From: | Christoph Berg <christoph(dot)berg(at)credativ(dot)de> |
---|---|
To: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
Cc: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Andres Freund <andres(at)anarazel(dot)de>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Use EVP API pgcrypto encryption, dropping support for OpenSSL 0.9.6 and older |
Date: | 2016-12-08 15:51:34 |
Message-ID: | 20161208155133.2dnvjtgb5dcg2cjb@msg.df7cb.de |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Re: Heikki Linnakangas 2016-10-17 <07ebd878-ff09-72d5-7df7-f7fde7b83824(at)iki(dot)fi>
> Committed this patch now.
Hi,
I've just taken up work again on PG 10 on Debian unstable.
With openssl 1.1.0c-2, pgcrypto errors out with:
gcc -Wall -Wmissing-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wendif-labels -Wmissing-format-attribute -Wformat-security -fno-strict-aliasing -fwrapv -fexcess-precision=standard -g -g -O2 -fdebug-prefix-map=/<<PKGBUILDDIR>>=. -specs=/usr/share/dpkg/no-pie-compile.specs -fstack-protector-strong -Wformat -Werror=format-security -I/usr/include/mit-krb5 -fPIC -pie -fno-omit-frame-pointer -fpic -I. -I/<<PKGBUILDDIR>>/build/../contrib/pgcrypto -I../../src/include -I/<<PKGBUILDDIR>>/build/../src/include -Wdate-time -D_FORTIFY_SOURCE=2 -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/include/tcl8.6 -c -o openssl.o /<<PKGBUILDDIR>>/build/../contrib/pgcrypto/openssl.c
/<<PKGBUILDDIR>>/build/../contrib/pgcrypto/openssl.c:253:17: error: field 'evp_ctx' has incomplete type
EVP_CIPHER_CTX evp_ctx;
^~~~~~~
/<<PKGBUILDDIR>>/build/../contrib/pgcrypto/openssl.c: In function 'bf_check_supported_key_len':
/<<PKGBUILDDIR>>/build/../contrib/pgcrypto/openssl.c:373:17: error: storage size of 'evp_ctx' isn't known
EVP_CIPHER_CTX evp_ctx;
^~~~~~~
/<<PKGBUILDDIR>>/build/../contrib/pgcrypto/openssl.c:373:17: warning: unused variable 'evp_ctx' [-Wunused-variable]
<builtin>: recipe for target 'openssl.o' failed
Reverting 5ff4a67f63fd6d3eb01ff9707d4674ed54a89f3b fixes compilation.
(9.6 is fine.)
Christoph
From | Date | Subject | |
---|---|---|---|
Next Message | Aleksander Alekseev | 2016-12-08 15:54:08 | [PATCH] Refactor "if(strspn(str, ...) == strlen(str)" code |
Previous Message | Robert Haas | 2016-12-08 15:25:08 | Re: Declarative partitioning - another take |