-devel/llvm-18:= + <sys-devel/clang-18:= +) +lz4? ( app-arch/lz4 ) +pam? ( sys-libs/pam ) +perl? ( >=dev-lang/perl-5.8:= ) +python? ( ${PYTHON_DEPS} ) +readline? ( sys-libs/readline:0= ) +server? ( systemd? ( sys-apps/systemd ) ) +ssl? ( >=dev-libs/openssl-0.9.6-r1:0= ) +tcl? ( >=dev-lang/tcl-8:0= ) +xml? ( dev-libs/libxml2 dev-libs/libxslt ) +zlib? ( sys-libs/zlib ) +zstd? ( app-arch/zstd ) +" + +# uuid flags -- depend on sys-apps/util-linux for Linux libcs, or if no +# supported libc in use depend on dev-libs/ossp-uuid. For BSD systems, +# the libc includes UUID functions. +UTIL_LINUX_LIBC=( elibc_{glibc,musl} ) + +nest_usedep() { + local front back + while [[ ${#} -gt 1 ]]; do + front+="${1}? ( " + back+=" )" + shift + done + echo "${front}${1}${back}" +} + +CDEPEND+=" +uuid? ( + ${UTIL_LINUX_LIBC[@]/%/? ( sys-apps/util-linux )} + $(nest_usedep ${UTIL_LINUX_LIBC[@]/#/!} dev-libs/ossp-uuid) +)" + +DEPEND="${CDEPEND} +sys-devel/bison +app-alternatives/lex +nls? ( sys-devel/gettext ) +xml? ( virtual/pkgconfig ) +" + +RDEPEND="${CDEPEND} +selinux? ( sec-policy/selinux-postgresql ) +" + +pkg_setup() { + use llvm && llvm_pkg_setup + + use server && CONFIG_CHECK="~SYSVIPC" linux-info_pkg_setup + + use python && python-single-r1_pkg_setup +} + +src_prepare() { + # Set proper run directory + sed "s|\(PGSOCKET_DIR\s\+\)\"/tmp\"|\1\"${EPREFIX}/run/postgresql\"|" \ + -i src/include/pg_config_manual.h || die + + # Rely on $PATH being in the proper order so that the correct + # install program is used for modules utilizing PGXS in both + # hardened and non-hardened environments. (Bug #528786) + sed 's/@install_bin@/install -c/' -i src/Makefile.global.in || die + + use server || eapply "${FILESDIR}/${PN}-15_beta3-no-server.patch" + + if use pam ; then + sed "s/\(#define PGSQL_PAM_SERVICE \"postgresql\)/\1-${SLOT}/" \ + -i src/backend/libpq/auth.c || \ + die 'PGSQL_PAM_SERVICE rename failed.' + fi + + eapply "${FILESDIR}"/postgresql-15-openssl3.2.patch + + eapply_user +} + +src_configure() { + case ${CHOST} in + *-darwin*|*-solaris*) + use nls && append-libs intl + ;; + esac + + export LDFLAGS_SL="${LDFLAGS}" + export LDFLAGS_EX="${LDFLAGS}" + + local PO="${EPREFIX}" + + local i uuid_config="" + if use uuid; then + for i in ${UTIL_LINUX_LIBC[@]}; do + use ${i} && uuid_config="--with-uuid=e2fs" + done + [[ -z $uuid_config ]] && uuid_config="--with-uuid=ossp" + fi + + local myconf="\ + --prefix="${PO}/usr/$(get_libdir)/postgresql-${SLOT}" \ + --datadir="${PO}/usr/share/postgresql-${SLOT}" \ + --includedir="${PO}/usr/include/postgresql-${SLOT}" \ + --mandir="${PO}/usr/share/postgresql-${SLOT}/man" \ + --sysconfdir="${PO}/etc/postgresql-${SLOT}" \ + --with-system-tzdata="${PO}/usr/share/zoneinfo" \ + $(use_enable debug) \ + $(use_with icu) \ + $(use_with kerberos gssapi) \ + $(use_with ldap) \ + $(use_with llvm) \ + $(use_with lz4) \ + $(use_with pam) \ + $(use_with perl) \ + $(use_with python) \ + $(use_with readline) \ + $(use_with ssl openssl) \ + $(usex server "$(use_with systemd)" '--without-systemd') \ + $(use_with tcl) \ + ${uuid_config} \ + $(use_with xml libxml) \ + $(use_with xml libxslt) \ + $(use_with zlib) \ + $(use_with zstd) \ + $(use_enable nls)" + if use alpha; then + myconf+=" --disable-spinlocks" + else + # Should be the default but just in case + myconf+=" --enable-spinlocks" + fi + econf ${myconf} +} + +src_compile() { + emake + emake -C contrib +} + +src_install() { + emake DESTDIR="${D}" install + emake DESTDIR="${D}" install -C contrib + + dodoc README HISTORY + + # man pages are already built, but if we have the target make them, + # they'll be generated from source before being installed so we + # manually install man pages. + # We use ${SLOT} instead of doman for postgresql.eselect + insinto /usr/share/postgresql-${SLOT}/man/ + doins -r doc/src/sgml/man{1,3,7} + if ! use server; then + # Remove man pages for non-existent binaries + serverman=( + initdb + pg_{archivecleanup,controldata,ctl,resetwal,rewind,standby} + pg_{test_{fsync,timing},upgrade,waldump} + post{gres,master} + ) + for m in ${serverman[@]} ; do + rm "${ED}/usr/share/postgresql-${SLOT}/man/man1/${m}.1" + done + fi + docompress /usr/share/postgresql-${SLOT}/man/man{1,3,7} + + # Create slot specific man pages + local bn f mansec slotted_name + for mansec in 1 3 7 ; do + local rel_manpath="../../postgresql-${SLOT}/man/man${mansec}" + + mkdir -p "${ED}"/usr/share/man/man${mansec} || die "making man dir" + pushd "${ED}"/usr/share/man/man${mansec} > /dev/null || die "pushd failed" + + for f in "${ED}/usr/share/postgresql-${SLOT}/man/man${mansec}"/* ; do + bn=$(basename "${f}") + slotted_name=${bn%.${mansec}}${SLOT}.${mansec} + case ${bn} in + TABLE.7|WITH.7) + echo ".so ${rel_manpath}/SELECT.7" > ${slotted_name} + ;; + *) + echo ".so ${rel_manpath}/${bn}" > ${slotted_name} + ;; + esac + done + + popd > /dev/null + done + + insinto /etc/postgresql-${SLOT} + newins src/bin/psql/psqlrc.sample psqlrc + + # Don't delete libpg{port,common}.a (Bug #571046). They're always + # needed by extensions utilizing PGXS. + use static-libs || \ + find "${ED}" -name '*.a' ! -name libpgport.a ! -name libpgcommon.a \ + -delete + + # Make slot specific links to programs + local f bn + for f in $(find "${ED}/usr/$(get_libdir)/postgresql-${SLOT}/bin" \ + -mindepth 1 -maxdepth 1) + do + bn=$(basename "${f}") + dosym "../$(get_libdir)/postgresql-${SLOT}/bin/${bn}" \ + "/usr/bin/${bn}${SLOT/.}" + done + + if use doc ; then + docinto html + dodoc doc/src/sgml/html/* + fi + + if use server; then + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.confd-9.3" | newconfd - ${PN}-${SLOT} + + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.init-9.3-r1" | newinitd - ${PN}-${SLOT} + + if use systemd; then + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.service-9.6-r1" | \ + systemd_newunit - ${PN}-${SLOT}.service + newbin "${FILESDIR}"/${PN}-check-db-dir ${PN}-${SLOT}-check-db-dir + newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}-${SLOT}.conf + fi + + use pam && pamd_mimic system-auth ${PN}-${SLOT} auth account session + + if use prefix ; then + keepdir /run/postgresql + fperms 1775 /run/postgresql + fi + fi +} + +pkg_postinst() { + use server && use systemd && tmpfiles_process ${PN}-${SLOT}.conf + postgresql-config update + + elog "If you need a global psqlrc-file, you can place it in:" + elog " ${EROOT}/etc/postgresql-${SLOT}/" + + if use server ; then + elog + elog "Gentoo specific documentation:" + elog "https://wiki.gentoo.org/wiki/PostgreSQL" + elog + elog "Official documentation:" + elog "https://www.postgresql.org/docs/${SLOT}/static/index.html" + elog + elog "The default location of the Unix-domain socket is:" + elog " ${EROOT}/run/postgresql/" + elog + elog "Before initializing the database, you may want to edit PG_INITDB_OPTS" + elog "so that it contains your preferred locale in:" + elog " ${EROOT}/etc/conf.d/postgresql-${SLOT}" + elog + elog "Then, execute the following command to setup the initial database" + elog "environment:" + elog " emerge --config =${CATEGORY}/${PF}" + + if [[ -n ${REPLACING_VERSIONS} ]] ; then + ewarn "If your system is using 'pg_stat_statements' and you are running a" + ewarn "version of PostgreSQL ${SLOT}, we advise that you execute" + ewarn "the following command after upgrading:" + ewarn + ewarn "ALTER EXTENSION pg_stat_statements UPDATE;" + fi + fi +} + +pkg_prerm() { + if use server && [[ -z ${REPLACED_BY_VERSION} ]] ; then + ewarn "Have you dumped and/or migrated the ${SLOT} database cluster?" + ewarn "\thttps://wiki.gentoo.org/wiki/PostgreSQL/QuickStart#Migrating_PostgreSQL" + + ebegin "Resuming removal in 10 seconds (Control-C to cancel)" + sleep 10 + eend 0 + fi +} + +pkg_postrm() { + postgresql-config update +} + +pkg_config() { + use server || die "USE flag 'server' not enabled. Nothing to configure." + + [[ -f "${EROOT}/etc/conf.d/postgresql-${SLOT}" ]] \ + && source "${EROOT}/etc/conf.d/postgresql-${SLOT}" + [[ -z "${PGDATA}" ]] && PGDATA="${EROOT}/etc/postgresql-${SLOT}/" + [[ -z "${DATA_DIR}" ]] \ + && DATA_DIR="${EROOT}/var/lib/postgresql/${SLOT}/data" + + # environment.bz2 may not contain the same locale as the current system + # locale. Unset and source from the current system locale. + if [ -f "${EROOT}/etc/env.d/02locale" ]; then + unset LANG + unset LC_CTYPE + unset LC_NUMERIC + unset LC_TIME + unset LC_COLLATE + unset LC_MONETARY + unset LC_MESSAGES + unset LC_ALL + source "${EROOT}/etc/env.d/02locale" + [ -n "${LANG}" ] && export LANG + [ -n "${LC_CTYPE}" ] && export LC_CTYPE + [ -n "${LC_NUMERIC}" ] && export LC_NUMERIC + [ -n "${LC_TIME}" ] && export LC_TIME + [ -n "${LC_COLLATE}" ] && export LC_COLLATE + [ -n "${LC_MONETARY}" ] && export LC_MONETARY + [ -n "${LC_MESSAGES}" ] && export LC_MESSAGES + [ -n "${LC_ALL}" ] && export LC_ALL + fi + + einfo "You can modify the paths and options passed to initdb by editing:" + einfo " ${EROOT}/etc/conf.d/postgresql-${SLOT}" + einfo + einfo "Information on options that can be passed to initdb are found at:" + einfo " https://www.postgresql.org/docs/${SLOT}/static/creating-cluster.html" + einfo " https://www.postgresql.org/docs/${SLOT}/static/app-initdb.html" + einfo + einfo "PG_INITDB_OPTS is currently set to:" + if [[ -z "${PG_INITDB_OPTS}" ]] ; then + einfo " (none)" + else + einfo " ${PG_INITDB_OPTS}" + fi + einfo + einfo "Configuration files will be installed to:" + einfo " ${PGDATA}" + einfo + einfo "The database cluster will be created in:" + einfo " ${DATA_DIR}" + einfo + + ebegin "Continuing initialization in 5 seconds (Control-C to cancel)" + sleep 5 + eend 0 + + if [ -n "$(ls -A ${DATA_DIR} 2> /dev/null)" ] ; then + eerror "The given directory, '${DATA_DIR}', is not empty." + eerror "Modify DATA_DIR to point to an empty directory." + die "${DATA_DIR} is not empty." + fi + + einfo "Creating the data directory ..." + if [[ ${EUID} == 0 ]] ; then + mkdir -p "$(dirname ${DATA_DIR%/})" || die "Couldn't parent dirs" + mkdir -m 0700 "${DATA_DIR%/}" || die "Couldn't make DATA_DIR" + chown -h postgres:postgres "${DATA_DIR%/}" || die "Couldn't chown" + fi + + einfo "Initializing the database ..." + + if [[ ${EUID} == 0 ]] ; then + su - postgres -c "${EROOT}/usr/$(get_libdir)/postgresql-${SLOT}/bin/initdb -D \"${DATA_DIR}\" ${PG_INITDB_OPTS}" + else + "${EROOT}"/usr/$(get_libdir)/postgresql-${SLOT}/bin/initdb -U postgres -D "${DATA_DIR}" ${PG_INITDB_OPTS} + fi + + if [[ "${DATA_DIR%/}" != "${PGDATA%/}" ]] ; then + mv "${DATA_DIR%/}"/{pg_{hba,ident},postgresql}.conf "${PGDATA}" + ln -s "${PGDATA%/}"/{pg_{hba,ident},postgresql}.conf "${DATA_DIR%/}" + fi + + # unix_socket_directory has no effect in postgresql.conf as it's + # overridden in the initscript + sed '/^#unix_socket_directories/,+1d' -i "${PGDATA%/}"/postgresql.conf + + cat <<- EOF >> "${PGDATA%/}"/postgresql.conf + # This is here because of https://bugs.gentoo.org/show_bug.cgi?id=518522 + # On the off-chance that you might need to work with UTF-8 encoded + # characters in PL/Perl + plperl.on_init = 'use utf8; use re; package utf8; require "utf8_heavy.pl";' + EOF + + einfo "The autovacuum function, which was in contrib, has been moved to the main" + einfo "PostgreSQL functions starting with 8.1, and starting with 8.4 is now enabled" + einfo "by default. You can disable it in the cluster's:" + einfo " ${PGDATA%/}/postgresql.conf" + einfo + if ! use systemd; then + einfo "The PostgreSQL server, by default, will log events to:" + einfo " ${DATA_DIR%/}/postmaster.log" + einfo + fi + if use prefix ; then + einfo "The location of the configuration files have moved to:" + einfo " ${PGDATA}" + einfo "To start the server:" + einfo " pg_ctl start -D ${DATA_DIR} -o '-D ${PGDATA} --data-directory=${DATA_DIR}'" + einfo "To stop:" + einfo " pg_ctl stop -D ${DATA_DIR}" + einfo + einfo "Or move the configuration files back:" + einfo "mv ${PGDATA}*.conf ${DATA_DIR}" + elif use systemd; then + einfo "You should use the 'postgresql-${SLOT}.service' unit to run PostgreSQL" + einfo "instead of 'pg_ctl'." + else + einfo "You should use the '${EROOT}/etc/init.d/postgresql-${SLOT}' script to run PostgreSQL" + einfo "instead of 'pg_ctl'." + fi +} + +src_test() { + if use server && [[ ${UID} -ne 0 ]] ; then + # Some ICU tests fail if LC_CTYPE and LC_COLLATE aren't the same. We set + # LC_CTYPE to be equal to LC_COLLATE since LC_COLLATE is set by Portage. + local old_ctype=${LC_CTYPE} + export LC_CTYPE=${LC_COLLATE} + emake check + export LC_CTYPE=${old_ctype} + einfo "If you think other tests besides the regression tests are necessary, please" + einfo "submit a bug including a patch for this ebuild to enable them." + else + use server || \ + ewarn 'Tests cannot be run without the "server" use flag enabled.' + [[ ${UID} -eq 0 ]] || \ + ewarn 'Tests cannot be run as root. Enable "userpriv" in FEATURES.' + + ewarn 'Skipping.' + fi +} diff --git a/dev-db/postgresql/postgresql-16.1-r1.ebuild b/dev-db/postgresql/postgresql-16.1-r1.ebuild new file mode 100644 index 000000000000..c563a2a73f9d --- /dev/null +++ b/dev-db/postgresql/postgresql-16.1-r1.ebuild @@ -0,0 +1,468 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10,11,12} ) +LLVM_MAX_SLOT=17 + +inherit flag-o-matic linux-info llvm pam python-single-r1 systemd tmpfiles + +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris" + +SLOT=$(ver_cut 1) + +MY_PV=${PV/_/} +S="${WORKDIR}/${PN}-${MY_PV}" + +SRC_URI="https://ftp.postgresql.org/pub/source/v${MY_PV}/postgresql-${MY_PV}.tar.bz2" + +LICENSE="POSTGRESQL GPL-2" +DESCRIPTION="PostgreSQL RDBMS" +HOMEPAGE="https://www.postgresql.org/" + +IUSE="debug doc +icu kerberos ldap llvm lz4 nls pam perl python + +readline selinux +server systemd ssl static-libs tcl uuid xml + zlib zstd" + +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +CDEPEND=" +>=app-eselect/eselect-postgresql-2.0 +acct-group/postgres +acct-user/postgres +sys-apps/less +virtual/libintl +icu? ( dev-libs/icu:= ) +kerberos? ( app-crypt/mit-krb5 ) +ldap? ( net-nds/openldap:= ) +llvm? ( + <sys-devel/llvm-18:= + <sys-devel/clang-18:= +) +lz4? ( app-arch/lz4 ) +pam? ( sys-libs/pam ) +perl? ( >=dev-lang/perl-5.8:= ) +python? ( ${PYTHON_DEPS} ) +readline? ( sys-libs/readline:0= ) +server? ( systemd? ( sys-apps/systemd ) ) +ssl? ( >=dev-libs/openssl-0.9.6-r1:0= ) +tcl? ( >=dev-lang/tcl-8:0= ) +xml? ( dev-libs/libxml2 dev-libs/libxslt ) +zlib? ( sys-libs/zlib ) +zstd? ( app-arch/zstd ) +" + +# uuid flags -- depend on sys-apps/util-linux for Linux libcs, or if no +# supported libc in use depend on dev-libs/ossp-uuid. For BSD systems, +# the libc includes UUID functions. +UTIL_LINUX_LIBC=( elibc_{glibc,musl} ) + +nest_usedep() { + local front back + while [[ ${#} -gt 1 ]]; do + front+="${1}? ( " + back+=" )" + shift + done + echo "${front}${1}${back}" +} + +CDEPEND+=" +uuid? ( + ${UTIL_LINUX_LIBC[@]/%/? ( sys-apps/util-linux )} + $(nest_usedep ${UTIL_LINUX_LIBC[@]/#/!} dev-libs/ossp-uuid) +)" + +DEPEND="${CDEPEND} +sys-devel/bison +app-alternatives/lex +nls? ( sys-devel/gettext ) +xml? ( virtual/pkgconfig ) +" + +RDEPEND="${CDEPEND} +selinux? ( sec-policy/selinux-postgresql ) +" + +pkg_setup() { + use llvm && llvm_pkg_setup + + use server && CONFIG_CHECK="~SYSVIPC" linux-info_pkg_setup + + use python && python-single-r1_pkg_setup +} + +src_prepare() { + # Set proper run directory + sed "s|\(PGSOCKET_DIR\s\+\)\"/tmp\"|\1\"${EPREFIX}/run/postgresql\"|" \ + -i src/include/pg_config_manual.h || die + + # Rely on $PATH being in the proper order so that the correct + # install program is used for modules utilizing PGXS in both + # hardened and non-hardened environments. (Bug #528786) + sed 's/@install_bin@/install -c/' -i src/Makefile.global.in || die + + use server || eapply "${FILESDIR}/${PN}-15_beta3-no-server.patch" + + if use pam ; then + sed "s/\(#define PGSQL_PAM_SERVICE \"postgresql\)/\1-${SLOT}/" \ + -i src/backend/libpq/auth.c || \ + die 'PGSQL_PAM_SERVICE rename failed.' + fi + + eapply "${FILESDIR}"/postgresql-16-openssl3.2.patch + + eapply_user +} + +src_configure() { + case ${CHOST} in + *-darwin*|*-solaris*) + use nls && append-libs intl + ;; + esac + + export LDFLAGS_SL="${LDFLAGS}" + export LDFLAGS_EX="${LDFLAGS}" + + local PO="${EPREFIX}" + + local i uuid_config="" + if use uuid; then + for i in ${UTIL_LINUX_LIBC[@]}; do + use ${i} && uuid_config="--with-uuid=e2fs" + done + [[ -z $uuid_config ]] && uuid_config="--with-uuid=ossp" + fi + + local myconf="\ + --prefix="${PO}/usr/$(get_libdir)/postgresql-${SLOT}" \ + --datadir="${PO}/usr/share/postgresql-${SLOT}" \ + --includedir="${PO}/usr/include/postgresql-${SLOT}" \ + --mandir="${PO}/usr/share/postgresql-${SLOT}/man" \ + --sysconfdir="${PO}/etc/postgresql-${SLOT}" \ + --with-system-tzdata="${PO}/usr/share/zoneinfo" \ + $(use_enable debug) \ + $(use_with icu) \ + $(use_with kerberos gssapi) \ + $(use_with ldap) \ + $(use_with llvm) \ + $(use_with lz4) \ + $(use_with pam) \ + $(use_with perl) \ + $(use_with python) \ + $(use_with readline) \ + $(use_with ssl openssl) \ + $(usex server "$(use_with systemd)" '--without-systemd') \ + $(use_with tcl) \ + ${uuid_config} \ + $(use_with xml libxml) \ + $(use_with xml libxslt) \ + $(use_with zlib) \ + $(use_with zstd) \ + $(use_enable nls)" + if use alpha; then + myconf+=" --disable-spinlocks" + else + # Should be the default but just in case + myconf+=" --enable-spinlocks" + fi + econf ${myconf} +} + +src_compile() { + emake + emake -C contrib +} + +src_install() { + emake DESTDIR="${D}" install + emake DESTDIR="${D}" install -C contrib + + dodoc README HISTORY + + # man pages are already built, but if we have the target make them, + # they'll be generated from source before being installed so we + # manually install man pages. + # We use ${SLOT} instead of doman for postgresql.eselect + insinto /usr/share/postgresql-${SLOT}/man/ + doins -r doc/src/sgml/man{1,3,7} + if ! use server; then + # Remove man pages for non-existent binaries + serverman=( + initdb + pg_{archivecleanup,controldata,ctl,resetwal,rewind,standby} + pg_{test_{fsync,timing},upgrade,waldump} + post{gres,master} + ) + for m in ${serverman[@]} ; do + rm "${ED}/usr/share/postgresql-${SLOT}/man/man1/${m}.1" + done + fi + docompress /usr/share/postgresql-${SLOT}/man/man{1,3,7} + + # Create slot specific man pages + local bn f mansec slotted_name + for mansec in 1 3 7 ; do + local rel_manpath="../../postgresql-${SLOT}/man/man${mansec}" + + mkdir -p "${ED}"/usr/share/man/man${mansec} || die "making man dir" + pushd "${ED}"/usr/share/man/man${mansec} > /dev/null || die "pushd failed" + + for f in "${ED}/usr/share/postgresql-${SLOT}/man/man${mansec}"/* ; do + bn=$(basename "${f}") + slotted_name=${bn%.${mansec}}${SLOT}.${mansec} + case ${bn} in + TABLE.7|WITH.7) + echo ".so ${rel_manpath}/SELECT.7" > ${slotted_name} + ;; + *) + echo ".so ${rel_manpath}/${bn}" > ${slotted_name} + ;; + esac + done + + popd > /dev/null + done + + insinto /etc/postgresql-${SLOT} + newins src/bin/psql/psqlrc.sample psqlrc + + # Don't delete libpg{port,common}.a (Bug #571046). They're always + # needed by extensions utilizing PGXS. + use static-libs || \ + find "${ED}" -name '*.a' ! -name libpgport.a ! -name libpgcommon.a \ + -delete + + # Make slot specific links to programs + local f bn + for f in $(find "${ED}/usr/$(get_libdir)/postgresql-${SLOT}/bin" \ + -mindepth 1 -maxdepth 1) + do + bn=$(basename "${f}") + dosym "../$(get_libdir)/postgresql-${SLOT}/bin/${bn}" \ + "/usr/bin/${bn}${SLOT/.}" + done + + if use doc ; then + docinto html + dodoc doc/src/sgml/html/* + fi + + if use server; then + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.confd-9.3" | newconfd - ${PN}-${SLOT} + + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.init-9.3-r1" | newinitd - ${PN}-${SLOT} + + if use systemd; then + sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \ + "${FILESDIR}/${PN}.service-9.6-r1" | \ + systemd_newunit - ${PN}-${SLOT}.service + newbin "${FILESDIR}"/${PN}-check-db-dir ${PN}-${SLOT}-check-db-dir + newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}-${SLOT}.conf + fi + + use pam && pamd_mimic system-auth ${PN}-${SLOT} auth account session + + if use prefix ; then + keepdir /run/postgresql + fperms 1775 /run/postgresql + fi + fi +} + +pkg_postinst() { + use server && use systemd && tmpfiles_process ${PN}-${SLOT}.conf + postgresql-config update + + elog "If you need a global psqlrc-file, you can place it in:" + elog " ${EROOT}/etc/postgresql-${SLOT}/" + + if use server ; then + elog + elog "Gentoo specific documentation:" + elog "https://wiki.gentoo.org/wiki/PostgreSQL" + elog + elog "Official documentation:" + elog "https://www.postgresql.org/docs/${SLOT}/static/index.html" + elog + elog "The default location of the Unix-domain socket is:" + elog " ${EROOT}/run/postgresql/" + elog + elog "Before initializing the database, you may want to edit PG_INITDB_OPTS" + elog "so that it contains your preferred locale in:" + elog " ${EROOT}/etc/conf.d/postgresql-${SLOT}" + elog + elog "Then, execute the following command to setup the initial database" + elog "environment:" + elog " emerge --config =${CATEGORY}/${PF}" + + if [[ -n ${REPLACING_VERSIONS} ]] ; then + ewarn "If your system is using 'pg_stat_statements' and you are running a" + ewarn "version of PostgreSQL ${SLOT}, we advise that you execute" + ewarn "the following command after upgrading:" + ewarn + ewarn "ALTER EXTENSION pg_stat_statements UPDATE;" + fi + fi +} + +pkg_prerm() { + if use server && [[ -z ${REPLACED_BY_VERSION} ]] ; then + ewarn "Have you dumped and/or migrated the ${SLOT} database cluster?" + ewarn "\thttps://wiki.gentoo.org/wiki/PostgreSQL/QuickStart#Migrating_PostgreSQL" + + ebegin "Resuming removal in 10 seconds (Control-C to cancel)" + sleep 10 + eend 0 + fi +} + +pkg_postrm() { + postgresql-config update +} + +pkg_config() { + use server || die "USE flag 'server' not enabled. Nothing to configure." + + [[ -f "${EROOT}/etc/conf.d/postgresql-${SLOT}" ]] \ + && source "${EROOT}/etc/conf.d/postgresql-${SLOT}" + [[ -z "${PGDATA}" ]] && PGDATA="${EROOT}/etc/postgresql-${SLOT}/" + [[ -z "${DATA_DIR}" ]] \ + && DATA_DIR="${EROOT}/var/lib/postgresql/${SLOT}/data" + + # environment.bz2 may not contain the same locale as the current system + # locale. Unset and source from the current system locale. + if [ -f "${EROOT}/etc/env.d/02locale" ]; then + unset LANG + unset LC_CTYPE + unset LC_NUMERIC + unset LC_TIME + unset LC_COLLATE + unset LC_MONETARY + unset LC_MESSAGES + unset LC_ALL + source "${EROOT}/etc/env.d/02locale" + [ -n "${LANG}" ] && export LANG + [ -n "${LC_CTYPE}" ] && export LC_CTYPE + [ -n "${LC_NUMERIC}" ] && export LC_NUMERIC + [ -n "${LC_TIME}" ] && export LC_TIME + [ -n "${LC_COLLATE}" ] && export LC_COLLATE + [ -n "${LC_MONETARY}" ] && export LC_MONETARY + [ -n "${LC_MESSAGES}" ] && export LC_MESSAGES + [ -n "${LC_ALL}" ] && export LC_ALL + fi + + einfo "You can modify the paths and options passed to initdb by editing:" + einfo " ${EROOT}/etc/conf.d/postgresql-${SLOT}" + einfo + einfo "Information on options that can be passed to initdb are found at:" + einfo " https://www.postgresql.org/docs/${SLOT}/static/creating-cluster.html" + einfo " https://www.postgresql.org/docs/${SLOT}/static/app-initdb.html" + einfo + einfo "PG_INITDB_OPTS is currently set to:" + if [[ -z "${PG_INITDB_OPTS}" ]] ; then + einfo " (none)" + else + einfo " ${PG_INITDB_OPTS}" + fi + einfo + einfo "Configuration files will be installed to:" + einfo " ${PGDATA}" + einfo + einfo "The database cluster will be created in:" + einfo " ${DATA_DIR}" + einfo + + ebegin "Continuing initialization in 5 seconds (Control-C to cancel)" + sleep 5 + eend 0 + + if [ -n "$(ls -A ${DATA_DIR} 2> /dev/null)" ] ; then + eerror "The given directory, '${DATA_DIR}', is not empty." + eerror "Modify DATA_DIR to point to an empty directory." + die "${DATA_DIR} is not empty." + fi + + einfo "Creating the data directory ..." + if [[ ${EUID} == 0 ]] ; then + mkdir -p "$(dirname ${DATA_DIR%/})" || die "Couldn't parent dirs" + mkdir -m 0700 "${DATA_DIR%/}" || die "Couldn't make DATA_DIR" + chown -h postgres:postgres "${DATA_DIR%/}" || die "Couldn't chown" + fi + + einfo "Initializing the database ..." + + if [[ ${EUID} == 0 ]] ; then + su - postgres -c "${EROOT}/usr/$(get_libdir)/postgresql-${SLOT}/bin/initdb -D \"${DATA_DIR}\" ${PG_INITDB_OPTS}" + else + "${EROOT}"/usr/$(get_libdir)/postgresql-${SLOT}/bin/initdb -U postgres -D "${DATA_DIR}" ${PG_INITDB_OPTS} + fi + + if [[ "${DATA_DIR%/}" != "${PGDATA%/}" ]] ; then + mv "${DATA_DIR%/}"/{pg_{hba,ident},postgresql}.conf "${PGDATA}" + ln -s "${PGDATA%/}"/{pg_{hba,ident},postgresql}.conf "${DATA_DIR%/}" + fi + + # unix_socket_directory has no effect in postgresql.conf as it's + # overridden in the initscript + sed '/^#unix_socket_directories/,+1d' -i "${PGDATA%/}"/postgresql.conf + + cat <<- EOF >> "${PGDATA%/}"/postgresql.conf + # This is here because of https://bugs.gentoo.org/show_bug.cgi?id=518522 + # On the off-chance that you might need to work with UTF-8 encoded + # characters in PL/Perl + plperl.on_init = 'use utf8; use re; package utf8; require "utf8_heavy.pl";' + EOF + + einfo "The autovacuum function, which was in contrib, has been moved to the main" + einfo "PostgreSQL functions starting with 8.1, and starting with 8.4 is now enabled" + einfo "by default. You can disable it in the cluster's:" + einfo " ${PGDATA%/}/postgresql.conf" + einfo + if ! use systemd; then + einfo "The PostgreSQL server, by default, will log events to:" + einfo " ${DATA_DIR%/}/postmaster.log" + einfo + fi + if use prefix ; then + einfo "The location of the configuration files have moved to:" + einfo " ${PGDATA}" + einfo "To start the server:" + einfo " pg_ctl start -D ${DATA_DIR} -o '-D ${PGDATA} --data-directory=${DATA_DIR}'" + einfo "To stop:" + einfo " pg_ctl stop -D ${DATA_DIR}" + einfo + einfo "Or move the configuration files back:" + einfo "mv ${PGDATA}*.conf ${DATA_DIR}" + elif use systemd; then + einfo "You should use the 'postgresql-${SLOT}.service' unit to run PostgreSQL" + einfo "instead of 'pg_ctl'." + else + einfo "You should use the '${EROOT}/etc/init.d/postgresql-${SLOT}' script to run PostgreSQL" + einfo "instead of 'pg_ctl'." + fi +} + +src_test() { + if use server && [[ ${UID} -ne 0 ]] ; then + # Some ICU tests fail if LC_CTYPE and LC_COLLATE aren't the same. We set + # LC_CTYPE to be equal to LC_COLLATE since LC_COLLATE is set by Portage. + local old_ctype=${LC_CTYPE} + export LC_CTYPE=${LC_COLLATE} + emake check + export LC_CTYPE=${old_ctype} + einfo "If you think other tests besides the regression tests are necessary, please" + einfo "submit a bug including a patch for this ebuild to enable them." + else + use server || \ + ewarn 'Tests cannot be run without the "server" use flag enabled.' + [[ ${UID} -eq 0 ]] || \ + ewarn 'Tests cannot be run as root. Enable "userpriv" in FEATURES.' + + ewarn 'Skipping.' + fi +} |