Re: problem loading shared lib pg_tde.so

Поиск
Список
Период
Сортировка
От Adrian Klaver
Тема Re: problem loading shared lib pg_tde.so
Дата
Msg-id f4e09c28-fc25-4a4e-a770-f46d04063dfd@aklaver.com
обсуждение исходный текст
Ответ на problem loading shared lib pg_tde.so  (Matthias Apitz <guru@unixarea.de>)
Ответы Re: problem loading shared lib pg_tde.so  (Adrian Klaver <adrian.klaver@aklaver.com>)
Список pgsql-general
Дерево обсуждения 
On 5/6/24 04:05, Matthias Apitz wrote:
> I have a problem while loading the pg_tde.so shared lib.
> 
> contrib/pg_tde was built with:
> 
> cd postgresql-16.2/contrib/pg_tde || exit
> gmake clean
> export LDFLAGS="-L/usr/local/sisis-pap/lib -L/usr/lib64"
> export CFLAGS="-m64 -I/usr/local/sisis-pap/include"
> export CPPFLAGS="-m64 -I/usr/local/sisis-pap/include"
> 
> ./configure --prefix=/usr/local/sisis-pap/pgsql-16.2 \
>              --libdir=/usr/local/sisis-pap/pgsql-16.2/lib
>              --with-libcurl=/usr/local/sisis-pap/
> 
> gmake
> gmake install
> 
> but the shared lib /usr/local/sisis-pap/pgsql-16.2/lib/pg_tde.so
> can't be loaded on startup of the server:
> 
> 024-05-06 11:18:45.967 CEST [15368] FATAL:  could not load library "/usr/local/sisis-pap/pgsql-16.2/lib/pg_tde.so":
/usr/lib64/libssh.so.4:undefined symbol: EVP_KDF_CTX_new_id, version OPENSSL_1_1_1d
 
> 2024-05-06 11:18:45.967 CEST [15368] LOG:  database system is shut down
> 
> This is the OpenSSL version of SuSE Linux Enterprise 15 SP5:
> 
> # openssl version
> OpenSSL 1.1.1l-fips  24 Aug 2021 SUSE release 150500.17.25.1
> 
> This is what we have compiled and PostgreSQL should use:
> 
> # export LD_LIBRARY_PATH=/usr/local/sisis-pap/lib
> # /usr/local/sisis-pap/bin/openssl version
> OpenSSL 1.1.1t  7 Feb 2023

I see three different versions of OpenSSL:

OPENSSL_1_1_1d      -- From error messsage
OpenSSL 1.1.1l-fips    -- SuSE 15 version
OpenSSL 1.1.1t            -- Your built version?

Are you sure you pointing at the same version in all cases?

> 
> When I disable 'pg_tde' in data/postgresql.auto.conf the server
> starts fine;
> 
> vim /data/postgresql162/data/postgresql.auto.conf
> # disabled shared_preload_libraries = 'pg_tde'
> 
> # /etc/init.d/postgres162 start
> starts fine
> 
> and the postgres proc is using our libssl.so.1.1
> 
> # lsof -p 17254 | egrep 'libssl'
> postgres 17254 postgres  mem       REG              254,0   697248  1080241 /usr/local/sisis-pap/lib/libssl.so.1.1
> 
> # strings /usr/local/sisis-pap/lib/libssl.so.1.1 | grep EVP_KDF
> (nix)
> 
> # strings /usr/lib64/libssh.so.4 | grep EVP_KDF
> EVP_KDF_CTX_new_id
> EVP_KDF_ctrl
> EVP_KDF_CTX_free
> EVP_KDF_derive
> 
> I have a complete different OpenSSL 3.0.x environment: all OpenSSL
> consumers use /usr/local/sisis-pap.sp01/lib/libssl.so.3, also
> PostgreSQL and pg_tde have been compiled against this; and this
> runs fine with 'pg_tde'.
> 
> What the avove error means?
> 
> Thanks
> 
> 
>     matthias
> 
> 

-- 
Adrian Klaver
adrian.klaver@aklaver.com

В списке pgsql-general по дате отправления:

Предыдущее
От: Alvaro Herrera
Дата:
Сообщение: Re: Clarification Needed on Postgresql License Requirement for Hybrid Environment Cluster Configuration
Следующее
От: Adrian Klaver
Дата:
Сообщение: Re: problem loading shared lib pg_tde.so