On 09/15/2016 07:41 PM, Tom Lane wrote:
Heikki Linnakangas <heikki.linnakan...@iki.fi> writes:
Support OpenSSL 1.1.0.


Buildfarm member curculio doesn't like this patch.  I suspect the reason
is it's got some slightly-too-old version of OpenSSL, but if so, we ought
to try to fix configure's probe so the problem gets reported at configure
time, not somewhere down in the build.

Mikael, what openssl version is on that box exactly?  (And could you
fix it to start building the 9.6 branch?)

Hmm, that's odd:

be-secure-openssl.c: In function 'my_BIO_s_socket':
be-secure-openssl.c:732: warning: implicit declaration of function 
'BIO_get_new_index'
be-secure-openssl.c:735: warning: implicit declaration of function 
'BIO_meth_new'
be-secure-openssl.c:735: warning: assignment makes pointer from integer without 
a cast
> ...

It looks it's taking the OpenSSL 1.1.0 codepath:

#if OPENSSL_VERSION_NUMBER >= 0x10100000L
                int                     my_bio_index;

                my_bio_index = BIO_get_new_index();
                if (my_bio_index == -1)
                        return NULL;
> ...

Wild guess: curculio is building with LibreSSL, which claims to be OpenSSL >= 1.1.0, but it doesn't actually implement all the functions that OpenSSL 1.1.0 does.

Looks like we need some more autoconf scripting to detect LibreSSL. Or switch to detecting the existence of individual functions, rather than checking the version number. That would be more autoconf-like anyway.

- Heikki



--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to