Home > mailing lists

Re: OpenSSL 1.1 breaks configure and more - Mailing list pgsql-hackers

From	Victor Wagner
Subject	Re: OpenSSL 1.1 breaks configure and more
Date	July 5, 2016 12:14:07
Msg-id	20160705121347.5c5c702f@fafnir.local.vm Whole thread Raw
In response to	Re: OpenSSL 1.1 breaks configure and more (Andreas Karlsson <andreas@proxel.se>)
Responses	Re: OpenSSL 1.1 breaks configure and more (Andreas Karlsson <andreas@proxel.se>)
List	pgsql-hackers

Tree view

On Fri, 1 Jul 2016 02:27:03 +0200
Andreas Karlsson <andreas@proxel.se> wrote:

> 0003-Remove-OpenSSL-1.1-deprecation-warnings.patch
> 
> Silence all warnings. This commit changes more things and is not 
> necessary for getting PostgreSQL to build against 1.1.

This patch breaks feature, which exists in PostgreSQL since 8.2 -
support for SSL ciphers, provided by loadable modules such as Russian
national standard (GOST) algorithms, and support for cryptographic
hardware tokens (which are also supported by loadble modules called
engines in OpenSSL).

Call for OPENSSL_config was added to PostgreSQL for this purpose - it
loads default OpenSSL configuration file, where such things as crypto
hardware modules can be configured.

If we wish to keep this functionality, we need to explicitely call

OPENSSL_init_ssl(INIT_LOAD_CONFIG,NULL) instead of deprecated
OPENSSL_config in 1.1.0

pgsql-hackers by date:

From: Kyotaro HORIGUCHI
Date: 05 July 2016, 12:02:21
Subject: Re: [CF2016-9] Allow spaces in working path on tap-tests

From: Andreas 'ads' Scherbaum
Date: 05 July 2016, 12:16:20
Subject: Re: to_date_valid()

Re: OpenSSL 1.1 breaks configure and more - Mailing list pgsql-hackers

Previous

Next