On 06/27/2016 05:24 PM, Tom Lane wrote:
Christoph Berg <m...@debian.org> writes:
as reported by Debian's OpenSSL maintainers, PostgreSQL is failing to
build against a snapshot of the upcoming 1.1.0 version.
The errors you report make it sound like they broke API compatibility
wholesale. Was that really their intent? If so, where are the changes
documented?
I do not see that they have documented the removal of the
SSL_library_init symbol anywhere. They changed the function into a macro
in the following commit. I guess we have to check for some other symbol,
like SSL_new.
https://github.com/openssl/openssl/commit/7fa792d14d06cdaca18f225b1d2d8daf8ed24fd7
They have also, which is in the release notes, broken API compatibility
when they made the BIO and BIO_METHOD structs opaque. This will probably
require some ugly ugly #ifs or compatibility macros from us.
They also seem to have broken our OpenSSL thread safety callback when
they added their new threading API and removed the CRYPTO_LOCK define. I
have reported this in their issue tracker
(https://github.com/openssl/openssl/issues/1260).
In addition to this there are a couple of deprecated functions
(DH_generate_parameters() and OPENSSL_config()), but they look pretty
easy to handle.
I think much of the above is missing from the release notes I have
found. I hope they will be more complete at the time of the release. I
am working on a patch to handle these API changes.
- https://www.openssl.org/news/openssl-1.1.0-notes.html
- https://wiki.openssl.org/index.php/1.1_API_Changes
Andreas
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
