From: | Andreas Karlsson <andreas(at)proxel(dot)se> |
---|---|
To: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, Victor Wagner <vitus(at)wagner(dot)pp(dot)ru>, pgsql-hackers(at)postgresql(dot)org, Christoph Berg <myon(at)debian(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Subject: | Re: OpenSSL 1.1 breaks configure and more |
Date: | 2016-09-15 00:16:27 |
Message-ID: | 523b201d-7cc8-bc8c-1d2b-d713ba82d99c@proxel.se |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 09/15/2016 02:03 AM, Andreas Karlsson wrote:
> On 09/12/2016 06:51 PM, Heikki Linnakangas wrote:
>> Changes since last version:
>>
>> * Added more error checks to the my_BIO_s_socket() function. Check for
>> NULL result from malloc(). Check the return code of BIO_meth_set_*()
>> functions; looking at OpenSSL sources, they always succeed, but all the
>> test/example programs that come with OpenSSL do check them.
>>
>> * Use BIO_get_new_index() to get the index number for the wrapper BIO.
>>
>> * Also call BIO_meth_set_puts(). It was missing in previous patch
>> versions.
>>
>> * Fixed src/test/ssl test suite to also work with OpenSSL 1.1.0.
>>
>> * Changed all references (in existing code) to SSLEAY_VERSION_NUMBER
>> into OPENSSL_VERSION_NUMBER, for consistency.
>>
>> * Squashed all into one patch.
>>
>> I intend to apply this to all supported branches, so please have a look!
>> This is now against REL9_6_STABLE, but there should be little difference
>> between branches in the code that this touches.
>
> This patch no longer seems to apply to head after the removed support of
> 0.9.6. Is that intentional?
Never mind. I just failed at reading.
Now for a review:
It looks generally good but I think I saw one error. In
fe-secure-openssl.c your code still calls SSL_library_init() in OpenSSL
1.1. I think it should be enough to just call
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL) like you do in be-secure.
Andreas
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Eisentraut | 2016-09-15 00:26:37 | Re: pg_basebackup wish list |
Previous Message | Andreas Karlsson | 2016-09-15 00:03:03 | Re: OpenSSL 1.1 breaks configure and more |