Re: Remove deprecation warnings when compiling PG ~13 with OpenSSL 3.0~

On Thu, Jun 22, 2023 at 08:08:54PM +0200, Peter Eisentraut wrote:
> The message linked to above also says:
>
>> I'm not sure. I don't have a good sense of what OpenSSL versions we
>> claim to support in branches older than PG13. We made a conscious
>> decision for 1.0.1 in PG13, but I seem to recall that that discussion
>> also revealed that the version assumptions before that were quite
>> inconsistent. Code in PG12 and before makes references to OpenSSL as
>> old as 0.9.6. But OpenSSL 3.0.0 will reject a compat level older than
>> 0.9.8.

Well, I highly doubt that anybody has tried to compile Postgres 12
with OpenSSL 0.9.7 for a few years. If they attempt to do so, the
compilation fails:
<command-line>: note: this is the location of the previous definition
In file included from ../../src/include/common/scram-common.h:16,
from scram-common.c:23:
../../src/include/common/sha2.h:73:9: error: unknown type name ‘SHA256_CTX’
73 | typedef SHA256_CTX pg_sha256_ctx;

One reason is that SHA256_CTX is defined in OpenSSL 0.9.8
crypto/sha/sha.h, but this exists only in fips-1.0 in OpenSSL 0.9.7,
while we rely on SHA256_CTX in src/common/ since SCRAM exists.

Also, note that the documentation claims that the minimum version of
OpenSSL supported is 0.9.8, which is something that commit 9b7cd59 has
done, impacting Postgres 10~. So your argument looks incorrect to me?

Honestly, I see no reason to not move on with this and remove these
deprecation warnings as proposed by the last patches sent. (I have
run builds with 0.9.8, FWIW.)
--
Michael