Обсуждение: BUG #14308: Postgres 9.5.4 does not configure against OpenSSL 1.1.0
VGhlIGZvbGxvd2luZyBidWcgaGFzIGJlZW4gbG9nZ2VkIG9uIHRoZSB3ZWJz aXRlOgoKQnVnIHJlZmVyZW5jZTogICAgICAxNDMwOApMb2dnZWQgYnk6ICAg ICAgICAgIEplZmZyZXkgV2FsdG9uCkVtYWlsIGFkZHJlc3M6ICAgICAgbm9s b2FkZXJAZ21haWwuY29tClBvc3RncmVTUUwgdmVyc2lvbjogOS41LjQKT3Bl cmF0aW5nIHN5c3RlbTogICBPUyBYCkRlc2NyaXB0aW9uOiAgICAgICAgCgpP cGVuU1NMIDEuMS4wIGRvZXMgbm90IHVzZSBTU0xfbGlicmFyeV9pbml0LiBJ bnN0ZWFkLCBpdCB1c2VzIApPUEVOU1NMX2luaXRfc3NsLg0KDQokIC4vY29u ZmlndXJlIC0td2l0aC1vcGVuc3NsIC0td2l0aC1pbmNsdWRlcz0vdXNyL2xv Y2FsL3NzbC9pbmNsdWRlCi0td2l0aC1saWJyYXJpZXM9L3Vzci9sb2NhbC9z c2wvbGliDQouLi4NCg0KUmVzdWx0cyBpbjoNCg0KY2hlY2tpbmcgZm9yIFNT TF9saWJyYXJ5X2luaXQgaW4gLWxzc2wuLi4gbm8NCmNvbmZpZ3VyZTogZXJy b3I6IGxpYnJhcnkgJ3NzbCcgaXMgcmVxdWlyZWQgZm9yIE9wZW5TU0wNCg0K UmVsZXZhbnQgZW50cnkgZnJvbSAnY29uZmlnLmxvZyc6DQoNCmNvbmZpZ3Vy ZTo4NzMyOiBnY2MgLW8gY29uZnRlc3QgLVdhbGwgLVdtaXNzaW5nLXByb3Rv dHlwZXMgLVdwb2ludGVyLWFyaXRoCi1XZGVjbGFyYXRpb24tYWZ0ZXItc3Rh dGVtZW50IC1XZW5kaWYtbGFiZWxzIC1XbWlzc2luZy1mb3JtYXQtYXR0cmli dXRlCi1XZm9ybWF0LXNlY3VyaXR5IC1mbm8tc3RyaWN0LWFsaWFzaW5nIC1m d3JhcHYKLVduby11bnVzZWQtY29tbWFuZC1saW5lLWFyZ3VtZW50IC1JL3Vz ci9sb2NhbC9zc2wvaW5jbHVkZQotTC91c3IvbG9jYWwvc3NsL2xpYiAgIC1J L3Vzci9sb2NhbC9zc2wvaW5jbHVkZSAgIC1ML3Vzci9sb2NhbC9zc2wvbGli CmNvbmZ0ZXN0LmMgLWxzc2wgIC1sY3J5cHRvIC1seiAtbHJlYWRsaW5lIC1s bSAgPiY1DQpVbmRlZmluZWQgc3ltYm9scyBmb3IgYXJjaGl0ZWN0dXJlIHg4 Nl82NDoNCiAgIl9TU0xfbGlicmFyeV9pbml0IiwgcmVmZXJlbmNlZCBmcm9t Og0KICAgICAgX21haW4gaW4gY29uZnRlc3QtYzBjMmExLm8NCmxkOiBzeW1i b2wocykgbm90IGZvdW5kIGZvciBhcmNoaXRlY3R1cmUgeDg2XzY0DQpjbGFu ZzogZXJyb3I6IGxpbmtlciBjb21tYW5kIGZhaWxlZCB3aXRoIGV4aXQgY29k ZSAxICh1c2UgLXYgdG8gc2VlCmludm9jYXRpb24pDQpjb25maWd1cmU6ODcz MjogJD8gPSAxDQpjb25maWd1cmU6IGZhaWxlZCBwcm9ncmFtIHdhczoNCnwg LyogY29uZmRlZnMuaCAqLw0KfCAjZGVmaW5lIFBBQ0tBR0VfTkFNRSAiUG9z dGdyZVNRTCINCnwgI2RlZmluZSBQQUNLQUdFX1RBUk5BTUUgInBvc3RncmVz cWwiDQp8ICNkZWZpbmUgUEFDS0FHRV9WRVJTSU9OICI5LjUuNCINCnwgI2Rl ZmluZSBQQUNLQUdFX1NUUklORyAiUG9zdGdyZVNRTCA5LjUuNCINCnwgI2Rl ZmluZSBQQUNLQUdFX0JVR1JFUE9SVCAicGdzcWwtYnVnc0Bwb3N0Z3Jlc3Fs Lm9yZyINCnwgI2RlZmluZSBQQUNLQUdFX1VSTCAiIg0KfCAjZGVmaW5lIFBH X01BSk9SVkVSU0lPTiAiOS41Ig0KfCAjZGVmaW5lIFBHX1ZFUlNJT04gIjku NS40Ig0KfCAjZGVmaW5lIFVTRV9JTlRFR0VSX0RBVEVUSU1FUyAxDQp8ICNk ZWZpbmUgREVGX1BHUE9SVCA1NDMyDQp8ICNkZWZpbmUgREVGX1BHUE9SVF9T VFIgIjU0MzIiDQp8ICNkZWZpbmUgQkxDS1NaIDgxOTINCnwgI2RlZmluZSBS RUxTRUdfU0laRSAxMzEwNzINCnwgI2RlZmluZSBYTE9HX0JMQ0tTWiA4MTky DQp8ICNkZWZpbmUgWExPR19TRUdfU0laRSAoMTYgKiAxMDI0ICogMTAyNCkN CnwgI2RlZmluZSBFTkFCTEVfVEhSRUFEX1NBRkVUWSAxDQp8ICNkZWZpbmUg UEdfS1JCX1NSVk5BTSAicG9zdGdyZXMiDQp8ICNkZWZpbmUgVVNFX09QRU5T U0wgMQ0KfCAjZGVmaW5lIEhBVkVfTElCTSAxDQp8ICNkZWZpbmUgSEFWRV9M SUJSRUFETElORSAxDQp8ICNkZWZpbmUgSEFWRV9MSUJaIDENCnwgI2RlZmlu ZSBIQVZFX1NQSU5MT0NLUyAxDQp8ICNkZWZpbmUgSEFWRV9BVE9NSUNTIDEN CnwgI2RlZmluZSBIQVZFX0xJQkNSWVBUTyAxDQp8IC8qIGVuZCBjb25mZGVm cy5oLiAgKi8NCnwgDQp8IC8qIE92ZXJyaWRlIGFueSBHQ0MgaW50ZXJuYWwg cHJvdG90eXBlIHRvIGF2b2lkIGFuIGVycm9yLg0KfCAgICBVc2UgY2hhciBi ZWNhdXNlIGludCBtaWdodCBtYXRjaCB0aGUgcmV0dXJuIHR5cGUgb2YgYSBH Q0MNCnwgICAgYnVpbHRpbiBhbmQgdGhlbiBpdHMgYXJndW1lbnQgcHJvdG90 eXBlIHdvdWxkIHN0aWxsIGFwcGx5LiAgKi8NCnwgI2lmZGVmIF9fY3BsdXNw bHVzDQp8IGV4dGVybiAiQyINCnwgI2VuZGlmDQp8IGNoYXIgU1NMX2xpYnJh cnlfaW5pdCAoKTsNCnwgaW50DQp8IG1haW4gKCkNCnwgew0KfCByZXR1cm4g U1NMX2xpYnJhcnlfaW5pdCAoKTsNCnwgICA7DQp8ICAgcmV0dXJuIDA7DQp8 IH0NCmNvbmZpZ3VyZTo4NzQxOiByZXN1bHQ6IG5vDQpjb25maWd1cmU6ODc1 MTogZXJyb3I6IGxpYnJhcnkgJ3NzbCcgaXMgcmVxdWlyZWQgZm9yIE9wZW5T U0wKCg==
On Fri, Sep 2, 2016 at 3:10 PM, <noloader@gmail.com> wrote: > OpenSSL 1.1.0 does not use SSL_library_init. Instead, it uses > OPENSSL_init_ssl. The work to be done with OpenSSL 1.1.0 is discussed here: https://www.postgresql.org/message-id/20160627151604.GD1051@msg.df7cb.de I'd expect a patch to land soon. -- Michael
The following gets past the OpenSSL 1.1.0 configuration problems. It was tested against Postgres 9.5.4 and Master (6591f4226c81104f). Thanks to ldav1s at http://stackoverflow.com/q/39285733 (I'm an OpenSSL guy; not an Autoconf guy). $ git diff configure.in > configure.in.patch riemann:postgresql$ cat configure.in.patch diff --git a/configure.in b/configure.in index c878b4e..c12bfb6 100644 --- a/configure.in +++ b/configure.in @@ -1112,10 +1112,16 @@ if test "$with_openssl" = yes ; then dnl Order matters! if test "$PORTNAME" != "win32"; then AC_CHECK_LIB(crypto, CRYPTO_new_ex_data, [], [AC_MSG_ERROR([library 'crypto' is required for OpenSSL])]) - AC_CHECK_LIB(ssl, SSL_library_init, [], [AC_MSG_ERROR([library 'ssl' is required for OpenSSL])]) + FOUND_SSL_LIB="no" + AC_CHECK_LIB(ssl, OPENSSL_init_ssl, [FOUND_SSL_LIB="yes"]) + AC_CHECK_LIB(ssl, SSL_library_init, [FOUND_SSL_LIB="yes"]) + AS_IF([test "x$FOUND_SSL_LIB" = xno], [AC_MSG_ERROR([library 'ssl' is required for OpenSSL])]) else AC_SEARCH_LIBS(CRYPTO_new_ex_data, eay32 crypto, [], [AC_MSG_ERROR([library 'eay32' or 'crypto' is required for OpenSSL])]) - AC_SEARCH_LIBS(SSL_library_init, ssleay32 ssl, [], [AC_MSG_ERROR([library 'ssleay32' or 'ssl' is required for OpenSSL])]) + FOUND_SSL_LIB="no" + AC_SEARCH_LIBS(ssleay32 ssl, OPENSSL_init_ssl, [FOUND_SSL_LIB="yes"]) + AC_SEARCH_LIBS(ssleay32 ssl, SSL_library_init, [FOUND_SSL_LIB="yes"]) + AS_IF([test "x$FOUND_SSL_LIB" = xno], [AC_MSG_ERROR([library 'ssleay32' or 'ssl' is required for OpenSSL])]) fi AC_CHECK_FUNCS([SSL_get_current_compression]) fi On Fri, Sep 2, 2016 at 2:21 AM, Michael Paquier <michael.paquier@gmail.com> wrote: > On Fri, Sep 2, 2016 at 3:10 PM, <noloader@gmail.com> wrote: >> OpenSSL 1.1.0 does not use SSL_library_init. Instead, it uses >> OPENSSL_init_ssl. > > The work to be done with OpenSSL 1.1.0 is discussed here: > https://www.postgresql.org/message-id/20160627151604.GD1051@msg.df7cb.de > I'd expect a patch to land soon. > -- > Michael
Вложения
On Sun, Sep 4, 2016 at 1:07 PM, Jeffrey Walton <noloader@gmail.com> wrote: > The following gets past the OpenSSL 1.1.0 configuration problems. > > It was tested against Postgres 9.5.4 and Master (6591f4226c81104f). > Thanks to ldav1s at http://stackoverflow.com/q/39285733 (I'm an > OpenSSL guy; not an Autoconf guy). Yes, a similar method is part of the existing patches. Note that this is not enough, the exiting code would not go through compilation. If you have an interest in getting that done, I think that it would be good if you could review the existing patches and help to move on. -- Michael