Re: OpenSSL 1.1 breaks configure and more
Heikki Linnakangas <hlinnaka@iki.fi>
From: Heikki Linnakangas <hlinnaka@iki.fi>
To: Andreas Karlsson <andreas@proxel.se>, Victor Wagner <vitus@wagner.pp.ru>,
pgsql-hackers@postgresql.org, Christoph Berg <myon@debian.org>,
Tom Lane <tgl@sss.pgh.pa.us>
Date: 2016-09-15T11:57:13Z
Lists: pgsql-hackers
On 09/15/2016 03:16 AM, Andreas Karlsson wrote: > Now for a review: > > It looks generally good but I think I saw one error. In > fe-secure-openssl.c your code still calls SSL_library_init() in OpenSSL > 1.1. I think it should be enough to just call > OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL) like you do in be-secure. Ok, fixed that, and committed. Thanks everyone! I backpatched this to 9.5, but not further than that. The functions this modified were moved around in 9.5, so the patch wouldn't apply as is. It wouldn't be difficult to back-patch further if there's demand, but I'm not eager to do that until someone complains. - Heikki
Commits
-
Back-patch 9.4-era SSL renegotiation code into 9.3 and 9.2.
- fbfeceb25362 9.3.17 landed
- 58384149bdbd 9.2.21 landed