Thread: pgsql: Only provide openssl_tls_init_hook if building with openssl

Only provide openssl_tls_init_hook if building with openssl

This should have been protected by #ifdef USE_OPENSSL in commit
896fcdb230.

Per the real complaint this time from Daniel Gustafsson.

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/f342d7ad03e61a1cea0339cf0c5aea0d01c3b43e

Modified Files
--------------
src/include/libpq/libpq-be.h | 2 ++
1 file changed, 2 insertions(+)

Andrew Dunstan <andrew@dunslane.net> writes:
> Only provide openssl_tls_init_hook if building with openssl

One or the other of these patches broke building without --with-openssl:

fe-secure.c:435: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'PQgetSSLKeyPassHook'
fe-secure.c:441: error: expected ')' before 'hook'
fe-secure.c:447: warning: no previous prototype for 'PQdefaultSSLKeyPassHook'
make[3]: *** [fe-secure.o] Error 1

            regards, tom lane

> On 17 Apr 2020, at 22:32, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>
> Andrew Dunstan <andrew@dunslane.net> writes:
>> Only provide openssl_tls_init_hook if building with openssl
>
> One or the other of these patches broke building without --with-openssl:
>
> fe-secure.c:435: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'PQgetSSLKeyPassHook'
> fe-secure.c:441: error: expected ')' before 'hook'
> fe-secure.c:447: warning: no previous prototype for 'PQdefaultSSLKeyPassHook'
> make[3]: *** [fe-secure.o] Error 1

fe-secure.c provides dummy implementations for non-SSL builds, and have a dummy
PQsslKeyPassHook_type implementation there.  So either the dummy needs to be
removed if we want this hook OpenSSL specific as well, or the USE_OPENSSL
guards from 9e24109f1a4e4d8d1d keeping them only for openssl_tls_init_hook.

cheers ./daniel

On 4/17/20 4:32 PM, Tom Lane wrote:
> Andrew Dunstan <andrew@dunslane.net> writes:
>> Only provide openssl_tls_init_hook if building with openssl
> One or the other of these patches broke building without --with-openssl:
>
> fe-secure.c:435: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'PQgetSSLKeyPassHook'
> fe-secure.c:441: error: expected ')' before 'hook'
> fe-secure.c:447: warning: no previous prototype for 'PQdefaultSSLKeyPassHook'
> make[3]: *** [fe-secure.o] Error 1
>
>             



I am not batting 1000 today. Apologies to all.


Looks like the libpq change should be reverted. I'll double check.


cheers


andrew


-- 
Andrew Dunstan                https://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

On Fri, Apr 17, 2020 at 10:43:11PM +0200, Daniel Gustafsson wrote:
> fe-secure.c provides dummy implementations for non-SSL builds, and have a dummy
> PQsslKeyPassHook_type implementation there.  So either the dummy needs to be
> removed if we want this hook OpenSSL specific as well, or the USE_OPENSSL
> guards from 9e24109f1a4e4d8d1d keeping them only for openssl_tls_init_hook.

I was just looking at the git history and bumped into this thread.  I
think Andrew got it right to revert 9e24109 with 6741cfa: these
routines should be declared and return dummy results for non-SSL
builds or applications are going to have a hard time maintaining
compatibility with libpq depending on what they link to if they get to
call those SSL new routines.

PS: Thanks for f342d7a.
--
Michael