Re: [HACKERS] [COMMITTERS] pgsql: Support OpenSSL 1.1.0.
On 09/15/2016 07:51 PM, Heikki Linnakangas wrote: Wild guess: curculio is building with LibreSSL, which claims to be OpenSSL >= 1.1.0, but it doesn't actually implement all the functions that OpenSSL 1.1.0 does. Looks like we need some more autoconf scripting to detect LibreSSL. Or switch to detecting the existence of individual functions, rather than checking the version number. That would be more autoconf-like anyway. I downloaded LibreSSL and I'm getting similar errors on my laptop. So yes, that seems to be the problem. LibreSSL defines: /* These will change with each release of LibreSSL-portable */ #define LIBRESSL_VERSION_NUMBER 0x2040200fL #define LIBRESSL_VERSION_TEXT "LibreSSL 2.4.2" /* These will never change */ #define OPENSSL_VERSION_NUMBER 0x2000L #define OPENSSL_VERSION_TEXTLIBRESSL_VERSION_TEXT #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT I'm going to replace the OPENSSL_VERSION_NUMBER #ifdefs with autoconf AC_CHECK_FUNCS checks for the actual functions we need. - Heikki -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] [COMMITTERS] pgsql: Support OpenSSL 1.1.0.
On 09/15/2016 07:41 PM, Tom Lane wrote: Heikki Linnakangas writes: Support OpenSSL 1.1.0. Buildfarm member curculio doesn't like this patch. I suspect the reason is it's got some slightly-too-old version of OpenSSL, but if so, we ought to try to fix configure's probe so the problem gets reported at configure time, not somewhere down in the build. Mikael, what openssl version is on that box exactly? (And could you fix it to start building the 9.6 branch?) Hmm, that's odd: be-secure-openssl.c: In function 'my_BIO_s_socket': be-secure-openssl.c:732: warning: implicit declaration of function 'BIO_get_new_index' be-secure-openssl.c:735: warning: implicit declaration of function 'BIO_meth_new' be-secure-openssl.c:735: warning: assignment makes pointer from integer without a cast > ... It looks it's taking the OpenSSL 1.1.0 codepath: #if OPENSSL_VERSION_NUMBER >= 0x1010L int my_bio_index; my_bio_index = BIO_get_new_index(); if (my_bio_index == -1) return NULL; > ... Wild guess: curculio is building with LibreSSL, which claims to be OpenSSL >= 1.1.0, but it doesn't actually implement all the functions that OpenSSL 1.1.0 does. Looks like we need some more autoconf scripting to detect LibreSSL. Or switch to detecting the existence of individual functions, rather than checking the version number. That would be more autoconf-like anyway. - Heikki -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] [COMMITTERS] pgsql: Support OpenSSL 1.1.0.
Heikki Linnakangas writes: > Support OpenSSL 1.1.0. Buildfarm member curculio doesn't like this patch. I suspect the reason is it's got some slightly-too-old version of OpenSSL, but if so, we ought to try to fix configure's probe so the problem gets reported at configure time, not somewhere down in the build. Mikael, what openssl version is on that box exactly? (And could you fix it to start building the 9.6 branch?) regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
