Re: OpenSSL 1.1 breaks configure and more

Michael Paquier <michael.paquier@gmail.com>

From: Michael Paquier <michael.paquier@gmail.com>
To: Andreas Karlsson <andreas@proxel.se>
Cc: Christoph Berg <myon@debian.org>, PostgreSQL Hackers <pgsql-hackers@postgresql.org>, Tom Lane <tgl@sss.pgh.pa.us>
Date: 2016-06-28T01:27:06Z
Lists: pgsql-hackers
On Tue, Jun 28, 2016 at 3:21 AM, Andreas Karlsson <andreas@proxel.se> wrote:
> Yes, we could do that, but I do not think we should check for the existence
> of a backwards compatibility macro. Actually I think we may want to skip
> much of the OpenSSL initialization code when compiling against OpenSSL 1.1
> since they have now added automatic initialization of the library. Instead I
> think we should check for something we actually will use like SSL_CTX_new().

Agreed. Changing the routine being checked may be a good idea in this
case, and we surely want to check for something that is used in the
frontend and the backend. So why not something more generic like
SSL_read or SSL_write?
-- 
Michael


Commits

  1. Back-patch 9.4-era SSL renegotiation code into 9.3 and 9.2.