pgcrypto compilation error due to stack-allocated EVP_CIPHER_CTX

Andres Freund <andres@anarazel.de>

From: Andres Freund <andres@anarazel.de>
To: pgsql-hackers@postgresql.org
Date: 2016-12-01T01:48:26Z
Lists: pgsql-hackers
Hi,

It appears openssl has removed the public definition of EVP_CIPHER_CTX
leading to pgcrypto failing with:

/home/andres/src/postgresql/contrib/pgcrypto/openssl.c:253:17: error: field ‘evp_ctx’ has incomplete type
  EVP_CIPHER_CTX evp_ctx;
                 ^~~~~~~
/home/andres/src/postgresql/contrib/pgcrypto/openssl.c: In function ‘bf_check_supported_key_len’:
/home/andres/src/postgresql/contrib/pgcrypto/openssl.c:373:17: error: storage size of ‘evp_ctx’ isn’t known
  EVP_CIPHER_CTX evp_ctx;
                 ^~~~~~~
/home/andres/src/postgresql/contrib/pgcrypto/openssl.c:373:17: warning: unused variable ‘evp_ctx’ [-Wunused-variable]
make[3]: *** [openssl.o] Error 1

seems we need to allocate using EVP_CIPHER_CTX_new() instead.

Am I the only one seing this?

It looks like EVP_CIPHER_CTX_new() has been available for a long time:
commit b40228a61d2f9b40fa6a834c9beaa8ee9dc490c1
Author: Dr. Stephen Henson <steve@openssl.org>
Date:   2005-12-02 13:46:39 +0000

    New functions to support opaque EVP_CIPHER_CTX handling.

Greetings,

Andres Freund


Commits

  1. Fix pgcrypto compilation with OpenSSL 1.1.0.

  2. Use OpenSSL EVP API for symmetric encryption in pgcrypto.

  3. Support OpenSSL 1.1.0.