OpenSSL conflicts with wincrypt.h
Hello,
When building Postgres using MSVC with Kerberos Version 4.1 and OpenSSL
1.1.1l (both of them, using only one will raise no errors), I see errors
like:
"C:\postgres\pgsql.sln" (default target) (1) ->
"C:\postgres\postgres.vcxproj" (default target) (2) ->
(ClCompile target) ->
C:\postgres\src\backend\libpq\be-secure-openssl.c(583,43): warning C4047:
'function': 'X509_NAME *' differs in levels of indirection from 'int'
[C:\postgres\pos
tgres.vcxproj]
"C:\postgres\pgsql.sln" (default target) (1) ->
"C:\postgres\postgres.vcxproj" (default target) (2) ->
(ClCompile target) ->
C:\postgres\src\backend\libpq\be-secure-openssl.c(74,35): error C2143:
syntax error: missing ')' before '(' [C:\postgres\postgres.vcxproj]
There is a comment in 'src/backend/libpq/be-secure-openssl.c' addressing
this issue, but I have to explicitly undefine X509_NAME. Please find
attached a patch for so.
Regards,
Juan José Santamaría Flecha
Attachments:
0001-OpenSSL-conflicts-with-wincrypt.patchapplication/x-patch; name=0001-OpenSSL-conflicts-with-wincrypt.patchDownload
diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index 3d0168a..649bdc3 100644
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -49,6 +49,9 @@
#ifndef OPENSSL_NO_ECDH
#include <openssl/ec.h>
#endif
+#ifdef WIN32
+#undef X509_NAME
+#endif
#include <openssl/x509v3.h>
=?UTF-8?Q?Juan_Jos=C3=A9_Santamar=C3=ADa_Flecha?= <juanjo.santamaria@gmail.com> writes:
There is a comment in 'src/backend/libpq/be-secure-openssl.c' addressing
this issue, but I have to explicitly undefine X509_NAME. Please find
attached a patch for so.
Um ... why? Shouldn't the #undef in the OpenSSL headers take care
of the problem?
regards, tom lane
On Fri, Feb 11, 2022 at 4:36 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
=?UTF-8?Q?Juan_Jos=C3=A9_Santamar=C3=ADa_Flecha?= <
juanjo.santamaria@gmail.com> writes:There is a comment in 'src/backend/libpq/be-secure-openssl.c' addressing
this issue, but I have to explicitly undefine X509_NAME. Please find
attached a patch for so.Um ... why? Shouldn't the #undef in the OpenSSL headers take care
of the problem?After <openssl/ossl_typ.h> has been included, any inclusion of
<wincrypt.h> will be troublesome. There is already something similar in
'contrib/sslinfo/sslinfo.c'. This shouldn't be a problem while
defining WIN32_LEAN_AND_MEAN, but kerberos is directly including
<wincrypt.h> in <win-mac.h>.
Regards,
Juan José Santamaría Flecha
On 15 Feb 2022, at 14:12, Juan José Santamaría Flecha <juanjo.santamaria@gmail.com> wrote:
After <openssl/ossl_typ.h> has been included, any inclusion of <wincrypt.h> will be troublesome.
Not that it changes anything here, but FTR: in OpenSSL 3.0.0 and onwards this
undef has been moved to <openssl/types.h>
--
Daniel Gustafsson https://vmware.com/