Define OPENSSL_API_COMPAT

This avoids deprecation warnings from newer OpenSSL versions (3.0.0 in
particular).

This has been originally applied as 4d3db13 for v14 and newer versions,
but not on the older branches out of caution, and this commit closes the
gap to remove all these deprecation warnings in all the branches still
supported.

OPENSSL_API_COMPAT's value is set based on the oldest version of OpenSSL
supported on a branch: 1.0.1 for Postgres 13 and 0.9.8 for Postgres 11
and 12.

Reviewed-by: Daniel Gustafsson
Discussion: https://postgr.es/m/FEF81714-D479-4512-839B-C769D2605F8A@yesql.se
Discussion: https://postgr.es/m/[email protected]
Backpatch-through: 11

diff --git a/configure b/configure
index a461afffb2fe097df015817347eb881d322b5d48..83cdc390eaab936623eb139938e8053145d10cda 100755 (executable)
--- a/configure
+++ b/configure
@@ -12477,7 +12477,11 @@ fi
 fi
 
 if test "$with_openssl" = yes ; then
-    if test "$PORTNAME" != "win32"; then
+    # Minimum required OpenSSL version is 1.0.1
+
+$as_echo "#define OPENSSL_API_COMPAT 0x10001000L" >>confdefs.h
+
+  if test "$PORTNAME" != "win32"; then
      { $as_echo "$as_me:${as_lineno-$LINENO}: checking for CRYPTO_new_ex_data in -lcrypto" >&5
 $as_echo_n "checking for CRYPTO_new_ex_data in -lcrypto... " >&6; }
 if ${ac_cv_lib_crypto_CRYPTO_new_ex_data+:} false; then :

diff --git a/configure.in b/configure.in
index 48ea9ad17e5a909249a757e1531a9a83114f1abb..85faa1e91bcbd7a8f7d1738445958596666935e9 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -1258,6 +1258,9 @@ fi
 
 if test "$with_openssl" = yes ; then
   dnl Order matters!
+  # Minimum required OpenSSL version is 1.0.1
+  AC_DEFINE(OPENSSL_API_COMPAT, [0x10001000L],
+            [Define to the OpenSSL API version in use. This avoids deprecation warnings from newer OpenSSL versions.])
   if test "$PORTNAME" != "win32"; then
      AC_CHECK_LIB(crypto, CRYPTO_new_ex_data, [], [AC_MSG_ERROR([library 'crypto' is required for OpenSSL])])
      AC_CHECK_LIB(ssl,    SSL_new, [], [AC_MSG_ERROR([library 'ssl' is required for OpenSSL])])

diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in
index 745cca5b0501995e5df915ce0e36d8490338db50..13fc4e0db62695fdec1fde66891dde5285ce2963 100644 (file)
--- a/src/include/pg_config.h.in
+++ b/src/include/pg_config.h.in
@@ -758,6 +758,10 @@
 /* Define bytes to use libc memset(). */
 #undef MEMSET_LOOP_LIMIT
 
+/* Define to the OpenSSL API version in use. This avoids deprecation warnings
+   from newer OpenSSL versions. */
+#undef OPENSSL_API_COMPAT
+
 /* Define to the address where bug reports for this package should be sent. */
 #undef PACKAGE_BUGREPORT
 

diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm
index 54537411aba116db535e540a46d71d07deed4d0e..78328e1fac0d60b581d6ab5fd16dc2bf41dacffa 100644 (file)
--- a/src/tools/msvc/Solution.pm
+++ b/src/tools/msvc/Solution.pm
@@ -152,6 +152,8 @@ sub GenerateFiles
    my $package_bugreport;
    my $package_url;
    my ($majorver, $minorver);
+   my $ac_define_openssl_api_compat_found = 0;
+   my $openssl_api_compat;
 
    # Parse configure.in to get version numbers
    open(my $c, '<', "configure.in")
@@ -176,10 +178,15 @@ sub GenerateFiles
            $majorver = sprintf("%d", $1);
            $minorver = sprintf("%d", $2 ? $2 : 0);
        }
+       elsif (/\bAC_DEFINE\(OPENSSL_API_COMPAT, \[([0-9xL]+)\]/)
+       {
+           $ac_define_openssl_api_compat_found = 1;
+           $openssl_api_compat = $1;
+       }
    }
    close($c);
    confess "Unable to parse configure.in for all variables!"
-     unless $ac_init_found;
+     unless $ac_init_found && $ac_define_openssl_api_compat_found;
 
    if (IsNewer("src/include/pg_config_os.h", "src/include/port/win32.h"))
    {
@@ -436,6 +443,7 @@ sub GenerateFiles
        LOCALE_T_IN_XLOCALE                      => undef,
        MAXIMUM_ALIGNOF                          => 8,
        MEMSET_LOOP_LIMIT                        => 1024,
+       OPENSSL_API_COMPAT                       => $openssl_api_compat,
        PACKAGE_BUGREPORT                        => qq{"$package_bugreport"},
        PACKAGE_NAME                             => qq{"$package_name"},
        PACKAGE_STRING      => qq{"$package_name $package_version"},