From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, buildfarm(at)sraoss(dot)co(dot)jp |
Subject: | Re: Missing include <openssl/x509.h> in be-secure-openssl.c? |
Date: | 2021-11-01 22:15:32 |
Message-ID: | 461EF47A-C979-4124-87E3-758A68A98D1E@yesql.se |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> On 1 Nov 2021, at 14:33, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>
> Daniel Gustafsson <daniel(at)yesql(dot)se> writes:
>> It does make sense, but it's a bit worrisome that the indirect inclusion no
>> longer works as there is no obvious explanation as to why.
>
> Yeah. Just to make things even more confusing, hamerkop is not failing
> in the back branches. v14 at least has exactly the same contents of
> be-secure-openssl.c, so how's that happening?
That to me has the smell of some form of environment tainting or pollution, as
opposed to a code problem. v14 and HEAD are identical wrt to building this, so
the answer is likely to lie elsewhere.
>>> x509v3.h includes x509.h, so fe-secure-openssl.h would not need an
>>> update. Now could it be a better practice to include both there?
>
>> Judging by OpenSSL, including both is common practice unless the module only
>> deals with v3 extensions. Following that lead seems reasonable.
>
> I see that fe-secure-openssl.c includes only x509v3.h, and it builds
> successfully on hamerkop. So I'm now inclined to make be-secure-openssl.c
> match that.
That is in and out of itself not wrong, it shouldn't be required but it's
definitely not wrong to do regardless of what's causing this.
> But it'd still be a good thing to trace the real cause.
Agreed, I'm hoping the animal owner can shed some light on this.
--
Daniel Gustafsson https://vmware.com/
From | Date | Subject | |
---|---|---|---|
Next Message | Michael Paquier | 2021-11-01 22:26:58 | Re: Missing include <openssl/x509.h> in be-secure-openssl.c? |
Previous Message | Tom Lane | 2021-11-01 22:01:18 | Re: inefficient loop in StandbyReleaseLockList() |