Re: OpenSSL 1.1 breaks configure and more

On Fri, 1 Jul 2016 02:27:03 +0200
Andreas Karlsson <andreas@proxel.se> wrote:


> 0003-Remove-OpenSSL-1.1-deprecation-warnings.patch
> 
> Silence all warnings. This commit changes more things and is not 
> necessary for getting PostgreSQL to build against 1.1.

This patch breaks feature, which exists in PostgreSQL since 8.2 -
support for SSL ciphers, provided by loadable modules such as Russian
national standard (GOST) algorithms, and support for cryptographic
hardware tokens (which are also supported by loadble modules called
engines in OpenSSL).

Call for OPENSSL_config was added to PostgreSQL for this purpose - it
loads default OpenSSL configuration file, where such things as crypto
hardware modules can be configured.

If we wish to keep this functionality, we need to explicitely call

OPENSSL_init_ssl(INIT_LOAD_CONFIG,NULL) instead of deprecated
OPENSSL_config in 1.1.0