pgsql: Make detection of SSL_CTX_set_min_proto_version more portable

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

pgsql: Make detection of SSL_CTX_set_min_proto_version more portable

Peter Eisentraut-2
Make detection of SSL_CTX_set_min_proto_version more portable

As already explained in configure.in, using the OpenSSL version number
to detect presence of functions doesn't work, because LibreSSL reports
incompatible version numbers.  Fortunately, the functions we need here
are actually macros, so we can just test for them directly.

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/ea8bc349bd1d92a882d636b535723b36366d9fbe

Modified Files
--------------
src/backend/libpq/be-secure-openssl.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

Reply | Threaded
Open this post in threaded view
|

Re: pgsql: Make detection of SSL_CTX_set_min_proto_version more portable

Thomas Munro-3
On Wed, Nov 21, 2018 at 11:02 AM Peter Eisentraut <[hidden email]> wrote:
>
> Make detection of SSL_CTX_set_min_proto_version more portable
>
> As already explained in configure.in, using the OpenSSL version number
> to detect presence of functions doesn't work, because LibreSSL reports
> incompatible version numbers.  Fortunately, the functions we need here
> are actually macros, so we can just test for them directly.

curculio says:

libpq/be-secure-openssl.o: In function `be_tls_init':
/home/pgbf/buildroot/HEAD/pgsql.build/src/backend/libpq/be-secure-openssl.c:197:
undefined reference to `SSL_CTX_set_max_proto_version'
/home/pgbf/buildroot/HEAD/pgsql.build/src/backend/libpq/be-secure-openssl.c:193:
undefined reference to `SSL_CTX_set_min_proto_version'

--
Thomas Munro
http://www.enterprisedb.com