Re: pgcrypto compilation error due to stack-allocated EVP_CIPHER_CTX
Asif Naeem <anaeem.it@gmail.com>
From: Asif Naeem <anaeem.it@gmail.com>
To: Michael Paquier <michael.paquier@gmail.com>
Cc: Heikki Linnakangas <hlinnaka@iki.fi>,
Andreas Karlsson <andreas@proxel.se>, Andres Freund <andres@anarazel.de>, PostgreSQL mailing lists <pgsql-hackers@postgresql.org>
Date: 2016-12-06T14:42:21Z
Lists: pgsql-hackers
Thanks for updated patch. Although EVP_CIPHER_CTX_cleanup() seems deprecated in OpenSSL >= 1.1.0 i.e. # if OPENSSL_API_COMPAT < 0x10100000L > # define EVP_CIPHER_CTX_init(c) EVP_CIPHER_CTX_reset(c) > # define EVP_CIPHER_CTX_cleanup(c) EVP_CIPHER_CTX_reset(c) > # endif I guess use of deprecated function is fine, until OpenSSL library support it. On Tue, Dec 6, 2016 at 6:15 PM, Michael Paquier <michael.paquier@gmail.com> wrote: > On Tue, Dec 6, 2016 at 9:31 PM, Asif Naeem <anaeem.it@gmail.com> wrote: > > Thank you for v2 patch, I would like to comment on it. It seems that you > > have used function EVP_CIPHER_CTX_reset in the patch that was introduced > in > > OpenSSL 1.1.0, older library version might not work now, is it > intentional > > change ?. > > I thought I tested that... But yes, that would not compile when linked > with 1.0.2 or older. Using EVP_CIPHER_CTX_cleanup() is safe instead as > that's available down to 0.9.8. > -- > Michael >
Commits
-
Fix pgcrypto compilation with OpenSSL 1.1.0.
- 9bbbf029dded 10.0 landed
-
Use OpenSSL EVP API for symmetric encryption in pgcrypto.
- 5ff4a67f63fd 10.0 cited
-
Support OpenSSL 1.1.0.
- 593d4e47db7a 10.0 cited