gentoo auto-resync : 09:02:2024 - 17:33:55

author: V3n3RiX <venerix@koprulu.sector> 2024-02-09 17:33:55 +0000
committer: V3n3RiX <venerix@koprulu.sector> 2024-02-09 17:33:55 +0000
commit: 4d643b662f77ef9cc872089cad15cf5e7e1f70f2 (patch)
tree: 8a8b7aa8499f2b753ccc5c7dcce87f8f9a0cf76b /dev-db
parent: dbed051da899bbf15bd223d4aa40e913cc3c5b0f (diff)
16 files changed, 8 insertions, 1386 deletions
diff --git a/dev-db/Manifest.gz b/dev-db/Manifest.gz
index 5599fdf8db6b..7a89b1df8d6f 100644
--- a/dev-db/Manifest.gz
+++ b/dev-db/Manifest.gz
diff --git a/dev-db/postgresql/Manifest b/dev-db/postgresql/Manifest
index df1cafaae8e9..9f7a69fe4c69 100644
--- a/dev-db/postgresql/Manifest
+++ b/dev-db/postgresql/Manifest
@@ -1,18 +1,8 @@
-AUX postgresql-12-openssl3.2.patch 6585 BLAKE2B 791f1432cf74232bfa030ae26450fb8ee04ab4c4677d7888de36526d5a90ad520b36dd048abda8d4a4797f2826027aa86966c159942ce111c931da84276a0b30 SHA512 effb4ec6d4a6dec5ffb344c03df99e3d938c52221ddbc4d6586492f77763b5ec268836e43007dd2beb0b0df95173c9e37449707a1a8bd9b293ed7addaefb320b
-AUX postgresql-12-xml-2.12.patch 3114 BLAKE2B dc2718f387fa1f28b2d5ccb04959cedb99f692227d97c494f9b2315f96a9cb64991a60565ca76c20384de1d201aa503fbdd6df2b8ea607a77a06fcf43ee0f309 SHA512 9d07fc0df0db6060d23b068074eaa74ca30f96c32f84ad06510031e55ccf891b34c82ac11684202122e5e33e5b503912906a073c7608cb6231eb6f7bf489f5be
 AUX postgresql-12.1-no-server.patch 2965 BLAKE2B 168f39c02f0614c57a60c0ce3bb540e0d29dc407c569661d0cd29ddb57657bfada44aa90ca915c8474ca5541ac1f4cc152fbd70c105efcbe83f9e5b9f918eeb5 SHA512 5e025da1cb5f696821b19093ab893667426a08b1bbc8e3f748d34207730026625b61a8cfd2596af124080a4a292363546dce5b703ce6164efceceabc6b170aa2
-AUX postgresql-13-openssl3.2.patch 6389 BLAKE2B 6b7a8cf82a9c0424fc0fa1f297623c530531a2db0ee2480e3e3cb94cd7a2f66fd3c07b5db4a164ac8cdea3557ca8f0627533ac19a07be1466413b409f6812dea SHA512 524eb2a4076f45bd978f034da03731e79a59ae5e0cae8f0d525e17bdacf0c23f24cb6ce38171447101ba229ece952244ae58199b821a1f3ec6bb9d5657543995
-AUX postgresql-13-xml-2.12.patch 3114 BLAKE2B 8ea1a2fd9c978047cfcf6a2dcbce192e62706b2218cd65ef29296880905ce0d02eae7923f8483ea62c68e85860c0115e65027eb0fb604a1c27c9810b80de6da2 SHA512 2ca7d0311ac0cf4ab19b41d9e8cf4624e95ad5d4efd0b978bf97620a9fe131dd6c69db580944ba0831d64996a40ef69391189a9fd50bb64501e8516c972bca93
 AUX postgresql-13.3-riscv-spinlocks.patch 966 BLAKE2B 4834d47b01e1f8e122fa940a84e1e790686d96b538d27f253724f7be454c455c6853cdadf41da5cafeb8767012b45a6eef742685117afaaa78e0e9a930c728c8 SHA512 1c217ec177a1669fcaeffe2cce241b5ba2cba6425d9eee8bf50dce6626e70e2d063776e1ced4590cbf9ffc046ede02dbe4f06bdfb7bc4c3dcb0f028c128c15ea
 AUX postgresql-13.8-no-server.patch 2985 BLAKE2B 81a4a7c1d3c9e104ea7a575a14eecada57b62ed652b4401b459886250518179b1f68efd73246773cf7b745c298ac59f0e5f693f2ac0e6e0fd4a29c4c431e3715 SHA512 7a3fd3f8411c59b812da6deaf743247c0e728aca653fb66860a7a6e55704bc732327dcf917ce17fe089003740131d4d92879e171b4b9ff262fef0743f6f50122
-AUX postgresql-14-openssl3.2.patch 7707 BLAKE2B 50035cdbfea58798d8ece7edb13c552ada5167999b070b2582ae2f020fa136a17dcc75c0ceae5255074284f587a7b032eca6ffa53cc1f75de3637746157f7ef7 SHA512 93ad6d528d0ebafd947327212eec33d91a1f9e2d7fdaf1c67040c5da96e9ba9d97b3bf7db399a260b97e116f1f2cd817443fadd1aeea5b196024ce14cb80a357
-AUX postgresql-14-xml-2.12.patch 3114 BLAKE2B 1aff5b23809d14d7daeea4bc2c9c80529d1c2bf04f5cc3bd5d00bc4c8a9790652437137813dcf8e563258d1acfd44805a2c83784e5dd4be0d403f960e978eb8e SHA512 f2bc93294994d928324fd08d669f5d77fc0e63c493150c5ac589c7c61bde277ee96c45386117c7e0865c4c4d31cf8e4b5bd1b9a8da13b16499f0813f780bd755
 AUX postgresql-14.5-no-server.patch 3018 BLAKE2B cbb900bcb7bcc8e788369829811da0d57a45682a77ac54f430cab7ebf6df9ff10489d50d129fa5b24bfff80929497b3107a8e650962b8e772d6b0bee610f05a9 SHA512 90e88567af5f30969e946295c4c058cd245bdd7dce01d48b70aa3dd000cf9e54570ed1b6bcc423a10ed0b7102047927da19bd26f5714e003ccffde967c77db26
-AUX postgresql-15-openssl3.2.patch 7609 BLAKE2B 63e806aab619b79c174c299990cf45c031d0150c8c80afe9fcf217f75673c0b28c64879b305bd700afa9873ff8a7c3da4587d3fe6789b2f12bbe4c4d9c738120 SHA512 871c75ff34b60248ffd4a3de8c03abb546430a5e7aba9f361b53f4b6fb27a6b58e927d84a5ba4c50ce8c667157dafefe63b41e69e4b7b8e86f93e276a2468f0b
-AUX postgresql-15-xml-2.12.patch 3114 BLAKE2B 32d32553e666c8dd04b5df3dc52c88b26230361a68b8a8f92faf2b430bd91d998df7280399df6c0c077931d2ea1c0eb19169ffe5a1990a1c66d7942cb57b889c SHA512 b913188055fa1314a899835c6365904952badf0ae5793fa87b3e86a9cd6bc86357f2385137cdc2bf87b80661ffaa09f9c23f39eb9527d9e65cd16d105a8ed66c
 AUX postgresql-15_beta3-no-server.patch 3061 BLAKE2B aeba13501762f4e21653ad65ab10f708d604c393797766c1acad207a7889e02eb2806c0f6823fcbf9f2891be85d17ff7d3ba6066afe5f5fde3b9b39e56bfa5f7 SHA512 a41d01f994c4301ec059615446a3cc03cd16af67e3a3c1c0fa73b145c1b910de38d5a4a4757ad861c9cd11124f1d2d13f6503be2e5a2bb28f803fb03b055edb5
-AUX postgresql-16-openssl3.2.patch 8637 BLAKE2B eacc36e7c85ff1f36b2c4c087d8bb332e03fe084391563ea6c3440c1d29c9b0479f3095ec2479f38120a05a25cd048aa043e7f5f0652b795e29c104b14ff2514 SHA512 fa9a310aa3bbb7c4b05480f4f62e61a11f2993174f09580350875083721c11f73dca3e06d062a466f38b3ad2df83a1548838c8431b272c438152ea859eb94a5f
-AUX postgresql-16-xml-2.12.patch 3178 BLAKE2B 366e2b7496c0ec5615c01c2815dd89813c6edfbacdef7038a4804531e3e6ec4fea07fad6859a9b4bd17533e2e56ca48490e783998e20b704c672283d04247280 SHA512 dad70ffff7a2bbf71cc9ce5476fa2aadf5dabf8088a2fa787969d3612160c8c0dfe9efbf7ea7568ce6fbc01bacf05042ad95e665a5eac8c3341cd487eb4e04ff
 AUX postgresql-check-db-dir 1013 BLAKE2B 2be45942d0442822113879708c11dfde267938b6e7118bd225f567ca9fdacb11082792eabcb40b8a39cd6017fdedb18100576fea0895dae2dcda83c2d51de34d SHA512 2f34ee0cb6a889500ccfca7621ada6ee1bb06dc146f3c556938152dd3d7c0312266bb4db5f4099838d93ade26e2b8866dfddb3576cb5a737431ea2befd0cec6f
 AUX postgresql.confd-9.3 2477 BLAKE2B 0d42eedb99c951c8c60ed02abb5d4526bc288e8dd50b048cb3ab374239f1929aa80d10306037e45188a81593163121c029b91f9149365bff02ff7bfd0fe52ac4 SHA512 6c9e7c2de31eace2b3ce771a29eb354b143ea81f85d9d7ef601f302b7ae71c1c3badde8765fb7757dadcf0c49dcfa1116977e8b7f1e238350d3732962267147f
 AUX postgresql.init-9.3-r1 4999 BLAKE2B f2bc23a51b6d9643bbc14320aaa9c41b7eb1df86f8b760b9146739b14060178a415fe49b77a47b6bc5522759759fa0aefa9f0050b340534a64c2f22f89c7825d SHA512 a0f003c7d00b9749b8b25fce8ac728869e0c8f5a3c87e699b62806207413d5abba8db1e9d35e801316fbfb0ee070eb3b6a099b7991065c21cdb27ca7dc164bed
diff --git a/dev-db/postgresql/files/postgresql-12-openssl3.2.patch b/dev-db/postgresql/files/postgresql-12-openssl3.2.patch
deleted file mode 100644
index 62b254d220c6..000000000000
--- a/dev-db/postgresql/files/postgresql-12-openssl3.2.patch
+++ /dev/null
@@ -1,178 +0,0 @@
-commit 6bb4ce36b302296fd09abb097b5e28b66117be92
-Author: Tom Lane <tgl@sss.pgh.pa.us>
-Date:   Tue Nov 28 12:34:03 2023 -0500
-
-    Use BIO_{get,set}_app_data instead of BIO_{get,set}_data.
-    
-    We should have done it this way all along, but we accidentally got
-    away with using the wrong BIO field up until OpenSSL 3.2.  There,
-    the library's BIO routines that we rely on use the "data" field
-    for their own purposes, and our conflicting use causes assorted
-    weird behaviors up to and including core dumps when SSL connections
-    are attempted.  Switch to using the approved field for the purpose,
-    i.e. app_data.
-    
-    While at it, remove our configure probes for BIO_get_data as well
-    as the fallback implementation.  BIO_{get,set}_app_data have been
-    there since long before any OpenSSL version that we still support,
-    even in the back branches.
-    
-    Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor
-    change in an error message spelling that evidently came in with 3.2.
-    
-    Tristan Partin and Bo Andreson.  Back-patch to all supported branches.
-    
-    Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com
-
-diff --git a/configure b/configure
-index cce104aebb..346ea8e2c1 100755
---- a/configure
-+++ b/configure
-@@ -12641,7 +12641,7 @@ done
-   # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
-   # doesn't have these OpenSSL 1.1.0 functions. So check for individual
-   # functions.
--  for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data
-+  for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data
- do :
-   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
- ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-diff --git a/configure.in b/configure.in
-index 3c93e7a944..2c15b20049 100644
---- a/configure.in
-+++ b/configure.in
-@@ -1290,7 +1290,7 @@ if test "$with_openssl" = yes ; then
-   # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
-   # doesn't have these OpenSSL 1.1.0 functions. So check for individual
-   # functions.
--  AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data])
-+  AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data])
-   # OpenSSL versions before 1.1.0 required setting callback functions, for
-   # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock()
-   # function was removed.
-diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
-index b0a1f7258a..34f8f9e71e 100644
---- a/src/backend/libpq/be-secure-openssl.c
-+++ b/src/backend/libpq/be-secure-openssl.c
-@@ -699,11 +699,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
-  * to retry; do we need to adopt their logic for that?
-  */
- 
--#ifndef HAVE_BIO_GET_DATA
--#define BIO_get_data(bio) (bio->ptr)
--#define BIO_set_data(bio, data) (bio->ptr = data)
--#endif
--
- static BIO_METHOD *my_bio_methods = NULL;
- 
- static int
-@@ -713,7 +708,7 @@ my_sock_read(BIO *h, char *buf, int size)
- 
- 	if (buf != NULL)
- 	{
--		res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size);
-+		res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size);
- 		BIO_clear_retry_flags(h);
- 		if (res <= 0)
- 		{
-@@ -733,7 +728,7 @@ my_sock_write(BIO *h, const char *buf, int size)
- {
- 	int			res = 0;
- 
--	res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size);
-+	res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res <= 0)
- 	{
-@@ -809,7 +804,7 @@ my_SSL_set_fd(Port *port, int fd)
- 		SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
- 		goto err;
- 	}
--	BIO_set_data(bio, port);
-+	BIO_set_app_data(bio, port);
- 
- 	BIO_set_fd(bio, fd, BIO_NOCLOSE);
- 	SSL_set_bio(port->ssl, bio, bio);
-diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in
-index 457a8713cc..1e9d21c3e4 100644
---- a/src/include/pg_config.h.in
-+++ b/src/include/pg_config.h.in
-@@ -96,9 +96,6 @@
- /* Define to 1 if you have the <atomic.h> header file. */
- #undef HAVE_ATOMIC_H
- 
--/* Define to 1 if you have the `BIO_get_data' function. */
--#undef HAVE_BIO_GET_DATA
--
- /* Define to 1 if you have the `BIO_meth_new' function. */
- #undef HAVE_BIO_METH_NEW
- 
-diff --git a/src/include/pg_config.h.win32 b/src/include/pg_config.h.win32
-index 42fd7067f1..37accc560b 100644
---- a/src/include/pg_config.h.win32
-+++ b/src/include/pg_config.h.win32
-@@ -75,9 +75,6 @@
- /* Define to 1 if you have the `ASN1_STRING_get0_data' function. */
- /* #undef HAVE_ASN1_STRING_GET0_DATA */
- 
--/* Define to 1 if you have the `BIO_get_data' function. */
--/* #undef HAVE_BIO_GET_DATA */
--
- /* Define to 1 if you have the `BIO_meth_new' function. */
- /* #undef HAVE_BIO_METH_NEW */
- 
-diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
-index 5948a37983..5729dd9acf 100644
---- a/src/interfaces/libpq/fe-secure-openssl.c
-+++ b/src/interfaces/libpq/fe-secure-openssl.c
-@@ -1491,10 +1491,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name)
-  * to retry; do we need to adopt their logic for that?
-  */
- 
--#ifndef HAVE_BIO_GET_DATA
--#define BIO_get_data(bio) (bio->ptr)
--#define BIO_set_data(bio, data) (bio->ptr = data)
--#endif
-+/* protected by ssl_config_mutex */
- 
- static BIO_METHOD *my_bio_methods;
- 
-@@ -1503,7 +1500,7 @@ my_sock_read(BIO *h, char *buf, int size)
- {
- 	int			res;
- 
--	res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size);
-+	res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res < 0)
- 	{
-@@ -1533,7 +1530,7 @@ my_sock_write(BIO *h, const char *buf, int size)
- {
- 	int			res;
- 
--	res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size);
-+	res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res < 0)
- 	{
-@@ -1624,7 +1621,7 @@ my_SSL_set_fd(PGconn *conn, int fd)
- 		SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
- 		goto err;
- 	}
--	BIO_set_data(bio, conn);
-+	BIO_set_app_data(bio, conn);
- 
- 	SSL_set_bio(conn->ssl, bio, bio);
- 	BIO_set_fd(bio, fd, BIO_NOCLOSE);
-diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm
-index 20ce233af4..a7e5fdbda9 100644
---- a/src/tools/msvc/Solution.pm
-+++ b/src/tools/msvc/Solution.pm
-@@ -273,7 +273,6 @@ sub GenerateFiles
- 				|| ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0'))
- 			{
- 				print $o "#define HAVE_ASN1_STRING_GET0_DATA 1\n";
--				print $o "#define HAVE_BIO_GET_DATA 1\n";
- 				print $o "#define HAVE_BIO_METH_NEW 1\n";
- 				print $o "#define HAVE_OPENSSL_INIT_SSL 1\n";
- 			}
diff --git a/dev-db/postgresql/files/postgresql-12-xml-2.12.patch b/dev-db/postgresql/files/postgresql-12-xml-2.12.patch
deleted file mode 100644
index 2929eb7302e2..000000000000
--- a/dev-db/postgresql/files/postgresql-12-xml-2.12.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-From b2fd1dab90240ebb9017cd2fddd731c3641ba434 Mon Sep 17 00:00:00 2001
-From: Tom Lane <tgl@sss.pgh.pa.us>
-Date: Mon, 29 Jan 2024 12:06:08 -0500
-Subject: [PATCH] Fix incompatibilities with libxml2 >= 2.12.0.
-
-libxml2 changed the required signature of error handler callbacks
-to make the passed xmlError struct "const".  This is causing build
-failures on buildfarm member caiman, and no doubt will start showing
-up in the field quite soon.  Add a version check to adjust the
-declaration of xml_errorHandler() according to LIBXML_VERSION.
-
-2.12.x also produces deprecation warnings for contrib/xml2/xpath.c's
-assignment to xmlLoadExtDtdDefaultValue.  I see no good reason for
-that to still be there, seeing that we disabled external DTDs (at a
-lower level) years ago for security reasons.  Let's just remove it.
-
-Back-patch to all supported branches, since they might all get built
-with newer libxml2 once it gets a bit more popular.  (The back
-branches produce another deprecation warning about xpath.c's use of
-xmlSubstituteEntitiesDefault().  We ought to consider whether to
-back-patch all or part of commit 65c5864d7 to silence that.  It's
-less urgent though, since it won't break the buildfarm.)
-
-Discussion: https://postgr.es/m/1389505.1706382262@sss.pgh.pa.us
----
- contrib/xml2/xpath.c        |  1 -
- src/backend/utils/adt/xml.c | 14 ++++++++++++--
- 2 files changed, 12 insertions(+), 3 deletions(-)
-
-diff --git a/contrib/xml2/xpath.c b/contrib/xml2/xpath.c
-index 1e5b71d9a0..f44caf0020 100644
---- a/contrib/xml2/xpath.c
-+++ b/contrib/xml2/xpath.c
-@@ -75,7 +75,6 @@ pgxml_parser_init(PgXmlStrictness strictness)
- 	xmlInitParser();
- 
- 	xmlSubstituteEntitiesDefault(1);
--	xmlLoadExtDtdDefaultValue = 1;
- 
- 	return xmlerrcxt;
- }
-diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c
-index 9f319077cb..51b16f2b73 100644
---- a/src/backend/utils/adt/xml.c
-+++ b/src/backend/utils/adt/xml.c
-@@ -65,6 +65,16 @@
- #if LIBXML_VERSION >= 20704
- #define HAVE_XMLSTRUCTUREDERRORCONTEXT 1
- #endif
-+
-+/*
-+ * libxml2 2.12 decided to insert "const" into the error handler API.
-+ */
-+#if LIBXML_VERSION >= 21200
-+#define PgXmlErrorPtr const xmlError *
-+#else
-+#define PgXmlErrorPtr xmlErrorPtr
-+#endif
-+
- #endif							/* USE_LIBXML */
- 
- #include "access/htup_details.h"
-@@ -119,7 +129,7 @@ struct PgXmlErrorContext
- 
- static xmlParserInputPtr xmlPgEntityLoader(const char *URL, const char *ID,
- 										   xmlParserCtxtPtr ctxt);
--static void xml_errorHandler(void *data, xmlErrorPtr error);
-+static void xml_errorHandler(void *data, PgXmlErrorPtr error);
- static void xml_ereport_by_code(int level, int sqlcode,
- 								const char *msg, int errcode);
- static void chopStringInfoNewlines(StringInfo str);
-@@ -1752,7 +1762,7 @@ xml_ereport(PgXmlErrorContext *errcxt, int level, int sqlcode, const char *msg)
-  * Error handler for libxml errors and warnings
-  */
- static void
--xml_errorHandler(void *data, xmlErrorPtr error)
-+xml_errorHandler(void *data, PgXmlErrorPtr error)
- {
- 	PgXmlErrorContext *xmlerrcxt = (PgXmlErrorContext *) data;
- 	xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) error->ctxt;
--- 
-2.30.2
-
diff --git a/dev-db/postgresql/files/postgresql-13-openssl3.2.patch b/dev-db/postgresql/files/postgresql-13-openssl3.2.patch
deleted file mode 100644
index fbb80a3ecb20..000000000000
--- a/dev-db/postgresql/files/postgresql-13-openssl3.2.patch
+++ /dev/null
@@ -1,172 +0,0 @@
-commit dc8936b9dba79c80aaba8e7232434fb200e95725
-Author: Tom Lane <tgl@sss.pgh.pa.us>
-Date:   Tue Nov 28 12:34:03 2023 -0500
-
-    Use BIO_{get,set}_app_data instead of BIO_{get,set}_data.
-    
-    We should have done it this way all along, but we accidentally got
-    away with using the wrong BIO field up until OpenSSL 3.2.  There,
-    the library's BIO routines that we rely on use the "data" field
-    for their own purposes, and our conflicting use causes assorted
-    weird behaviors up to and including core dumps when SSL connections
-    are attempted.  Switch to using the approved field for the purpose,
-    i.e. app_data.
-    
-    While at it, remove our configure probes for BIO_get_data as well
-    as the fallback implementation.  BIO_{get,set}_app_data have been
-    there since long before any OpenSSL version that we still support,
-    even in the back branches.
-    
-    Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor
-    change in an error message spelling that evidently came in with 3.2.
-    
-    Tristan Partin and Bo Andreson.  Back-patch to all supported branches.
-    
-    Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com
-
-diff --git a/configure b/configure
-index 2fc7dca504..b7caf88229 100755
---- a/configure
-+++ b/configure
-@@ -12713,7 +12713,7 @@ done
-   # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
-   # doesn't have these OpenSSL 1.1.0 functions. So check for individual
-   # functions.
--  for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data
-+  for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data
- do :
-   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
- ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-diff --git a/configure.in b/configure.in
-index eaca132607..9aec28c8d1 100644
---- a/configure.in
-+++ b/configure.in
-@@ -1275,7 +1275,7 @@ if test "$with_openssl" = yes ; then
-   # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
-   # doesn't have these OpenSSL 1.1.0 functions. So check for individual
-   # functions.
--  AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data])
-+  AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data])
-   # OpenSSL versions before 1.1.0 required setting callback functions, for
-   # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock()
-   # function was removed.
-diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
-index 55fe59276a..9e22911379 100644
---- a/src/backend/libpq/be-secure-openssl.c
-+++ b/src/backend/libpq/be-secure-openssl.c
-@@ -748,11 +748,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
-  * to retry; do we need to adopt their logic for that?
-  */
- 
--#ifndef HAVE_BIO_GET_DATA
--#define BIO_get_data(bio) (bio->ptr)
--#define BIO_set_data(bio, data) (bio->ptr = data)
--#endif
--
- static BIO_METHOD *my_bio_methods = NULL;
- 
- static int
-@@ -762,7 +757,7 @@ my_sock_read(BIO *h, char *buf, int size)
- 
- 	if (buf != NULL)
- 	{
--		res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size);
-+		res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size);
- 		BIO_clear_retry_flags(h);
- 		if (res <= 0)
- 		{
-@@ -782,7 +777,7 @@ my_sock_write(BIO *h, const char *buf, int size)
- {
- 	int			res = 0;
- 
--	res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size);
-+	res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res <= 0)
- 	{
-@@ -858,7 +853,7 @@ my_SSL_set_fd(Port *port, int fd)
- 		SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
- 		goto err;
- 	}
--	BIO_set_data(bio, port);
-+	BIO_set_app_data(bio, port);
- 
- 	BIO_set_fd(bio, fd, BIO_NOCLOSE);
- 	SSL_set_bio(port->ssl, bio, bio);
-diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in
-index 13fc4e0db6..978e685c70 100644
---- a/src/include/pg_config.h.in
-+++ b/src/include/pg_config.h.in
-@@ -86,9 +86,6 @@
- /* Define to 1 if you have the `backtrace_symbols' function. */
- #undef HAVE_BACKTRACE_SYMBOLS
- 
--/* Define to 1 if you have the `BIO_get_data' function. */
--#undef HAVE_BIO_GET_DATA
--
- /* Define to 1 if you have the `BIO_meth_new' function. */
- #undef HAVE_BIO_METH_NEW
- 
-diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
-index 07d5daf4d9..73b1720c4c 100644
---- a/src/interfaces/libpq/fe-secure-openssl.c
-+++ b/src/interfaces/libpq/fe-secure-openssl.c
-@@ -1602,10 +1602,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name)
-  * to retry; do we need to adopt their logic for that?
-  */
- 
--#ifndef HAVE_BIO_GET_DATA
--#define BIO_get_data(bio) (bio->ptr)
--#define BIO_set_data(bio, data) (bio->ptr = data)
--#endif
-+/* protected by ssl_config_mutex */
- 
- static BIO_METHOD *my_bio_methods;
- 
-@@ -1614,7 +1611,7 @@ my_sock_read(BIO *h, char *buf, int size)
- {
- 	int			res;
- 
--	res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size);
-+	res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res < 0)
- 	{
-@@ -1644,7 +1641,7 @@ my_sock_write(BIO *h, const char *buf, int size)
- {
- 	int			res;
- 
--	res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size);
-+	res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res < 0)
- 	{
-@@ -1735,7 +1732,7 @@ my_SSL_set_fd(PGconn *conn, int fd)
- 		SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
- 		goto err;
- 	}
--	BIO_set_data(bio, conn);
-+	BIO_set_app_data(bio, conn);
- 
- 	SSL_set_bio(conn->ssl, bio, bio);
- 	BIO_set_fd(bio, fd, BIO_NOCLOSE);
-diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm
-index 78328e1fac..e88e3967cd 100644
---- a/src/tools/msvc/Solution.pm
-+++ b/src/tools/msvc/Solution.pm
-@@ -226,7 +226,6 @@ sub GenerateFiles
- 		HAVE_ATOMICS               => 1,
- 		HAVE_ATOMIC_H              => undef,
- 		HAVE_BACKTRACE_SYMBOLS     => undef,
--		HAVE_BIO_GET_DATA          => undef,
- 		HAVE_BIO_METH_NEW          => undef,
- 		HAVE_CLOCK_GETTIME         => undef,
- 		HAVE_COMPUTED_GOTO         => undef,
-@@ -543,7 +542,6 @@ sub GenerateFiles
- 			|| ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0'))
- 		{
- 			$define{HAVE_ASN1_STRING_GET0_DATA} = 1;
--			$define{HAVE_BIO_GET_DATA}          = 1;
- 			$define{HAVE_BIO_METH_NEW}          = 1;
- 			$define{HAVE_OPENSSL_INIT_SSL}      = 1;
- 		}
diff --git a/dev-db/postgresql/files/postgresql-13-xml-2.12.patch b/dev-db/postgresql/files/postgresql-13-xml-2.12.patch
deleted file mode 100644
index a8daa6e7ce2f..000000000000
--- a/dev-db/postgresql/files/postgresql-13-xml-2.12.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-From 7c53b1977ba6bed81deca3164c17e61f10725226 Mon Sep 17 00:00:00 2001
-From: Tom Lane <tgl@sss.pgh.pa.us>
-Date: Mon, 29 Jan 2024 12:06:08 -0500
-Subject: [PATCH] Fix incompatibilities with libxml2 >= 2.12.0.
-
-libxml2 changed the required signature of error handler callbacks
-to make the passed xmlError struct "const".  This is causing build
-failures on buildfarm member caiman, and no doubt will start showing
-up in the field quite soon.  Add a version check to adjust the
-declaration of xml_errorHandler() according to LIBXML_VERSION.
-
-2.12.x also produces deprecation warnings for contrib/xml2/xpath.c's
-assignment to xmlLoadExtDtdDefaultValue.  I see no good reason for
-that to still be there, seeing that we disabled external DTDs (at a
-lower level) years ago for security reasons.  Let's just remove it.
-
-Back-patch to all supported branches, since they might all get built
-with newer libxml2 once it gets a bit more popular.  (The back
-branches produce another deprecation warning about xpath.c's use of
-xmlSubstituteEntitiesDefault().  We ought to consider whether to
-back-patch all or part of commit 65c5864d7 to silence that.  It's
-less urgent though, since it won't break the buildfarm.)
-
-Discussion: https://postgr.es/m/1389505.1706382262@sss.pgh.pa.us
----
- contrib/xml2/xpath.c        |  1 -
- src/backend/utils/adt/xml.c | 14 ++++++++++++--
- 2 files changed, 12 insertions(+), 3 deletions(-)
-
-diff --git a/contrib/xml2/xpath.c b/contrib/xml2/xpath.c
-index 1e5b71d9a0..f44caf0020 100644
---- a/contrib/xml2/xpath.c
-+++ b/contrib/xml2/xpath.c
-@@ -75,7 +75,6 @@ pgxml_parser_init(PgXmlStrictness strictness)
- 	xmlInitParser();
- 
- 	xmlSubstituteEntitiesDefault(1);
--	xmlLoadExtDtdDefaultValue = 1;
- 
- 	return xmlerrcxt;
- }
-diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c
-index 7fc9669fb0..febe0a6220 100644
---- a/src/backend/utils/adt/xml.c
-+++ b/src/backend/utils/adt/xml.c
-@@ -65,6 +65,16 @@
- #if LIBXML_VERSION >= 20704
- #define HAVE_XMLSTRUCTUREDERRORCONTEXT 1
- #endif
-+
-+/*
-+ * libxml2 2.12 decided to insert "const" into the error handler API.
-+ */
-+#if LIBXML_VERSION >= 21200
-+#define PgXmlErrorPtr const xmlError *
-+#else
-+#define PgXmlErrorPtr xmlErrorPtr
-+#endif
-+
- #endif							/* USE_LIBXML */
- 
- #include "access/htup_details.h"
-@@ -119,7 +129,7 @@ struct PgXmlErrorContext
- 
- static xmlParserInputPtr xmlPgEntityLoader(const char *URL, const char *ID,
- 										   xmlParserCtxtPtr ctxt);
--static void xml_errorHandler(void *data, xmlErrorPtr error);
-+static void xml_errorHandler(void *data, PgXmlErrorPtr error);
- static void xml_ereport_by_code(int level, int sqlcode,
- 								const char *msg, int errcode);
- static void chopStringInfoNewlines(StringInfo str);
-@@ -1750,7 +1760,7 @@ xml_ereport(PgXmlErrorContext *errcxt, int level, int sqlcode, const char *msg)
-  * Error handler for libxml errors and warnings
-  */
- static void
--xml_errorHandler(void *data, xmlErrorPtr error)
-+xml_errorHandler(void *data, PgXmlErrorPtr error)
- {
- 	PgXmlErrorContext *xmlerrcxt = (PgXmlErrorContext *) data;
- 	xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) error->ctxt;
--- 
-2.30.2
-
diff --git a/dev-db/postgresql/files/postgresql-14-openssl3.2.patch b/dev-db/postgresql/files/postgresql-14-openssl3.2.patch
deleted file mode 100644
index c8064adc23a6..000000000000
--- a/dev-db/postgresql/files/postgresql-14-openssl3.2.patch
+++ /dev/null
@@ -1,195 +0,0 @@
-commit 50e866f5f3be671620490e3cb3eea533f1677f6c
-Author: Tom Lane <tgl@sss.pgh.pa.us>
-Date:   Tue Nov 28 12:34:03 2023 -0500
-
-    Use BIO_{get,set}_app_data instead of BIO_{get,set}_data.
-    
-    We should have done it this way all along, but we accidentally got
-    away with using the wrong BIO field up until OpenSSL 3.2.  There,
-    the library's BIO routines that we rely on use the "data" field
-    for their own purposes, and our conflicting use causes assorted
-    weird behaviors up to and including core dumps when SSL connections
-    are attempted.  Switch to using the approved field for the purpose,
-    i.e. app_data.
-    
-    While at it, remove our configure probes for BIO_get_data as well
-    as the fallback implementation.  BIO_{get,set}_app_data have been
-    there since long before any OpenSSL version that we still support,
-    even in the back branches.
-    
-    Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor
-    change in an error message spelling that evidently came in with 3.2.
-    
-    Tristan Partin and Bo Andreson.  Back-patch to all supported branches.
-    
-    Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com
-
-diff --git a/configure b/configure
-index 62a921b5e7..f74b9862a0 100755
---- a/configure
-+++ b/configure
-@@ -13071,7 +13071,7 @@ done
-   # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
-   # doesn't have these OpenSSL 1.1.0 functions. So check for individual
-   # functions.
--  for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free
-+  for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free
- do :
-   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
- ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-diff --git a/configure.ac b/configure.ac
-index a3243cc7e8..46624d2a11 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1311,7 +1311,7 @@ if test "$with_ssl" = openssl ; then
-   # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
-   # doesn't have these OpenSSL 1.1.0 functions. So check for individual
-   # functions.
--  AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free])
-+  AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free])
-   # OpenSSL versions before 1.1.0 required setting callback functions, for
-   # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock()
-   # function was removed.
-diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
-index 13ac961442..e39952494e 100644
---- a/src/backend/libpq/be-secure-openssl.c
-+++ b/src/backend/libpq/be-secure-openssl.c
-@@ -823,11 +823,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
-  * to retry; do we need to adopt their logic for that?
-  */
- 
--#ifndef HAVE_BIO_GET_DATA
--#define BIO_get_data(bio) (bio->ptr)
--#define BIO_set_data(bio, data) (bio->ptr = data)
--#endif
--
- static BIO_METHOD *my_bio_methods = NULL;
- 
- static int
-@@ -837,7 +832,7 @@ my_sock_read(BIO *h, char *buf, int size)
- 
- 	if (buf != NULL)
- 	{
--		res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size);
-+		res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size);
- 		BIO_clear_retry_flags(h);
- 		if (res <= 0)
- 		{
-@@ -857,7 +852,7 @@ my_sock_write(BIO *h, const char *buf, int size)
- {
- 	int			res = 0;
- 
--	res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size);
-+	res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res <= 0)
- 	{
-@@ -933,7 +928,7 @@ my_SSL_set_fd(Port *port, int fd)
- 		SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
- 		goto err;
- 	}
--	BIO_set_data(bio, port);
-+	BIO_set_app_data(bio, port);
- 
- 	BIO_set_fd(bio, fd, BIO_NOCLOSE);
- 	SSL_set_bio(port->ssl, bio, bio);
-diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in
-index 40d513c128..51fa911fb6 100644
---- a/src/include/pg_config.h.in
-+++ b/src/include/pg_config.h.in
-@@ -86,9 +86,6 @@
- /* Define to 1 if you have the `backtrace_symbols' function. */
- #undef HAVE_BACKTRACE_SYMBOLS
- 
--/* Define to 1 if you have the `BIO_get_data' function. */
--#undef HAVE_BIO_GET_DATA
--
- /* Define to 1 if you have the `BIO_meth_new' function. */
- #undef HAVE_BIO_METH_NEW
- 
-diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
-index 7f27767da6..383fdbe80e 100644
---- a/src/interfaces/libpq/fe-secure-openssl.c
-+++ b/src/interfaces/libpq/fe-secure-openssl.c
-@@ -1661,11 +1661,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name)
-  * to retry; do we need to adopt their logic for that?
-  */
- 
--#ifndef HAVE_BIO_GET_DATA
--#define BIO_get_data(bio) (bio->ptr)
--#define BIO_set_data(bio, data) (bio->ptr = data)
--#endif
--
-+/* protected by ssl_config_mutex */
- static BIO_METHOD *my_bio_methods;
- 
- static int
-@@ -1673,7 +1669,7 @@ my_sock_read(BIO *h, char *buf, int size)
- {
- 	int			res;
- 
--	res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size);
-+	res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res < 0)
- 	{
-@@ -1703,7 +1699,7 @@ my_sock_write(BIO *h, const char *buf, int size)
- {
- 	int			res;
- 
--	res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size);
-+	res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res < 0)
- 	{
-@@ -1794,7 +1790,7 @@ my_SSL_set_fd(PGconn *conn, int fd)
- 		SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
- 		goto err;
- 	}
--	BIO_set_data(bio, conn);
-+	BIO_set_app_data(bio, conn);
- 
- 	SSL_set_bio(conn->ssl, bio, bio);
- 	BIO_set_fd(bio, fd, BIO_NOCLOSE);
-diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl
-index 8cdd0d2e68..cc7bd98c83 100644
---- a/src/test/ssl/t/001_ssltests.pl
-+++ b/src/test/ssl/t/001_ssltests.pl
-@@ -538,7 +538,7 @@ $node->connect_fails(
- $node->connect_fails(
- 	"$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt sslkey=ssl/client-revoked_tmp.key",
- 	"certificate authorization fails with revoked client cert",
--	expected_stderr => qr/SSL error: sslv3 alert certificate revoked/,
-+	expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|,
- 	# revoked certificates should not authenticate the user
- 	log_unlike => [qr/connection authenticated:/],);
- 
-@@ -591,7 +591,7 @@ switch_server_cert($node, 'server-cn-only', undef, undef,
- $node->connect_fails(
- 	"$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt sslkey=ssl/client-revoked_tmp.key",
- 	"certificate authorization fails with revoked client cert with server-side CRL directory",
--	expected_stderr => qr/SSL error: sslv3 alert certificate revoked/);
-+	expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|);
- 
- # clean up
- foreach my $key (@keys)
-diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm
-index 577b5afea7..53d60dbd25 100644
---- a/src/tools/msvc/Solution.pm
-+++ b/src/tools/msvc/Solution.pm
-@@ -229,7 +229,6 @@ sub GenerateFiles
- 		HAVE_ATOMICS               => 1,
- 		HAVE_ATOMIC_H              => undef,
- 		HAVE_BACKTRACE_SYMBOLS     => undef,
--		HAVE_BIO_GET_DATA          => undef,
- 		HAVE_BIO_METH_NEW          => undef,
- 		HAVE_CLOCK_GETTIME         => undef,
- 		HAVE_COMPUTED_GOTO         => undef,
-@@ -562,7 +561,6 @@ sub GenerateFiles
- 			|| ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0'))
- 		{
- 			$define{HAVE_ASN1_STRING_GET0_DATA} = 1;
--			$define{HAVE_BIO_GET_DATA}          = 1;
- 			$define{HAVE_BIO_METH_NEW}          = 1;
- 			$define{HAVE_HMAC_CTX_FREE}         = 1;
- 			$define{HAVE_HMAC_CTX_NEW}          = 1;
diff --git a/dev-db/postgresql/files/postgresql-14-xml-2.12.patch b/dev-db/postgresql/files/postgresql-14-xml-2.12.patch
deleted file mode 100644
index 2b1d6b1b3448..000000000000
--- a/dev-db/postgresql/files/postgresql-14-xml-2.12.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-From 29e25a6b1eb1b77ecfdbcb5b8dc07c8a6cdcf089 Mon Sep 17 00:00:00 2001
-From: Tom Lane <tgl@sss.pgh.pa.us>
-Date: Mon, 29 Jan 2024 12:06:08 -0500
-Subject: [PATCH] Fix incompatibilities with libxml2 >= 2.12.0.
-
-libxml2 changed the required signature of error handler callbacks
-to make the passed xmlError struct "const".  This is causing build
-failures on buildfarm member caiman, and no doubt will start showing
-up in the field quite soon.  Add a version check to adjust the
-declaration of xml_errorHandler() according to LIBXML_VERSION.
-
-2.12.x also produces deprecation warnings for contrib/xml2/xpath.c's
-assignment to xmlLoadExtDtdDefaultValue.  I see no good reason for
-that to still be there, seeing that we disabled external DTDs (at a
-lower level) years ago for security reasons.  Let's just remove it.
-
-Back-patch to all supported branches, since they might all get built
-with newer libxml2 once it gets a bit more popular.  (The back
-branches produce another deprecation warning about xpath.c's use of
-xmlSubstituteEntitiesDefault().  We ought to consider whether to
-back-patch all or part of commit 65c5864d7 to silence that.  It's
-less urgent though, since it won't break the buildfarm.)
-
-Discussion: https://postgr.es/m/1389505.1706382262@sss.pgh.pa.us
----
- contrib/xml2/xpath.c        |  1 -
- src/backend/utils/adt/xml.c | 14 ++++++++++++--
- 2 files changed, 12 insertions(+), 3 deletions(-)
-
-diff --git a/contrib/xml2/xpath.c b/contrib/xml2/xpath.c
-index 1e5b71d9a0..f44caf0020 100644
---- a/contrib/xml2/xpath.c
-+++ b/contrib/xml2/xpath.c
-@@ -75,7 +75,6 @@ pgxml_parser_init(PgXmlStrictness strictness)
- 	xmlInitParser();
- 
- 	xmlSubstituteEntitiesDefault(1);
--	xmlLoadExtDtdDefaultValue = 1;
- 
- 	return xmlerrcxt;
- }
-diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c
-index df7a1b6c40..d7caaaaca0 100644
---- a/src/backend/utils/adt/xml.c
-+++ b/src/backend/utils/adt/xml.c
-@@ -65,6 +65,16 @@
- #if LIBXML_VERSION >= 20704
- #define HAVE_XMLSTRUCTUREDERRORCONTEXT 1
- #endif
-+
-+/*
-+ * libxml2 2.12 decided to insert "const" into the error handler API.
-+ */
-+#if LIBXML_VERSION >= 21200
-+#define PgXmlErrorPtr const xmlError *
-+#else
-+#define PgXmlErrorPtr xmlErrorPtr
-+#endif
-+
- #endif							/* USE_LIBXML */
- 
- #include "access/htup_details.h"
-@@ -119,7 +129,7 @@ struct PgXmlErrorContext
- 
- static xmlParserInputPtr xmlPgEntityLoader(const char *URL, const char *ID,
- 										   xmlParserCtxtPtr ctxt);
--static void xml_errorHandler(void *data, xmlErrorPtr error);
-+static void xml_errorHandler(void *data, PgXmlErrorPtr error);
- static void xml_ereport_by_code(int level, int sqlcode,
- 								const char *msg, int errcode);
- static void chopStringInfoNewlines(StringInfo str);
-@@ -1750,7 +1760,7 @@ xml_ereport(PgXmlErrorContext *errcxt, int level, int sqlcode, const char *msg)
-  * Error handler for libxml errors and warnings
-  */
- static void
--xml_errorHandler(void *data, xmlErrorPtr error)
-+xml_errorHandler(void *data, PgXmlErrorPtr error)
- {
- 	PgXmlErrorContext *xmlerrcxt = (PgXmlErrorContext *) data;
- 	xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) error->ctxt;
--- 
-2.30.2
-
diff --git a/dev-db/postgresql/files/postgresql-15-openssl3.2.patch b/dev-db/postgresql/files/postgresql-15-openssl3.2.patch
deleted file mode 100644
index 6e0b954a9f0b..000000000000
--- a/dev-db/postgresql/files/postgresql-15-openssl3.2.patch
+++ /dev/null
@@ -1,194 +0,0 @@
-commit a4927ebffae000198f6054eea26191ac2e50697f
-Author: Tom Lane <tgl@sss.pgh.pa.us>
-Date:   Tue Nov 28 12:34:03 2023 -0500
-
-    Use BIO_{get,set}_app_data instead of BIO_{get,set}_data.
-    
-    We should have done it this way all along, but we accidentally got
-    away with using the wrong BIO field up until OpenSSL 3.2.  There,
-    the library's BIO routines that we rely on use the "data" field
-    for their own purposes, and our conflicting use causes assorted
-    weird behaviors up to and including core dumps when SSL connections
-    are attempted.  Switch to using the approved field for the purpose,
-    i.e. app_data.
-    
-    While at it, remove our configure probes for BIO_get_data as well
-    as the fallback implementation.  BIO_{get,set}_app_data have been
-    there since long before any OpenSSL version that we still support,
-    even in the back branches.
-    
-    Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor
-    change in an error message spelling that evidently came in with 3.2.
-    
-    Tristan Partin and Bo Andreson.  Back-patch to all supported branches.
-    
-    Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com
-
-diff --git a/configure b/configure
-index d83a402ea1..d55440cd6a 100755
---- a/configure
-+++ b/configure
-@@ -13239,7 +13239,7 @@ done
-   # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
-   # doesn't have these OpenSSL 1.1.0 functions. So check for individual
-   # functions.
--  for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free
-+  for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free
- do :
-   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
- ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-diff --git a/configure.ac b/configure.ac
-index 570daced81..2bc752ca1a 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1347,7 +1347,7 @@ if test "$with_ssl" = openssl ; then
-   # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
-   # doesn't have these OpenSSL 1.1.0 functions. So check for individual
-   # functions.
--  AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free])
-+  AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free])
-   # OpenSSL versions before 1.1.0 required setting callback functions, for
-   # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock()
-   # function was removed.
-diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
-index f5c5ed210e..aed8a75345 100644
---- a/src/backend/libpq/be-secure-openssl.c
-+++ b/src/backend/libpq/be-secure-openssl.c
-@@ -839,11 +839,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
-  * to retry; do we need to adopt their logic for that?
-  */
- 
--#ifndef HAVE_BIO_GET_DATA
--#define BIO_get_data(bio) (bio->ptr)
--#define BIO_set_data(bio, data) (bio->ptr = data)
--#endif
--
- static BIO_METHOD *my_bio_methods = NULL;
- 
- static int
-@@ -853,7 +848,7 @@ my_sock_read(BIO *h, char *buf, int size)
- 
- 	if (buf != NULL)
- 	{
--		res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size);
-+		res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size);
- 		BIO_clear_retry_flags(h);
- 		if (res <= 0)
- 		{
-@@ -873,7 +868,7 @@ my_sock_write(BIO *h, const char *buf, int size)
- {
- 	int			res = 0;
- 
--	res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size);
-+	res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res <= 0)
- 	{
-@@ -949,7 +944,7 @@ my_SSL_set_fd(Port *port, int fd)
- 		SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
- 		goto err;
- 	}
--	BIO_set_data(bio, port);
-+	BIO_set_app_data(bio, port);
- 
- 	BIO_set_fd(bio, fd, BIO_NOCLOSE);
- 	SSL_set_bio(port->ssl, bio, bio);
-diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in
-index d09e9f9a1c..768e3d719c 100644
---- a/src/include/pg_config.h.in
-+++ b/src/include/pg_config.h.in
-@@ -77,9 +77,6 @@
- /* Define to 1 if you have the `backtrace_symbols' function. */
- #undef HAVE_BACKTRACE_SYMBOLS
- 
--/* Define to 1 if you have the `BIO_get_data' function. */
--#undef HAVE_BIO_GET_DATA
--
- /* Define to 1 if you have the `BIO_meth_new' function. */
- #undef HAVE_BIO_METH_NEW
- 
-diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
-index af59ff49f7..c19b0dc078 100644
---- a/src/interfaces/libpq/fe-secure-openssl.c
-+++ b/src/interfaces/libpq/fe-secure-openssl.c
-@@ -1800,11 +1800,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name)
-  * to retry; do we need to adopt their logic for that?
-  */
- 
--#ifndef HAVE_BIO_GET_DATA
--#define BIO_get_data(bio) (bio->ptr)
--#define BIO_set_data(bio, data) (bio->ptr = data)
--#endif
--
-+/* protected by ssl_config_mutex */
- static BIO_METHOD *my_bio_methods;
- 
- static int
-@@ -1812,7 +1808,7 @@ my_sock_read(BIO *h, char *buf, int size)
- {
- 	int			res;
- 
--	res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size);
-+	res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res < 0)
- 	{
-@@ -1842,7 +1838,7 @@ my_sock_write(BIO *h, const char *buf, int size)
- {
- 	int			res;
- 
--	res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size);
-+	res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res < 0)
- 	{
-@@ -1933,7 +1929,7 @@ my_SSL_set_fd(PGconn *conn, int fd)
- 		SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
- 		goto err;
- 	}
--	BIO_set_data(bio, conn);
-+	BIO_set_app_data(bio, conn);
- 
- 	SSL_set_bio(conn->ssl, bio, bio);
- 	BIO_set_fd(bio, fd, BIO_NOCLOSE);
-diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl
-index 707f4005af..c570b48a1b 100644
---- a/src/test/ssl/t/001_ssltests.pl
-+++ b/src/test/ssl/t/001_ssltests.pl
-@@ -682,7 +682,7 @@ $node->connect_fails(
- 	"$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt "
- 	  . sslkey('client-revoked.key'),
- 	"certificate authorization fails with revoked client cert",
--	expected_stderr => qr/SSL error: sslv3 alert certificate revoked/,
-+	expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|,
- 	# revoked certificates should not authenticate the user
- 	log_unlike => [qr/connection authenticated:/],);
- 
-@@ -743,6 +743,6 @@ $node->connect_fails(
- 	"$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt "
- 	  . sslkey('client-revoked.key'),
- 	"certificate authorization fails with revoked client cert with server-side CRL directory",
--	expected_stderr => qr/SSL error: sslv3 alert certificate revoked/);
-+	expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|);
- 
- done_testing();
-diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm
-index 790f03b05e..a53239fa28 100644
---- a/src/tools/msvc/Solution.pm
-+++ b/src/tools/msvc/Solution.pm
-@@ -226,7 +226,6 @@ sub GenerateFiles
- 		HAVE_ATOMICS               => 1,
- 		HAVE_ATOMIC_H              => undef,
- 		HAVE_BACKTRACE_SYMBOLS     => undef,
--		HAVE_BIO_GET_DATA          => undef,
- 		HAVE_BIO_METH_NEW          => undef,
- 		HAVE_CLOCK_GETTIME         => undef,
- 		HAVE_COMPUTED_GOTO         => undef,
-@@ -566,7 +565,6 @@ sub GenerateFiles
- 			|| ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0'))
- 		{
- 			$define{HAVE_ASN1_STRING_GET0_DATA} = 1;
--			$define{HAVE_BIO_GET_DATA}          = 1;
- 			$define{HAVE_BIO_METH_NEW}          = 1;
- 			$define{HAVE_HMAC_CTX_FREE}         = 1;
- 			$define{HAVE_HMAC_CTX_NEW}          = 1;
diff --git a/dev-db/postgresql/files/postgresql-15-xml-2.12.patch b/dev-db/postgresql/files/postgresql-15-xml-2.12.patch
deleted file mode 100644
index fd8b963f9381..000000000000
--- a/dev-db/postgresql/files/postgresql-15-xml-2.12.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-From 3f8ac13b19764e3a485772d3cbb3ae6c4047eef2 Mon Sep 17 00:00:00 2001
-From: Tom Lane <tgl@sss.pgh.pa.us>
-Date: Mon, 29 Jan 2024 12:06:07 -0500
-Subject: [PATCH] Fix incompatibilities with libxml2 >= 2.12.0.
-
-libxml2 changed the required signature of error handler callbacks
-to make the passed xmlError struct "const".  This is causing build
-failures on buildfarm member caiman, and no doubt will start showing
-up in the field quite soon.  Add a version check to adjust the
-declaration of xml_errorHandler() according to LIBXML_VERSION.
-
-2.12.x also produces deprecation warnings for contrib/xml2/xpath.c's
-assignment to xmlLoadExtDtdDefaultValue.  I see no good reason for
-that to still be there, seeing that we disabled external DTDs (at a
-lower level) years ago for security reasons.  Let's just remove it.
-
-Back-patch to all supported branches, since they might all get built
-with newer libxml2 once it gets a bit more popular.  (The back
-branches produce another deprecation warning about xpath.c's use of
-xmlSubstituteEntitiesDefault().  We ought to consider whether to
-back-patch all or part of commit 65c5864d7 to silence that.  It's
-less urgent though, since it won't break the buildfarm.)
-
-Discussion: https://postgr.es/m/1389505.1706382262@sss.pgh.pa.us
----
- contrib/xml2/xpath.c        |  1 -
- src/backend/utils/adt/xml.c | 14 ++++++++++++--
- 2 files changed, 12 insertions(+), 3 deletions(-)
-
-diff --git a/contrib/xml2/xpath.c b/contrib/xml2/xpath.c
-index a692dc6be8..94641930f7 100644
---- a/contrib/xml2/xpath.c
-+++ b/contrib/xml2/xpath.c
-@@ -75,7 +75,6 @@ pgxml_parser_init(PgXmlStrictness strictness)
- 	xmlInitParser();
- 
- 	xmlSubstituteEntitiesDefault(1);
--	xmlLoadExtDtdDefaultValue = 1;
- 
- 	return xmlerrcxt;
- }
-diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c
-index 6411f56b99..aae0692586 100644
---- a/src/backend/utils/adt/xml.c
-+++ b/src/backend/utils/adt/xml.c
-@@ -65,6 +65,16 @@
- #if LIBXML_VERSION >= 20704
- #define HAVE_XMLSTRUCTUREDERRORCONTEXT 1
- #endif
-+
-+/*
-+ * libxml2 2.12 decided to insert "const" into the error handler API.
-+ */
-+#if LIBXML_VERSION >= 21200
-+#define PgXmlErrorPtr const xmlError *
-+#else
-+#define PgXmlErrorPtr xmlErrorPtr
-+#endif
-+
- #endif							/* USE_LIBXML */
- 
- #include "access/htup_details.h"
-@@ -119,7 +129,7 @@ struct PgXmlErrorContext
- 
- static xmlParserInputPtr xmlPgEntityLoader(const char *URL, const char *ID,
- 										   xmlParserCtxtPtr ctxt);
--static void xml_errorHandler(void *data, xmlErrorPtr error);
-+static void xml_errorHandler(void *data, PgXmlErrorPtr error);
- static void xml_ereport_by_code(int level, int sqlcode,
- 								const char *msg, int errcode);
- static void chopStringInfoNewlines(StringInfo str);
-@@ -1749,7 +1759,7 @@ xml_ereport(PgXmlErrorContext *errcxt, int level, int sqlcode, const char *msg)
-  * Error handler for libxml errors and warnings
-  */
- static void
--xml_errorHandler(void *data, xmlErrorPtr error)
-+xml_errorHandler(void *data, PgXmlErrorPtr error)
- {
- 	PgXmlErrorContext *xmlerrcxt = (PgXmlErrorContext *) data;
- 	xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) error->ctxt;
--- 
-2.30.2
-
diff --git a/dev-db/postgresql/files/postgresql-16-openssl3.2.patch b/dev-db/postgresql/files/postgresql-16-openssl3.2.patch
deleted file mode 100644
index 2740187d9f4e..000000000000
--- a/dev-db/postgresql/files/postgresql-16-openssl3.2.patch
+++ /dev/null
@@ -1,216 +0,0 @@
-commit 9140a24b312176ebb4e6eb6458b33ce640c04440
-Author: Tom Lane <tgl@sss.pgh.pa.us>
-Date:   Tue Nov 28 12:34:03 2023 -0500
-
-    Use BIO_{get,set}_app_data instead of BIO_{get,set}_data.
-    
-    We should have done it this way all along, but we accidentally got
-    away with using the wrong BIO field up until OpenSSL 3.2.  There,
-    the library's BIO routines that we rely on use the "data" field
-    for their own purposes, and our conflicting use causes assorted
-    weird behaviors up to and including core dumps when SSL connections
-    are attempted.  Switch to using the approved field for the purpose,
-    i.e. app_data.
-    
-    While at it, remove our configure probes for BIO_get_data as well
-    as the fallback implementation.  BIO_{get,set}_app_data have been
-    there since long before any OpenSSL version that we still support,
-    even in the back branches.
-    
-    Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor
-    change in an error message spelling that evidently came in with 3.2.
-    
-    Tristan Partin and Bo Andreson.  Back-patch to all supported branches.
-    
-    Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com
-
-diff --git a/configure b/configure
-index 82e45657b2..907c777b9c 100755
---- a/configure
-+++ b/configure
-@@ -12982,7 +12982,7 @@ done
-   # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
-   # doesn't have these OpenSSL 1.1.0 functions. So check for individual
-   # functions.
--  for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free
-+  for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free
- do :
-   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
- ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-diff --git a/configure.ac b/configure.ac
-index fcea0bcab4..ab32bfdd08 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1385,7 +1385,7 @@ if test "$with_ssl" = openssl ; then
-   # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
-   # doesn't have these OpenSSL 1.1.0 functions. So check for individual
-   # functions.
--  AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free])
-+  AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free])
-   # OpenSSL versions before 1.1.0 required setting callback functions, for
-   # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock()
-   # function was removed.
-diff --git a/meson.build b/meson.build
-index 51b5285924..96fc2e139a 100644
---- a/meson.build
-+++ b/meson.build
-@@ -1278,7 +1278,6 @@ if sslopt in ['auto', 'openssl']
-       # doesn't have these OpenSSL 1.1.0 functions. So check for individual
-       # functions.
-       ['OPENSSL_init_ssl'],
--      ['BIO_get_data'],
-       ['BIO_meth_new'],
-       ['ASN1_STRING_get0_data'],
-       ['HMAC_CTX_new'],
-diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
-index e9c86d08df..49dca0cda9 100644
---- a/src/backend/libpq/be-secure-openssl.c
-+++ b/src/backend/libpq/be-secure-openssl.c
-@@ -844,11 +844,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
-  * to retry; do we need to adopt their logic for that?
-  */
- 
--#ifndef HAVE_BIO_GET_DATA
--#define BIO_get_data(bio) (bio->ptr)
--#define BIO_set_data(bio, data) (bio->ptr = data)
--#endif
--
- static BIO_METHOD *my_bio_methods = NULL;
- 
- static int
-@@ -858,7 +853,7 @@ my_sock_read(BIO *h, char *buf, int size)
- 
- 	if (buf != NULL)
- 	{
--		res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size);
-+		res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size);
- 		BIO_clear_retry_flags(h);
- 		if (res <= 0)
- 		{
-@@ -878,7 +873,7 @@ my_sock_write(BIO *h, const char *buf, int size)
- {
- 	int			res = 0;
- 
--	res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size);
-+	res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res <= 0)
- 	{
-@@ -954,7 +949,7 @@ my_SSL_set_fd(Port *port, int fd)
- 		SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
- 		goto err;
- 	}
--	BIO_set_data(bio, port);
-+	BIO_set_app_data(bio, port);
- 
- 	BIO_set_fd(bio, fd, BIO_NOCLOSE);
- 	SSL_set_bio(port->ssl, bio, bio);
-diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in
-index 6d572c3820..174544630e 100644
---- a/src/include/pg_config.h.in
-+++ b/src/include/pg_config.h.in
-@@ -70,9 +70,6 @@
- /* Define to 1 if you have the `backtrace_symbols' function. */
- #undef HAVE_BACKTRACE_SYMBOLS
- 
--/* Define to 1 if you have the `BIO_get_data' function. */
--#undef HAVE_BIO_GET_DATA
--
- /* Define to 1 if you have the `BIO_meth_new' function. */
- #undef HAVE_BIO_METH_NEW
- 
-diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
-index 390c888c96..fb6404ade0 100644
---- a/src/interfaces/libpq/fe-secure-openssl.c
-+++ b/src/interfaces/libpq/fe-secure-openssl.c
-@@ -1830,11 +1830,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name)
-  * to retry; do we need to adopt their logic for that?
-  */
- 
--#ifndef HAVE_BIO_GET_DATA
--#define BIO_get_data(bio) (bio->ptr)
--#define BIO_set_data(bio, data) (bio->ptr = data)
--#endif
--
-+/* protected by ssl_config_mutex */
- static BIO_METHOD *my_bio_methods;
- 
- static int
-@@ -1842,7 +1838,7 @@ my_sock_read(BIO *h, char *buf, int size)
- {
- 	int			res;
- 
--	res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size);
-+	res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res < 0)
- 	{
-@@ -1872,7 +1868,7 @@ my_sock_write(BIO *h, const char *buf, int size)
- {
- 	int			res;
- 
--	res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size);
-+	res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size);
- 	BIO_clear_retry_flags(h);
- 	if (res < 0)
- 	{
-@@ -1963,7 +1959,7 @@ my_SSL_set_fd(PGconn *conn, int fd)
- 		SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
- 		goto err;
- 	}
--	BIO_set_data(bio, conn);
-+	BIO_set_app_data(bio, conn);
- 
- 	SSL_set_bio(conn->ssl, bio, bio);
- 	BIO_set_fd(bio, fd, BIO_NOCLOSE);
-diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl
-index 76442de063..9bb28fbc83 100644
---- a/src/test/ssl/t/001_ssltests.pl
-+++ b/src/test/ssl/t/001_ssltests.pl
-@@ -781,7 +781,7 @@ $node->connect_fails(
- 	"$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt "
- 	  . sslkey('client-revoked.key'),
- 	"certificate authorization fails with revoked client cert",
--	expected_stderr => qr/SSL error: sslv3 alert certificate revoked/,
-+	expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|,
- 	# temporarily(?) skip this check due to timing issue
- 	#	log_like => [
- 	#		qr{Client certificate verification failed at depth 0: certificate revoked},
-@@ -886,7 +886,7 @@ $node->connect_fails(
- 	"$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt "
- 	  . sslkey('client-revoked.key'),
- 	"certificate authorization fails with revoked client cert with server-side CRL directory",
--	expected_stderr => qr/SSL error: sslv3 alert certificate revoked/,
-+	expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|,
- 	# temporarily(?) skip this check due to timing issue
- 	#	log_like => [
- 	#		qr{Client certificate verification failed at depth 0: certificate revoked},
-@@ -899,7 +899,7 @@ $node->connect_fails(
- 	"$common_connstr user=ssltestuser sslcert=ssl/client-revoked-utf8.crt "
- 	  . sslkey('client-revoked-utf8.key'),
- 	"certificate authorization fails with revoked UTF-8 client cert with server-side CRL directory",
--	expected_stderr => qr/SSL error: sslv3 alert certificate revoked/,
-+	expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|,
- 	# temporarily(?) skip this check due to timing issue
- 	#	log_like => [
- 	#		qr{Client certificate verification failed at depth 0: certificate revoked},
-diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm
-index b6d31c3583..711fae853f 100644
---- a/src/tools/msvc/Solution.pm
-+++ b/src/tools/msvc/Solution.pm
-@@ -225,7 +225,6 @@ sub GenerateFiles
- 		HAVE_ATOMICS => 1,
- 		HAVE_ATOMIC_H => undef,
- 		HAVE_BACKTRACE_SYMBOLS => undef,
--		HAVE_BIO_GET_DATA => undef,
- 		HAVE_BIO_METH_NEW => undef,
- 		HAVE_COMPUTED_GOTO => undef,
- 		HAVE_COPYFILE => undef,
-@@ -503,7 +502,6 @@ sub GenerateFiles
- 			|| ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0'))
- 		{
- 			$define{HAVE_ASN1_STRING_GET0_DATA} = 1;
--			$define{HAVE_BIO_GET_DATA} = 1;
- 			$define{HAVE_BIO_METH_NEW} = 1;
- 			$define{HAVE_HMAC_CTX_FREE} = 1;
- 			$define{HAVE_HMAC_CTX_NEW} = 1;
diff --git a/dev-db/postgresql/files/postgresql-16-xml-2.12.patch b/dev-db/postgresql/files/postgresql-16-xml-2.12.patch
deleted file mode 100644
index aac072c67393..000000000000
--- a/dev-db/postgresql/files/postgresql-16-xml-2.12.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-From e02fea093ebb7ff5093c4cd9827710000bb31146 Mon Sep 17 00:00:00 2001
-From: Tom Lane <tgl@sss.pgh.pa.us>
-Date: Mon, 29 Jan 2024 12:06:07 -0500
-Subject: [PATCH] Fix incompatibilities with libxml2 >= 2.12.0.
-
-libxml2 changed the required signature of error handler callbacks
-to make the passed xmlError struct "const".  This is causing build
-failures on buildfarm member caiman, and no doubt will start showing
-up in the field quite soon.  Add a version check to adjust the
-declaration of xml_errorHandler() according to LIBXML_VERSION.
-
-2.12.x also produces deprecation warnings for contrib/xml2/xpath.c's
-assignment to xmlLoadExtDtdDefaultValue.  I see no good reason for
-that to still be there, seeing that we disabled external DTDs (at a
-lower level) years ago for security reasons.  Let's just remove it.
-
-Back-patch to all supported branches, since they might all get built
-with newer libxml2 once it gets a bit more popular.  (The back
-branches produce another deprecation warning about xpath.c's use of
-xmlSubstituteEntitiesDefault().  We ought to consider whether to
-back-patch all or part of commit 65c5864d7 to silence that.  It's
-less urgent though, since it won't break the buildfarm.)
-
-Discussion: https://postgr.es/m/1389505.1706382262@sss.pgh.pa.us
----
- contrib/xml2/xpath.c        |  1 -
- src/backend/utils/adt/xml.c | 14 ++++++++++++--
- 2 files changed, 12 insertions(+), 3 deletions(-)
-
-diff --git a/contrib/xml2/xpath.c b/contrib/xml2/xpath.c
-index a692dc6be8..94641930f7 100644
---- a/contrib/xml2/xpath.c
-+++ b/contrib/xml2/xpath.c
-@@ -75,7 +75,6 @@ pgxml_parser_init(PgXmlStrictness strictness)
- 	xmlInitParser();
- 
- 	xmlSubstituteEntitiesDefault(1);
--	xmlLoadExtDtdDefaultValue = 1;
- 
- 	return xmlerrcxt;
- }
-diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c
-index 2300c7ebf3..9f4e775003 100644
---- a/src/backend/utils/adt/xml.c
-+++ b/src/backend/utils/adt/xml.c
-@@ -66,6 +66,16 @@
- #if LIBXML_VERSION >= 20704
- #define HAVE_XMLSTRUCTUREDERRORCONTEXT 1
- #endif
-+
-+/*
-+ * libxml2 2.12 decided to insert "const" into the error handler API.
-+ */
-+#if LIBXML_VERSION >= 21200
-+#define PgXmlErrorPtr const xmlError *
-+#else
-+#define PgXmlErrorPtr xmlErrorPtr
-+#endif
-+
- #endif							/* USE_LIBXML */
- 
- #include "access/htup_details.h"
-@@ -123,7 +133,7 @@ static xmlParserInputPtr xmlPgEntityLoader(const char *URL, const char *ID,
- 										   xmlParserCtxtPtr ctxt);
- static void xml_errsave(Node *escontext, PgXmlErrorContext *errcxt,
- 						int sqlcode, const char *msg);
--static void xml_errorHandler(void *data, xmlErrorPtr error);
-+static void xml_errorHandler(void *data, PgXmlErrorPtr error);
- static int	errdetail_for_xml_code(int code);
- static void chopStringInfoNewlines(StringInfo str);
- static void appendStringInfoLineSeparator(StringInfo str);
-@@ -2002,7 +2012,7 @@ xml_errsave(Node *escontext, PgXmlErrorContext *errcxt,
-  * Error handler for libxml errors and warnings
-  */
- static void
--xml_errorHandler(void *data, xmlErrorPtr error)
-+xml_errorHandler(void *data, PgXmlErrorPtr error)
- {
- 	PgXmlErrorContext *xmlerrcxt = (PgXmlErrorContext *) data;
- 	xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) error->ctxt;
--- 
-2.30.2
-
diff --git a/dev-db/sqlcl-bin/Manifest b/dev-db/sqlcl-bin/Manifest
index 997efbd0ea34..c6d6e48ae0f2 100644
--- a/dev-db/sqlcl-bin/Manifest
+++ b/dev-db/sqlcl-bin/Manifest
@@ -1,3 +1,3 @@
-DIST sqlcl-23.2.0.178.1027.zip 40101459 BLAKE2B 74193e86b5403fd628e1be488b0768fd7341343ead8502ff6a008ab86cf0c833122ba2c101ade1f575a8267b333afb92843c502b205b8997ce1fafbf9fb88849 SHA512 3cff59962e022005a80f5bb257befa13c726c5944b5de05598fd9a11acb566a63ba41e6fddc12adaffcbb11f3272b916550581b6d1407016ed342d71470f2bd1
-EBUILD sqlcl-bin-23.2.0.178.1027.ebuild 763 BLAKE2B 6c7778f9f0ec3a0e4482f67e2bcb245c4d0c9a8a7dea7cff1d5b8a7f5eb049806c6df011eaea45575f277985bc7234df0d68c9e76461cfb8e6c0b12cb07dfee5 SHA512 bac76fb3cf5069801224bbbdfd1317640f0b135768289356e3d567fb7137fc16cc6218e29cbb50544750bfd95549b3c18a5314999b2be140cc171741841aa565
+DIST sqlcl-23.3.0.270.1251.zip 41859690 BLAKE2B 25ca11e1dc3d66fcd3d70a760090e21491065168298b7bb463c8bf80107e36365cf517bc10d061e45e19918ccf5284837237e5b2fa291f3dc6882a42c8b70c46 SHA512 293cf8c8c5419bafdddfa0cafd258b0506990a7fec55291e5ceb5e290de55d8e73f3b56fdd8cbb6ed9a6393a67cae8eb889ce7e7361f2bfb65bb00be4b283939
+EBUILD sqlcl-bin-23.3.0.270.1251.ebuild 763 BLAKE2B 60a5df4ee71f66a47425ca7406a7fdce0735aa63d65a3bea3b1899b758bba2555130f524e1d9cb9496cc2b574eb1797909d364924a0df46ef27ca7bf4ca95348 SHA512 fd112d424588bd7c46df222b0d8f180ad85b6fc3b508abd54ecb2e4def4d55171d33a2dbda54031836e1acd10f9e38040f9fe5aca840abd244140f044bc00a86
 MISC metadata.xml 402 BLAKE2B ab9053ca959660812f1e1bc536950c0278d23c2906ff0a82483241f16960d2ae6ecd3eff091666df8fef38fdb073a6e3d0a5c8a7c7926426fead769365df49a5 SHA512 785e5acc8811d310b7cd5dc52fe3de6a22d7a92fa81a12db8a16b1df75a83f47ffea4e2fe21a712dabc5c1fff8da4d6f2e49ae0597373fd6e106aa13e81323d3
diff --git a/dev-db/sqlcl-bin/sqlcl-bin-23.2.0.178.1027.ebuild b/dev-db/sqlcl-bin/sqlcl-bin-23.3.0.270.1251.ebuild
index 0bb8a5e75c23..cfea6a71f095 100644
--- a/dev-db/sqlcl-bin/sqlcl-bin-23.2.0.178.1027.ebuild
+++ b/dev-db/sqlcl-bin/sqlcl-bin-23.3.0.270.1251.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=8
diff --git a/dev-db/sqldeveloper/Manifest b/dev-db/sqldeveloper/Manifest
index a775e9880c03..5fa479a010da 100644
--- a/dev-db/sqldeveloper/Manifest
+++ b/dev-db/sqldeveloper/Manifest
@@ -1,4 +1,4 @@
 AUX sqldeveloper-r1 407 BLAKE2B 26bf826e6ccf1cd45b52e7cdf6e694d88570118c0e98cab83f66f078ed79fea36fb3fa6df67dc271a74faad4307996c4968f6d316d9fc71d1a5360804f39782e SHA512 cf089f58c9de3677dbaa7b0c4bdd81e234bffac4c25f5a433c7854068ca33b5a4165d8a5d24188890d5d8c60c209adee5267a255505b978a5a7f73646fd1dfbe
-DIST sqldeveloper-23.1.0.097.1607-no-jre.zip 510182719 BLAKE2B 947f5b91bce5a735bf7987bfb894b7aa52191e9db9c24c8c50f843094c337fa477c300c6998a090eb4919fa829bc711960ad2f39f87ddb87ed1bad7bcda2218d SHA512 800e5ebf77af6cb8f6b1a48a80b09bc3d64c4ddbd57d8bc96a1e6e031e91f10ea76bc3447bc24ef60a6775c92955ba2ef30332203d9e0995c88a8625ac5ca0cd
-EBUILD sqldeveloper-23.1.0.097.1607.ebuild 2965 BLAKE2B e401f09cff4d0dcb10d770e4b03197f13b1ec2d46c33b50c346a0c2a2422063223244d80c138f465d5b913e981e320cfa022f1b7e423b12cf9b456249103d1cb SHA512 9e09477dc14c6124d1ac27df1f41fac548c50a5cc37006cac69f2dcbc8c76723ce9abb374074e7b43fe1468813d7ac7c3e5492d33a5d1accfb19531e8e52dc4b
+DIST sqldeveloper-23.1.1.345.2114-no-jre.zip 509665648 BLAKE2B 28ae11d4a3f0f760620247d353db8b8100443f639b39354ed687ed05e124739aacf5bd2a8fa816ed7e14d55d02a7391af44855fd7cc07e942c5d904131fa9bb3 SHA512 e1a69e569fa8052cdc5144b23c9b6cbf9b1aa13280286233c0e531671ae702a8bf33f3ff6a6f28a166c44c88037b758e854f8dbc525e7714cca8031573b6db52
+EBUILD sqldeveloper-23.1.1.345.2114.ebuild 2987 BLAKE2B dd2df13947a4e57e92df2d7a61c15c0c1bc442a1f9d6636c9d3760e77fad20d837bc2a7fc172cb9f32754ff42670d4bd2d531f9128933b825d5178616302ea1d SHA512 07cb54b90cb271e1c1a943029df1a0d2d9d69bcc381e48e145da2c5ee84c806638a3529098a8c27111baec4399c9e8d7701c76a9e232eadaadf230641ab9b725
 MISC metadata.xml 496 BLAKE2B 46b421a2174ce825577a96c41ad103162b6b11127fa1512b12946e46e9698fbe24d1338e38e553ed49f28474497c4acfe2834dd70dee92ce4f34bad01f64ef5f SHA512 0cf75c543496d84e707cbfd146e95ba46ec3dc2779bfff990e2844200ff223d747fb30a6f90a988dd9d07efd060ecc27f9b5c3edcda15c51d3a23ccbd3abb3e8
diff --git a/dev-db/sqldeveloper/sqldeveloper-23.1.0.097.1607.ebuild b/dev-db/sqldeveloper/sqldeveloper-23.1.1.345.2114.ebuild
index 21083df685b8..835081018271 100644
--- a/dev-db/sqldeveloper/sqldeveloper-23.1.0.097.1607.ebuild
+++ b/dev-db/sqldeveloper/sqldeveloper-23.1.1.345.2114.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=8
@@ -28,6 +28,8 @@ RDEPEND="
 "
 BDEPEND="app-arch/unzip"
 
+S="${WORKDIR}/${PN}"
+
 QA_PREBUILT="
 	opt/${PN}/netbeans/platform/modules/lib/amd64/linux/libjnidispatch-422.so
 "
author	V3n3RiX <venerix@koprulu.sector>	2024-02-09 17:33:55 +0000
committer	V3n3RiX <venerix@koprulu.sector>	2024-02-09 17:33:55 +0000
commit	4d643b662f77ef9cc872089cad15cf5e7e1f70f2 (patch)
tree	8a8b7aa8499f2b753ccc5c7dcce87f8f9a0cf76b /dev-db
parent	dbed051da899bbf15bd223d4aa40e913cc3c5b0f (diff)