Re: OpenSSL 3.0.0 compatibility

Jelte Fennema-Nio <postgres@jeltef.nl>

From: Jelte Fennema <postgres@jeltef.nl>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Peter Eisentraut <peter.eisentraut@enterprisedb.com>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>, Tom Lane <tgl@sss.pgh.pa.us>, Michael Paquier <michael@paquier.xyz>
Date: 2022-06-29T09:44:00Z
Lists: pgsql-hackers
> See upthread in ef5c7896-20cb-843f-e91e-0ee5f7fd932e@enterprisedb.com

I saw that section, but I thought that only applied before you
backpatched the actual fixes to PG13 and below. I mean there's no
reason anymore not to compile those older versions with OpenSSL 3.0,
right? If so, it seems confusing for the build to spit out warnings
that indicate the contrary.



Commits

  1. Define OPENSSL_API_COMPAT

  2. Add alternative output for OpenSSL 3 without legacy loaded

  3. Disable OpenSSL EVP digest padding in pgcrypto

  4. pgcrypto: Check for error return of px_cipher_decrypt()

  5. OpenSSL 3.0.0 compatibility in tests

  6. Make ssl certificate for ssl_passphrase_callback test via Makefile

  7. Provide a TLS init hook