Re: Support for Secure Transport SSL library on macOS as OpenSSL alternative

On Sun, Aug 20, 2017 at 8:10 AM, Thomas Munro
<thomas(dot)munro(at)enterprisedb(dot)com> wrote:
> On Fri, Aug 18, 2017 at 2:14 AM, Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
>> Attached is an updated set of patches, rebased on top of master, with bug fixes
>> and additional features missing in the first set. While not complete (yet), in
>> case anyone is testing this I’d rather send a fresh batch rather than sitting
>> on them too long while I keep hacking at the docs. While not every part of
>> this rather large changeset has been touched, this includes all the patches for
>> completeness sake.
>
> Hi,
>
> +#if defined(USE_OPENSSL) || defined(USE_SECURETRANSPORT)
> #define USE_SSL
> +#if defined(USE_OPENSSL)
> +#define SSL_LIBRARY "OpenSSL"
> +#elif defined(USE_SECURETRANSPORT)
> +#define SSL_LIBRARY "Secure Transport"
> +#endif
> #endif
>
> If you configure with neither --with-securetransport nor
> --with-openssl then SSL_LIBRARY finishes up undefined, and then guc.c
> doesn't compile:
>
> ccache gcc -Wall -Wmissing-prototypes -Wpointer-arith
> -Wdeclaration-after-statement -Wendif-labels
> -Wmissing-format-attribute -Wformat-security -fno-strict-aliasing
> -fwrapv -fexcess-precision=standard -g -O2 -I. -I.
> -I../../../../src/include -D_GNU_SOURCE -c -o guc.o guc.c
> guc.c:3309:3: error: ‘SSL_LIBRARY’ undeclared here (not in a function)
> SSL_LIBRARY,
> ^~~~~~~~~~~
>
> I guess it should have a fallback definition, though I don't know what
> it should be.

Or maybe the guc should only exist if SSL_LIBRARY is defined? I mean
#if defined(SSL_LIBRARY) around this:

+ {
+ /* Can't be set in postgresql.conf */
+ {"ssl_library", PGC_INTERNAL, PRESET_OPTIONS,
+ gettext_noop("Shows the SSL library used."),
+ NULL,
+ GUC_REPORT | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE
+ },
+ &ssl_library_string,
+ SSL_LIBRARY,
+ NULL, NULL, NULL
+ },

--
Thomas Munro
http://www.enterprisedb.com