@@ -4,6 +4,7 @@ class PostgresqlAT11 < Formula
44 url "https://ftp.postgresql.org/pub/source/v11.22/postgresql-11.22.tar.bz2"
55 sha256 "2cb7c97d7a0d7278851bbc9c61f467b69c094c72b81740b751108e7892ebe1f0"
66 license "PostgreSQL"
7+ revision 1
78
89 bottle do
910 sha256 arm64_sonoma : "3a8e0f24e7e667923d8a7621dd7739b2124b49e85a1e287b4751ba9b046bc5ab"
@@ -36,6 +37,10 @@ class PostgresqlAT11 < Formula
3637 depends_on "util-linux"
3738 end
3839
40+ # Fix compatibility with OpenSSL 3.2
41+ # Ref https://www.postgresql.org/message-id/CX9SU44GH3P4.17X6ZZUJ5D40N%40neon.tech
42+ patch :DATA
43+
3944 def install
4045 ENV . prepend "LDFLAGS" , "-L#{ Formula [ "openssl@3" ] . opt_lib } #{ Formula [ "readline" ] . opt_lib }
4146 ENV . prepend "CPPFLAGS" , "-I#{ Formula [ "openssl@3" ] . opt_include } #{ Formula [ "readline" ] . opt_include }
@@ -133,3 +138,157 @@ def caveats
133138 assert_equal opt_lib . to_s , shell_output ( "#{ bin } ) . chomp
134139 end
135140end
141+
142+ __END__
143+ diff --git a/configure b/configure
144+ index 90d57f9880..60b587fd30 100755
145+ --- a/configure
146+ +++ b/configure
147+ @@ -12299,7 +12299,7 @@ done
148+ # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
149+ # doesn't have these OpenSSL 1.1.0 functions. So check for individual
150+ # functions.
151+ - for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data RAND_OpenSSL
152+ + for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data RAND_OpenSSL
153+ do :
154+ as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
155+ ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
156+ diff --git a/configure.in b/configure.in
157+ index b092510077..64a3cd6902 100644
158+ --- a/configure.in
159+ +++ b/configure.in
160+ @@ -1285,7 +1285,7 @@ if test "$with_openssl" = yes ; then
161+ # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
162+ # doesn't have these OpenSSL 1.1.0 functions. So check for individual
163+ # functions.
164+ - AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data RAND_OpenSSL])
165+ + AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data RAND_OpenSSL])
166+ # OpenSSL versions before 1.1.0 required setting callback functions, for
167+ # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock()
168+ # function was removed.
169+ diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
170+ index e307bfea82..255f5d61b7 100644
171+ --- a/src/backend/libpq/be-secure-openssl.c
172+ +++ b/src/backend/libpq/be-secure-openssl.c
173+ @@ -663,11 +663,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
174+ * to retry; do we need to adopt their logic for that?
175+ */
176+
177+ -#ifndef HAVE_BIO_GET_DATA
178+ -#define BIO_get_data(bio) (bio->ptr)
179+ -#define BIO_set_data(bio, data) (bio->ptr = data)
180+ -#endif
181+ -
182+ static BIO_METHOD *my_bio_methods = NULL;
183+
184+ static int
185+ @@ -677,7 +672,7 @@ my_sock_read(BIO *h, char *buf, int size)
186+
187+ if (buf != NULL)
188+ {
189+ - res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size);
190+ + res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size);
191+ BIO_clear_retry_flags(h);
192+ if (res <= 0)
193+ {
194+ @@ -697,7 +692,7 @@ my_sock_write(BIO *h, const char *buf, int size)
195+ {
196+ int res = 0;
197+
198+ - res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size);
199+ + res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size);
200+ BIO_clear_retry_flags(h);
201+ if (res <= 0)
202+ {
203+ @@ -773,7 +768,7 @@ my_SSL_set_fd(Port *port, int fd)
204+ SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
205+ goto err;
206+ }
207+ - BIO_set_data(bio, port);
208+ + BIO_set_app_data(bio, port);
209+
210+ BIO_set_fd(bio, fd, BIO_NOCLOSE);
211+ SSL_set_bio(port->ssl, bio, bio);
212+ diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in
213+ index 157b504ea6..d4c9b29aeb 100644
214+ --- a/src/include/pg_config.h.in
215+ +++ b/src/include/pg_config.h.in
216+ @@ -96,9 +96,6 @@
217+ /* Define to 1 if you have the <atomic.h> header file. */
218+ #undef HAVE_ATOMIC_H
219+
220+ -/* Define to 1 if you have the `BIO_get_data' function. */
221+ -#undef HAVE_BIO_GET_DATA
222+ -
223+ /* Define to 1 if you have the `BIO_meth_new' function. */
224+ #undef HAVE_BIO_METH_NEW
225+
226+ diff --git a/src/include/pg_config.h.win32 b/src/include/pg_config.h.win32
227+ index d2149996d2..4e74324079 100644
228+ --- a/src/include/pg_config.h.win32
229+ +++ b/src/include/pg_config.h.win32
230+ @@ -75,9 +75,6 @@
231+ /* Define to 1 if you have the `ASN1_STRING_get0_data' function. */
232+ /* #undef HAVE_ASN1_STRING_GET0_DATA */
233+
234+ -/* Define to 1 if you have the `BIO_get_data' function. */
235+ -/* #undef HAVE_BIO_GET_DATA */
236+ -
237+ /* Define to 1 if you have the `BIO_meth_new' function. */
238+ /* #undef HAVE_BIO_METH_NEW */
239+
240+ diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
241+ index 55e231e849..bf091c0ec5 100644
242+ --- a/src/interfaces/libpq/fe-secure-openssl.c
243+ +++ b/src/interfaces/libpq/fe-secure-openssl.c
244+ @@ -1491,11 +1491,6 @@ PQsslAttribute(PGconn *conn, const char *attribute_name)
245+ * to retry; do we need to adopt their logic for that?
246+ */
247+
248+ -#ifndef HAVE_BIO_GET_DATA
249+ -#define BIO_get_data(bio) (bio->ptr)
250+ -#define BIO_set_data(bio, data) (bio->ptr = data)
251+ -#endif
252+ -
253+ static BIO_METHOD *my_bio_methods;
254+
255+ static int
256+ @@ -1503,7 +1498,7 @@ my_sock_read(BIO *h, char *buf, int size)
257+ {
258+ int res;
259+
260+ - res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size);
261+ + res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size);
262+ BIO_clear_retry_flags(h);
263+ if (res < 0)
264+ {
265+ @@ -1533,7 +1528,7 @@ my_sock_write(BIO *h, const char *buf, int size)
266+ {
267+ int res;
268+
269+ - res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size);
270+ + res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size);
271+ BIO_clear_retry_flags(h);
272+ if (res <= 0)
273+ {
274+ @@ -1624,7 +1619,7 @@ my_SSL_set_fd(PGconn *conn, int fd)
275+ SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
276+ goto err;
277+ }
278+ - BIO_set_data(bio, conn);
279+ + BIO_set_app_data(bio, conn);
280+
281+ SSL_set_bio(conn->ssl, bio, bio);
282+ BIO_set_fd(bio, fd, BIO_NOCLOSE);
283+ diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm
284+ index c823655ed9..f88609ebc8 100644
285+ --- a/src/tools/msvc/Solution.pm
286+ +++ b/src/tools/msvc/Solution.pm
287+ @@ -277,7 +277,6 @@ sub GenerateFiles
288+ || ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0'))
289+ {
290+ print $o "#define HAVE_ASN1_STRING_GET0_DATA 1\n";
291+ - print $o "#define HAVE_BIO_GET_DATA 1\n";
292+ print $o "#define HAVE_BIO_METH_NEW 1\n";
293+ print $o "#define HAVE_OPENSSL_INIT_SSL 1\n";
294+ }
0 commit comments