On 08/29/2016 08:22 PM, Heikki Linnakangas wrote:
On 08/27/2016 05:15 PM, Peter Eisentraut wrote:
On 8/26/16 9:26 PM, Andreas Karlsson wrote:
I have attached a patch which removes the < 0.9.8 compatibility code.
Should we also add a version check to configure? We do not have any such
I think that is not necessary.
I was going to change the configure test to check for a different
function that we use, that's only present in 0.9.8 and later. But the
only such functions were related to ECDH, and the use of those functions
is inside "#ifndef OPENSSL_NO_ECDH", so they're not suitable for the
autoconf test. So I gave up. If you try to build with 0.9.7, you'll get
compilation errors because of those ECDH symbols, and with 0.9.6,
probably on some other symbols.
Pushed with some small doc fixes, thanks Andreas! I'll continue
reviewing the rest of the patches.
Buildfarm animals "locust" and "prairiedog" are not happy with this.
They seem to be using OpenSSL 0.9.7, as they failed with errors related
to those ECDH calls:
be-secure-openssl.c: In function 'initialize_ecdh':
be-secure-openssl.c:978: error: 'EC_KEY' undeclared (first use in this
be-secure-openssl.c:978: error: (Each undeclared identifier is reported
be-secure-openssl.c:978: error: for each function it appears in.)
be-secure-openssl.c:978: error: 'ecdh' undeclared (first use in this
be-secure-openssl.c:979: warning: ISO C90 forbids mixed declarations and
be-secure-openssl.c:986: warning: implicit declaration of function
be-secure-openssl.c:991: error: 'SSL_OP_SINGLE_ECDH_USE' undeclared
(first use in this function)
be-secure-openssl.c:992: warning: implicit declaration of function
be-secure-openssl.c:993: warning: implicit declaration of function
I only now noticed that Tom said upthread that he still has a buildfarm
critter using 0.9.7 (that's prairiedog). Sorry for the breakage.
It would be easy to put the version check back to still support 0.9.7,
most of the changes in this commit was thanks to removing support for
0.9.6. But that'd complicate the upcoming 1.1.0 support patch slightly,
so let's stick to the plan and drop the support for <= 0.9.7
Tom, Rémi, can you fix locust and prairiedog, please, by updating
OpenSSL or removing --with-openssl?
Sent via pgsql-hackers mailing list (firstname.lastname@example.org)
To make changes to your subscription: