From: | Andreas Karlsson <andreas(at)proxel(dot)se> |
---|---|
To: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
Cc: | Christoph Berg <myon(at)debian(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: OpenSSL 1.1 breaks configure and more |
Date: | 2016-07-02 00:45:04 |
Message-ID: | bf2fa47e-3cce-37be-58f5-2243b77e13ab@proxel.se |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 07/02/2016 02:28 AM, Alvaro Herrera wrote:
>> static BIO_METHOD *
>> my_BIO_s_socket(void)
>> {
>> - if (!my_bio_initialized)
>> + if (!my_bio_methods)
>> {
>> - memcpy(&my_bio_methods, BIO_s_socket(), sizeof(BIO_METHOD));
>> - my_bio_methods.bread = my_sock_read;
>> - my_bio_methods.bwrite = my_sock_write;
>> - my_bio_initialized = true;
>> + BIO_METHOD *biom = (BIO_METHOD *) BIO_s_socket();
>> +#if SSLEAY_VERSION_NUMBER >= 0x10100000L
>> + my_bio_methods = BIO_meth_new(BIO_TYPE_SOCKET, "pgsocket");
>> + BIO_meth_set_write(my_bio_methods, my_sock_write);
>> + BIO_meth_set_read(my_bio_methods, my_sock_read);
>> + BIO_meth_set_gets(my_bio_methods, BIO_meth_get_gets(biom));
>> + BIO_meth_set_ctrl(my_bio_methods, BIO_meth_get_ctrl(biom));
>> + BIO_meth_set_create(my_bio_methods, BIO_meth_get_create(biom));
>> + BIO_meth_set_destroy(my_bio_methods, BIO_meth_get_destroy(biom));
>> + BIO_meth_set_callback_ctrl(my_bio_methods, BIO_meth_get_callback_ctrl(biom));
>> +#else
>> + my_bio_methods = malloc(sizeof(BIO_METHOD));
>> + memcpy(my_bio_methods, biom, sizeof(BIO_METHOD));
>> + my_bio_methods->bread = my_sock_read;
>> + my_bio_methods->bwrite = my_sock_write;
>> +#endif
>
> Generally, version number tests sprinkled all over the place are not
> terribly nice. I think it would be better to get configure to define a
> symbol like HAVE_BIO_METH_NEW. Not sure about the other hunks in this
> patch; perhaps HAVE_BIO_SET_DATA, and #define both those macros if not.
Agreed, that it is not nice. I followed what the previous code did, but
I do not like the inflation of this kind of #ifs with my OpenSSL 1.1
patches. I will try to see if I can figure out some good symbols.
Essentially the API changes which require ifdefs are:
- Opaque struts (we see an example above with the BIO struct)
- Renaming of RAND_SSLeay()
- Deprecation of DH_generate_parameters()
- Automatic initialization
- Automatic handling of threading
I do not like the idea of having a define per struct they have made
opaque in 1.1, but I think one define for all structs could be fine
(something like HAVE_OPENSSL_OPAQUE_STRUCTS). What do you think?
Andreas
From | Date | Subject | |
---|---|---|---|
Next Message | Andreas Karlsson | 2016-07-02 00:50:43 | Re: OpenSSL 1.1 breaks configure and more |
Previous Message | Alvaro Herrera | 2016-07-02 00:28:46 | Re: OpenSSL 1.1 breaks configure and more |