From 4d643b662f77ef9cc872089cad15cf5e7e1f70f2 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Fri, 9 Feb 2024 17:33:55 +0000 Subject: gentoo auto-resync : 09:02:2024 - 17:33:55 --- dev-db/postgresql/Manifest | 10 - .../files/postgresql-12-openssl3.2.patch | 178 ----------------- .../postgresql/files/postgresql-12-xml-2.12.patch | 83 -------- .../files/postgresql-13-openssl3.2.patch | 172 ---------------- .../postgresql/files/postgresql-13-xml-2.12.patch | 83 -------- .../files/postgresql-14-openssl3.2.patch | 195 ------------------- .../postgresql/files/postgresql-14-xml-2.12.patch | 83 -------- .../files/postgresql-15-openssl3.2.patch | 194 ------------------ .../postgresql/files/postgresql-15-xml-2.12.patch | 83 -------- .../files/postgresql-16-openssl3.2.patch | 216 --------------------- .../postgresql/files/postgresql-16-xml-2.12.patch | 83 -------- 11 files changed, 1380 deletions(-) delete mode 100644 dev-db/postgresql/files/postgresql-12-openssl3.2.patch delete mode 100644 dev-db/postgresql/files/postgresql-12-xml-2.12.patch delete mode 100644 dev-db/postgresql/files/postgresql-13-openssl3.2.patch delete mode 100644 dev-db/postgresql/files/postgresql-13-xml-2.12.patch delete mode 100644 dev-db/postgresql/files/postgresql-14-openssl3.2.patch delete mode 100644 dev-db/postgresql/files/postgresql-14-xml-2.12.patch delete mode 100644 dev-db/postgresql/files/postgresql-15-openssl3.2.patch delete mode 100644 dev-db/postgresql/files/postgresql-15-xml-2.12.patch delete mode 100644 dev-db/postgresql/files/postgresql-16-openssl3.2.patch delete mode 100644 dev-db/postgresql/files/postgresql-16-xml-2.12.patch (limited to 'dev-db/postgresql') diff --git a/dev-db/postgresql/Manifest b/dev-db/postgresql/Manifest index df1cafaae8e9..9f7a69fe4c69 100644 --- a/dev-db/postgresql/Manifest +++ b/dev-db/postgresql/Manifest @@ -1,18 +1,8 @@ -AUX postgresql-12-openssl3.2.patch 6585 BLAKE2B 791f1432cf74232bfa030ae26450fb8ee04ab4c4677d7888de36526d5a90ad520b36dd048abda8d4a4797f2826027aa86966c159942ce111c931da84276a0b30 SHA512 effb4ec6d4a6dec5ffb344c03df99e3d938c52221ddbc4d6586492f77763b5ec268836e43007dd2beb0b0df95173c9e37449707a1a8bd9b293ed7addaefb320b -AUX postgresql-12-xml-2.12.patch 3114 BLAKE2B dc2718f387fa1f28b2d5ccb04959cedb99f692227d97c494f9b2315f96a9cb64991a60565ca76c20384de1d201aa503fbdd6df2b8ea607a77a06fcf43ee0f309 SHA512 9d07fc0df0db6060d23b068074eaa74ca30f96c32f84ad06510031e55ccf891b34c82ac11684202122e5e33e5b503912906a073c7608cb6231eb6f7bf489f5be AUX postgresql-12.1-no-server.patch 2965 BLAKE2B 168f39c02f0614c57a60c0ce3bb540e0d29dc407c569661d0cd29ddb57657bfada44aa90ca915c8474ca5541ac1f4cc152fbd70c105efcbe83f9e5b9f918eeb5 SHA512 5e025da1cb5f696821b19093ab893667426a08b1bbc8e3f748d34207730026625b61a8cfd2596af124080a4a292363546dce5b703ce6164efceceabc6b170aa2 -AUX postgresql-13-openssl3.2.patch 6389 BLAKE2B 6b7a8cf82a9c0424fc0fa1f297623c530531a2db0ee2480e3e3cb94cd7a2f66fd3c07b5db4a164ac8cdea3557ca8f0627533ac19a07be1466413b409f6812dea SHA512 524eb2a4076f45bd978f034da03731e79a59ae5e0cae8f0d525e17bdacf0c23f24cb6ce38171447101ba229ece952244ae58199b821a1f3ec6bb9d5657543995 -AUX postgresql-13-xml-2.12.patch 3114 BLAKE2B 8ea1a2fd9c978047cfcf6a2dcbce192e62706b2218cd65ef29296880905ce0d02eae7923f8483ea62c68e85860c0115e65027eb0fb604a1c27c9810b80de6da2 SHA512 2ca7d0311ac0cf4ab19b41d9e8cf4624e95ad5d4efd0b978bf97620a9fe131dd6c69db580944ba0831d64996a40ef69391189a9fd50bb64501e8516c972bca93 AUX postgresql-13.3-riscv-spinlocks.patch 966 BLAKE2B 4834d47b01e1f8e122fa940a84e1e790686d96b538d27f253724f7be454c455c6853cdadf41da5cafeb8767012b45a6eef742685117afaaa78e0e9a930c728c8 SHA512 1c217ec177a1669fcaeffe2cce241b5ba2cba6425d9eee8bf50dce6626e70e2d063776e1ced4590cbf9ffc046ede02dbe4f06bdfb7bc4c3dcb0f028c128c15ea AUX postgresql-13.8-no-server.patch 2985 BLAKE2B 81a4a7c1d3c9e104ea7a575a14eecada57b62ed652b4401b459886250518179b1f68efd73246773cf7b745c298ac59f0e5f693f2ac0e6e0fd4a29c4c431e3715 SHA512 7a3fd3f8411c59b812da6deaf743247c0e728aca653fb66860a7a6e55704bc732327dcf917ce17fe089003740131d4d92879e171b4b9ff262fef0743f6f50122 -AUX postgresql-14-openssl3.2.patch 7707 BLAKE2B 50035cdbfea58798d8ece7edb13c552ada5167999b070b2582ae2f020fa136a17dcc75c0ceae5255074284f587a7b032eca6ffa53cc1f75de3637746157f7ef7 SHA512 93ad6d528d0ebafd947327212eec33d91a1f9e2d7fdaf1c67040c5da96e9ba9d97b3bf7db399a260b97e116f1f2cd817443fadd1aeea5b196024ce14cb80a357 -AUX postgresql-14-xml-2.12.patch 3114 BLAKE2B 1aff5b23809d14d7daeea4bc2c9c80529d1c2bf04f5cc3bd5d00bc4c8a9790652437137813dcf8e563258d1acfd44805a2c83784e5dd4be0d403f960e978eb8e SHA512 f2bc93294994d928324fd08d669f5d77fc0e63c493150c5ac589c7c61bde277ee96c45386117c7e0865c4c4d31cf8e4b5bd1b9a8da13b16499f0813f780bd755 AUX postgresql-14.5-no-server.patch 3018 BLAKE2B cbb900bcb7bcc8e788369829811da0d57a45682a77ac54f430cab7ebf6df9ff10489d50d129fa5b24bfff80929497b3107a8e650962b8e772d6b0bee610f05a9 SHA512 90e88567af5f30969e946295c4c058cd245bdd7dce01d48b70aa3dd000cf9e54570ed1b6bcc423a10ed0b7102047927da19bd26f5714e003ccffde967c77db26 -AUX postgresql-15-openssl3.2.patch 7609 BLAKE2B 63e806aab619b79c174c299990cf45c031d0150c8c80afe9fcf217f75673c0b28c64879b305bd700afa9873ff8a7c3da4587d3fe6789b2f12bbe4c4d9c738120 SHA512 871c75ff34b60248ffd4a3de8c03abb546430a5e7aba9f361b53f4b6fb27a6b58e927d84a5ba4c50ce8c667157dafefe63b41e69e4b7b8e86f93e276a2468f0b -AUX postgresql-15-xml-2.12.patch 3114 BLAKE2B 32d32553e666c8dd04b5df3dc52c88b26230361a68b8a8f92faf2b430bd91d998df7280399df6c0c077931d2ea1c0eb19169ffe5a1990a1c66d7942cb57b889c SHA512 b913188055fa1314a899835c6365904952badf0ae5793fa87b3e86a9cd6bc86357f2385137cdc2bf87b80661ffaa09f9c23f39eb9527d9e65cd16d105a8ed66c AUX postgresql-15_beta3-no-server.patch 3061 BLAKE2B aeba13501762f4e21653ad65ab10f708d604c393797766c1acad207a7889e02eb2806c0f6823fcbf9f2891be85d17ff7d3ba6066afe5f5fde3b9b39e56bfa5f7 SHA512 a41d01f994c4301ec059615446a3cc03cd16af67e3a3c1c0fa73b145c1b910de38d5a4a4757ad861c9cd11124f1d2d13f6503be2e5a2bb28f803fb03b055edb5 -AUX postgresql-16-openssl3.2.patch 8637 BLAKE2B eacc36e7c85ff1f36b2c4c087d8bb332e03fe084391563ea6c3440c1d29c9b0479f3095ec2479f38120a05a25cd048aa043e7f5f0652b795e29c104b14ff2514 SHA512 fa9a310aa3bbb7c4b05480f4f62e61a11f2993174f09580350875083721c11f73dca3e06d062a466f38b3ad2df83a1548838c8431b272c438152ea859eb94a5f -AUX postgresql-16-xml-2.12.patch 3178 BLAKE2B 366e2b7496c0ec5615c01c2815dd89813c6edfbacdef7038a4804531e3e6ec4fea07fad6859a9b4bd17533e2e56ca48490e783998e20b704c672283d04247280 SHA512 dad70ffff7a2bbf71cc9ce5476fa2aadf5dabf8088a2fa787969d3612160c8c0dfe9efbf7ea7568ce6fbc01bacf05042ad95e665a5eac8c3341cd487eb4e04ff AUX postgresql-check-db-dir 1013 BLAKE2B 2be45942d0442822113879708c11dfde267938b6e7118bd225f567ca9fdacb11082792eabcb40b8a39cd6017fdedb18100576fea0895dae2dcda83c2d51de34d SHA512 2f34ee0cb6a889500ccfca7621ada6ee1bb06dc146f3c556938152dd3d7c0312266bb4db5f4099838d93ade26e2b8866dfddb3576cb5a737431ea2befd0cec6f AUX postgresql.confd-9.3 2477 BLAKE2B 0d42eedb99c951c8c60ed02abb5d4526bc288e8dd50b048cb3ab374239f1929aa80d10306037e45188a81593163121c029b91f9149365bff02ff7bfd0fe52ac4 SHA512 6c9e7c2de31eace2b3ce771a29eb354b143ea81f85d9d7ef601f302b7ae71c1c3badde8765fb7757dadcf0c49dcfa1116977e8b7f1e238350d3732962267147f AUX postgresql.init-9.3-r1 4999 BLAKE2B f2bc23a51b6d9643bbc14320aaa9c41b7eb1df86f8b760b9146739b14060178a415fe49b77a47b6bc5522759759fa0aefa9f0050b340534a64c2f22f89c7825d SHA512 a0f003c7d00b9749b8b25fce8ac728869e0c8f5a3c87e699b62806207413d5abba8db1e9d35e801316fbfb0ee070eb3b6a099b7991065c21cdb27ca7dc164bed diff --git a/dev-db/postgresql/files/postgresql-12-openssl3.2.patch b/dev-db/postgresql/files/postgresql-12-openssl3.2.patch deleted file mode 100644 index 62b254d220c6..000000000000 --- a/dev-db/postgresql/files/postgresql-12-openssl3.2.patch +++ /dev/null @@ -1,178 +0,0 @@ -commit 6bb4ce36b302296fd09abb097b5e28b66117be92 -Author: Tom Lane -Date: Tue Nov 28 12:34:03 2023 -0500 - - Use BIO_{get,set}_app_data instead of BIO_{get,set}_data. - - We should have done it this way all along, but we accidentally got - away with using the wrong BIO field up until OpenSSL 3.2. There, - the library's BIO routines that we rely on use the "data" field - for their own purposes, and our conflicting use causes assorted - weird behaviors up to and including core dumps when SSL connections - are attempted. Switch to using the approved field for the purpose, - i.e. app_data. - - While at it, remove our configure probes for BIO_get_data as well - as the fallback implementation. BIO_{get,set}_app_data have been - there since long before any OpenSSL version that we still support, - even in the back branches. - - Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor - change in an error message spelling that evidently came in with 3.2. - - Tristan Partin and Bo Andreson. Back-patch to all supported branches. - - Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com - -diff --git a/configure b/configure -index cce104aebb..346ea8e2c1 100755 ---- a/configure -+++ b/configure -@@ -12641,7 +12641,7 @@ done - # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. -- for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data -+ for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data - do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` - ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -diff --git a/configure.in b/configure.in -index 3c93e7a944..2c15b20049 100644 ---- a/configure.in -+++ b/configure.in -@@ -1290,7 +1290,7 @@ if test "$with_openssl" = yes ; then - # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. -- AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data]) -+ AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data]) - # OpenSSL versions before 1.1.0 required setting callback functions, for - # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock() - # function was removed. -diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c -index b0a1f7258a..34f8f9e71e 100644 ---- a/src/backend/libpq/be-secure-openssl.c -+++ b/src/backend/libpq/be-secure-openssl.c -@@ -699,11 +699,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor) - * to retry; do we need to adopt their logic for that? - */ - --#ifndef HAVE_BIO_GET_DATA --#define BIO_get_data(bio) (bio->ptr) --#define BIO_set_data(bio, data) (bio->ptr = data) --#endif -- - static BIO_METHOD *my_bio_methods = NULL; - - static int -@@ -713,7 +708,7 @@ my_sock_read(BIO *h, char *buf, int size) - - if (buf != NULL) - { -- res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size); -+ res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size); - BIO_clear_retry_flags(h); - if (res <= 0) - { -@@ -733,7 +728,7 @@ my_sock_write(BIO *h, const char *buf, int size) - { - int res = 0; - -- res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size); -+ res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size); - BIO_clear_retry_flags(h); - if (res <= 0) - { -@@ -809,7 +804,7 @@ my_SSL_set_fd(Port *port, int fd) - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); - goto err; - } -- BIO_set_data(bio, port); -+ BIO_set_app_data(bio, port); - - BIO_set_fd(bio, fd, BIO_NOCLOSE); - SSL_set_bio(port->ssl, bio, bio); -diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in -index 457a8713cc..1e9d21c3e4 100644 ---- a/src/include/pg_config.h.in -+++ b/src/include/pg_config.h.in -@@ -96,9 +96,6 @@ - /* Define to 1 if you have the header file. */ - #undef HAVE_ATOMIC_H - --/* Define to 1 if you have the `BIO_get_data' function. */ --#undef HAVE_BIO_GET_DATA -- - /* Define to 1 if you have the `BIO_meth_new' function. */ - #undef HAVE_BIO_METH_NEW - -diff --git a/src/include/pg_config.h.win32 b/src/include/pg_config.h.win32 -index 42fd7067f1..37accc560b 100644 ---- a/src/include/pg_config.h.win32 -+++ b/src/include/pg_config.h.win32 -@@ -75,9 +75,6 @@ - /* Define to 1 if you have the `ASN1_STRING_get0_data' function. */ - /* #undef HAVE_ASN1_STRING_GET0_DATA */ - --/* Define to 1 if you have the `BIO_get_data' function. */ --/* #undef HAVE_BIO_GET_DATA */ -- - /* Define to 1 if you have the `BIO_meth_new' function. */ - /* #undef HAVE_BIO_METH_NEW */ - -diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c -index 5948a37983..5729dd9acf 100644 ---- a/src/interfaces/libpq/fe-secure-openssl.c -+++ b/src/interfaces/libpq/fe-secure-openssl.c -@@ -1491,10 +1491,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name) - * to retry; do we need to adopt their logic for that? - */ - --#ifndef HAVE_BIO_GET_DATA --#define BIO_get_data(bio) (bio->ptr) --#define BIO_set_data(bio, data) (bio->ptr = data) --#endif -+/* protected by ssl_config_mutex */ - - static BIO_METHOD *my_bio_methods; - -@@ -1503,7 +1500,7 @@ my_sock_read(BIO *h, char *buf, int size) - { - int res; - -- res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size); -+ res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size); - BIO_clear_retry_flags(h); - if (res < 0) - { -@@ -1533,7 +1530,7 @@ my_sock_write(BIO *h, const char *buf, int size) - { - int res; - -- res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size); -+ res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size); - BIO_clear_retry_flags(h); - if (res < 0) - { -@@ -1624,7 +1621,7 @@ my_SSL_set_fd(PGconn *conn, int fd) - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); - goto err; - } -- BIO_set_data(bio, conn); -+ BIO_set_app_data(bio, conn); - - SSL_set_bio(conn->ssl, bio, bio); - BIO_set_fd(bio, fd, BIO_NOCLOSE); -diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm -index 20ce233af4..a7e5fdbda9 100644 ---- a/src/tools/msvc/Solution.pm -+++ b/src/tools/msvc/Solution.pm -@@ -273,7 +273,6 @@ sub GenerateFiles - || ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0')) - { - print $o "#define HAVE_ASN1_STRING_GET0_DATA 1\n"; -- print $o "#define HAVE_BIO_GET_DATA 1\n"; - print $o "#define HAVE_BIO_METH_NEW 1\n"; - print $o "#define HAVE_OPENSSL_INIT_SSL 1\n"; - } diff --git a/dev-db/postgresql/files/postgresql-12-xml-2.12.patch b/dev-db/postgresql/files/postgresql-12-xml-2.12.patch deleted file mode 100644 index 2929eb7302e2..000000000000 --- a/dev-db/postgresql/files/postgresql-12-xml-2.12.patch +++ /dev/null @@ -1,83 +0,0 @@ -From b2fd1dab90240ebb9017cd2fddd731c3641ba434 Mon Sep 17 00:00:00 2001 -From: Tom Lane -Date: Mon, 29 Jan 2024 12:06:08 -0500 -Subject: [PATCH] Fix incompatibilities with libxml2 >= 2.12.0. - -libxml2 changed the required signature of error handler callbacks -to make the passed xmlError struct "const". This is causing build -failures on buildfarm member caiman, and no doubt will start showing -up in the field quite soon. Add a version check to adjust the -declaration of xml_errorHandler() according to LIBXML_VERSION. - -2.12.x also produces deprecation warnings for contrib/xml2/xpath.c's -assignment to xmlLoadExtDtdDefaultValue. I see no good reason for -that to still be there, seeing that we disabled external DTDs (at a -lower level) years ago for security reasons. Let's just remove it. - -Back-patch to all supported branches, since they might all get built -with newer libxml2 once it gets a bit more popular. (The back -branches produce another deprecation warning about xpath.c's use of -xmlSubstituteEntitiesDefault(). We ought to consider whether to -back-patch all or part of commit 65c5864d7 to silence that. It's -less urgent though, since it won't break the buildfarm.) - -Discussion: https://postgr.es/m/1389505.1706382262@sss.pgh.pa.us ---- - contrib/xml2/xpath.c | 1 - - src/backend/utils/adt/xml.c | 14 ++++++++++++-- - 2 files changed, 12 insertions(+), 3 deletions(-) - -diff --git a/contrib/xml2/xpath.c b/contrib/xml2/xpath.c -index 1e5b71d9a0..f44caf0020 100644 ---- a/contrib/xml2/xpath.c -+++ b/contrib/xml2/xpath.c -@@ -75,7 +75,6 @@ pgxml_parser_init(PgXmlStrictness strictness) - xmlInitParser(); - - xmlSubstituteEntitiesDefault(1); -- xmlLoadExtDtdDefaultValue = 1; - - return xmlerrcxt; - } -diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c -index 9f319077cb..51b16f2b73 100644 ---- a/src/backend/utils/adt/xml.c -+++ b/src/backend/utils/adt/xml.c -@@ -65,6 +65,16 @@ - #if LIBXML_VERSION >= 20704 - #define HAVE_XMLSTRUCTUREDERRORCONTEXT 1 - #endif -+ -+/* -+ * libxml2 2.12 decided to insert "const" into the error handler API. -+ */ -+#if LIBXML_VERSION >= 21200 -+#define PgXmlErrorPtr const xmlError * -+#else -+#define PgXmlErrorPtr xmlErrorPtr -+#endif -+ - #endif /* USE_LIBXML */ - - #include "access/htup_details.h" -@@ -119,7 +129,7 @@ struct PgXmlErrorContext - - static xmlParserInputPtr xmlPgEntityLoader(const char *URL, const char *ID, - xmlParserCtxtPtr ctxt); --static void xml_errorHandler(void *data, xmlErrorPtr error); -+static void xml_errorHandler(void *data, PgXmlErrorPtr error); - static void xml_ereport_by_code(int level, int sqlcode, - const char *msg, int errcode); - static void chopStringInfoNewlines(StringInfo str); -@@ -1752,7 +1762,7 @@ xml_ereport(PgXmlErrorContext *errcxt, int level, int sqlcode, const char *msg) - * Error handler for libxml errors and warnings - */ - static void --xml_errorHandler(void *data, xmlErrorPtr error) -+xml_errorHandler(void *data, PgXmlErrorPtr error) - { - PgXmlErrorContext *xmlerrcxt = (PgXmlErrorContext *) data; - xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) error->ctxt; --- -2.30.2 - diff --git a/dev-db/postgresql/files/postgresql-13-openssl3.2.patch b/dev-db/postgresql/files/postgresql-13-openssl3.2.patch deleted file mode 100644 index fbb80a3ecb20..000000000000 --- a/dev-db/postgresql/files/postgresql-13-openssl3.2.patch +++ /dev/null @@ -1,172 +0,0 @@ -commit dc8936b9dba79c80aaba8e7232434fb200e95725 -Author: Tom Lane -Date: Tue Nov 28 12:34:03 2023 -0500 - - Use BIO_{get,set}_app_data instead of BIO_{get,set}_data. - - We should have done it this way all along, but we accidentally got - away with using the wrong BIO field up until OpenSSL 3.2. There, - the library's BIO routines that we rely on use the "data" field - for their own purposes, and our conflicting use causes assorted - weird behaviors up to and including core dumps when SSL connections - are attempted. Switch to using the approved field for the purpose, - i.e. app_data. - - While at it, remove our configure probes for BIO_get_data as well - as the fallback implementation. BIO_{get,set}_app_data have been - there since long before any OpenSSL version that we still support, - even in the back branches. - - Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor - change in an error message spelling that evidently came in with 3.2. - - Tristan Partin and Bo Andreson. Back-patch to all supported branches. - - Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com - -diff --git a/configure b/configure -index 2fc7dca504..b7caf88229 100755 ---- a/configure -+++ b/configure -@@ -12713,7 +12713,7 @@ done - # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. -- for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data -+ for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data - do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` - ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -diff --git a/configure.in b/configure.in -index eaca132607..9aec28c8d1 100644 ---- a/configure.in -+++ b/configure.in -@@ -1275,7 +1275,7 @@ if test "$with_openssl" = yes ; then - # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. -- AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data]) -+ AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data]) - # OpenSSL versions before 1.1.0 required setting callback functions, for - # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock() - # function was removed. -diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c -index 55fe59276a..9e22911379 100644 ---- a/src/backend/libpq/be-secure-openssl.c -+++ b/src/backend/libpq/be-secure-openssl.c -@@ -748,11 +748,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor) - * to retry; do we need to adopt their logic for that? - */ - --#ifndef HAVE_BIO_GET_DATA --#define BIO_get_data(bio) (bio->ptr) --#define BIO_set_data(bio, data) (bio->ptr = data) --#endif -- - static BIO_METHOD *my_bio_methods = NULL; - - static int -@@ -762,7 +757,7 @@ my_sock_read(BIO *h, char *buf, int size) - - if (buf != NULL) - { -- res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size); -+ res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size); - BIO_clear_retry_flags(h); - if (res <= 0) - { -@@ -782,7 +777,7 @@ my_sock_write(BIO *h, const char *buf, int size) - { - int res = 0; - -- res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size); -+ res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size); - BIO_clear_retry_flags(h); - if (res <= 0) - { -@@ -858,7 +853,7 @@ my_SSL_set_fd(Port *port, int fd) - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); - goto err; - } -- BIO_set_data(bio, port); -+ BIO_set_app_data(bio, port); - - BIO_set_fd(bio, fd, BIO_NOCLOSE); - SSL_set_bio(port->ssl, bio, bio); -diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in -index 13fc4e0db6..978e685c70 100644 ---- a/src/include/pg_config.h.in -+++ b/src/include/pg_config.h.in -@@ -86,9 +86,6 @@ - /* Define to 1 if you have the `backtrace_symbols' function. */ - #undef HAVE_BACKTRACE_SYMBOLS - --/* Define to 1 if you have the `BIO_get_data' function. */ --#undef HAVE_BIO_GET_DATA -- - /* Define to 1 if you have the `BIO_meth_new' function. */ - #undef HAVE_BIO_METH_NEW - -diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c -index 07d5daf4d9..73b1720c4c 100644 ---- a/src/interfaces/libpq/fe-secure-openssl.c -+++ b/src/interfaces/libpq/fe-secure-openssl.c -@@ -1602,10 +1602,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name) - * to retry; do we need to adopt their logic for that? - */ - --#ifndef HAVE_BIO_GET_DATA --#define BIO_get_data(bio) (bio->ptr) --#define BIO_set_data(bio, data) (bio->ptr = data) --#endif -+/* protected by ssl_config_mutex */ - - static BIO_METHOD *my_bio_methods; - -@@ -1614,7 +1611,7 @@ my_sock_read(BIO *h, char *buf, int size) - { - int res; - -- res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size); -+ res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size); - BIO_clear_retry_flags(h); - if (res < 0) - { -@@ -1644,7 +1641,7 @@ my_sock_write(BIO *h, const char *buf, int size) - { - int res; - -- res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size); -+ res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size); - BIO_clear_retry_flags(h); - if (res < 0) - { -@@ -1735,7 +1732,7 @@ my_SSL_set_fd(PGconn *conn, int fd) - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); - goto err; - } -- BIO_set_data(bio, conn); -+ BIO_set_app_data(bio, conn); - - SSL_set_bio(conn->ssl, bio, bio); - BIO_set_fd(bio, fd, BIO_NOCLOSE); -diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm -index 78328e1fac..e88e3967cd 100644 ---- a/src/tools/msvc/Solution.pm -+++ b/src/tools/msvc/Solution.pm -@@ -226,7 +226,6 @@ sub GenerateFiles - HAVE_ATOMICS => 1, - HAVE_ATOMIC_H => undef, - HAVE_BACKTRACE_SYMBOLS => undef, -- HAVE_BIO_GET_DATA => undef, - HAVE_BIO_METH_NEW => undef, - HAVE_CLOCK_GETTIME => undef, - HAVE_COMPUTED_GOTO => undef, -@@ -543,7 +542,6 @@ sub GenerateFiles - || ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0')) - { - $define{HAVE_ASN1_STRING_GET0_DATA} = 1; -- $define{HAVE_BIO_GET_DATA} = 1; - $define{HAVE_BIO_METH_NEW} = 1; - $define{HAVE_OPENSSL_INIT_SSL} = 1; - } diff --git a/dev-db/postgresql/files/postgresql-13-xml-2.12.patch b/dev-db/postgresql/files/postgresql-13-xml-2.12.patch deleted file mode 100644 index a8daa6e7ce2f..000000000000 --- a/dev-db/postgresql/files/postgresql-13-xml-2.12.patch +++ /dev/null @@ -1,83 +0,0 @@ -From 7c53b1977ba6bed81deca3164c17e61f10725226 Mon Sep 17 00:00:00 2001 -From: Tom Lane -Date: Mon, 29 Jan 2024 12:06:08 -0500 -Subject: [PATCH] Fix incompatibilities with libxml2 >= 2.12.0. - -libxml2 changed the required signature of error handler callbacks -to make the passed xmlError struct "const". This is causing build -failures on buildfarm member caiman, and no doubt will start showing -up in the field quite soon. Add a version check to adjust the -declaration of xml_errorHandler() according to LIBXML_VERSION. - -2.12.x also produces deprecation warnings for contrib/xml2/xpath.c's -assignment to xmlLoadExtDtdDefaultValue. I see no good reason for -that to still be there, seeing that we disabled external DTDs (at a -lower level) years ago for security reasons. Let's just remove it. - -Back-patch to all supported branches, since they might all get built -with newer libxml2 once it gets a bit more popular. (The back -branches produce another deprecation warning about xpath.c's use of -xmlSubstituteEntitiesDefault(). We ought to consider whether to -back-patch all or part of commit 65c5864d7 to silence that. It's -less urgent though, since it won't break the buildfarm.) - -Discussion: https://postgr.es/m/1389505.1706382262@sss.pgh.pa.us ---- - contrib/xml2/xpath.c | 1 - - src/backend/utils/adt/xml.c | 14 ++++++++++++-- - 2 files changed, 12 insertions(+), 3 deletions(-) - -diff --git a/contrib/xml2/xpath.c b/contrib/xml2/xpath.c -index 1e5b71d9a0..f44caf0020 100644 ---- a/contrib/xml2/xpath.c -+++ b/contrib/xml2/xpath.c -@@ -75,7 +75,6 @@ pgxml_parser_init(PgXmlStrictness strictness) - xmlInitParser(); - - xmlSubstituteEntitiesDefault(1); -- xmlLoadExtDtdDefaultValue = 1; - - return xmlerrcxt; - } -diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c -index 7fc9669fb0..febe0a6220 100644 ---- a/src/backend/utils/adt/xml.c -+++ b/src/backend/utils/adt/xml.c -@@ -65,6 +65,16 @@ - #if LIBXML_VERSION >= 20704 - #define HAVE_XMLSTRUCTUREDERRORCONTEXT 1 - #endif -+ -+/* -+ * libxml2 2.12 decided to insert "const" into the error handler API. -+ */ -+#if LIBXML_VERSION >= 21200 -+#define PgXmlErrorPtr const xmlError * -+#else -+#define PgXmlErrorPtr xmlErrorPtr -+#endif -+ - #endif /* USE_LIBXML */ - - #include "access/htup_details.h" -@@ -119,7 +129,7 @@ struct PgXmlErrorContext - - static xmlParserInputPtr xmlPgEntityLoader(const char *URL, const char *ID, - xmlParserCtxtPtr ctxt); --static void xml_errorHandler(void *data, xmlErrorPtr error); -+static void xml_errorHandler(void *data, PgXmlErrorPtr error); - static void xml_ereport_by_code(int level, int sqlcode, - const char *msg, int errcode); - static void chopStringInfoNewlines(StringInfo str); -@@ -1750,7 +1760,7 @@ xml_ereport(PgXmlErrorContext *errcxt, int level, int sqlcode, const char *msg) - * Error handler for libxml errors and warnings - */ - static void --xml_errorHandler(void *data, xmlErrorPtr error) -+xml_errorHandler(void *data, PgXmlErrorPtr error) - { - PgXmlErrorContext *xmlerrcxt = (PgXmlErrorContext *) data; - xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) error->ctxt; --- -2.30.2 - diff --git a/dev-db/postgresql/files/postgresql-14-openssl3.2.patch b/dev-db/postgresql/files/postgresql-14-openssl3.2.patch deleted file mode 100644 index c8064adc23a6..000000000000 --- a/dev-db/postgresql/files/postgresql-14-openssl3.2.patch +++ /dev/null @@ -1,195 +0,0 @@ -commit 50e866f5f3be671620490e3cb3eea533f1677f6c -Author: Tom Lane -Date: Tue Nov 28 12:34:03 2023 -0500 - - Use BIO_{get,set}_app_data instead of BIO_{get,set}_data. - - We should have done it this way all along, but we accidentally got - away with using the wrong BIO field up until OpenSSL 3.2. There, - the library's BIO routines that we rely on use the "data" field - for their own purposes, and our conflicting use causes assorted - weird behaviors up to and including core dumps when SSL connections - are attempted. Switch to using the approved field for the purpose, - i.e. app_data. - - While at it, remove our configure probes for BIO_get_data as well - as the fallback implementation. BIO_{get,set}_app_data have been - there since long before any OpenSSL version that we still support, - even in the back branches. - - Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor - change in an error message spelling that evidently came in with 3.2. - - Tristan Partin and Bo Andreson. Back-patch to all supported branches. - - Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com - -diff --git a/configure b/configure -index 62a921b5e7..f74b9862a0 100755 ---- a/configure -+++ b/configure -@@ -13071,7 +13071,7 @@ done - # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. -- for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free -+ for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free - do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` - ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -diff --git a/configure.ac b/configure.ac -index a3243cc7e8..46624d2a11 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1311,7 +1311,7 @@ if test "$with_ssl" = openssl ; then - # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. -- AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free]) -+ AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free]) - # OpenSSL versions before 1.1.0 required setting callback functions, for - # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock() - # function was removed. -diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c -index 13ac961442..e39952494e 100644 ---- a/src/backend/libpq/be-secure-openssl.c -+++ b/src/backend/libpq/be-secure-openssl.c -@@ -823,11 +823,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor) - * to retry; do we need to adopt their logic for that? - */ - --#ifndef HAVE_BIO_GET_DATA --#define BIO_get_data(bio) (bio->ptr) --#define BIO_set_data(bio, data) (bio->ptr = data) --#endif -- - static BIO_METHOD *my_bio_methods = NULL; - - static int -@@ -837,7 +832,7 @@ my_sock_read(BIO *h, char *buf, int size) - - if (buf != NULL) - { -- res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size); -+ res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size); - BIO_clear_retry_flags(h); - if (res <= 0) - { -@@ -857,7 +852,7 @@ my_sock_write(BIO *h, const char *buf, int size) - { - int res = 0; - -- res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size); -+ res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size); - BIO_clear_retry_flags(h); - if (res <= 0) - { -@@ -933,7 +928,7 @@ my_SSL_set_fd(Port *port, int fd) - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); - goto err; - } -- BIO_set_data(bio, port); -+ BIO_set_app_data(bio, port); - - BIO_set_fd(bio, fd, BIO_NOCLOSE); - SSL_set_bio(port->ssl, bio, bio); -diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in -index 40d513c128..51fa911fb6 100644 ---- a/src/include/pg_config.h.in -+++ b/src/include/pg_config.h.in -@@ -86,9 +86,6 @@ - /* Define to 1 if you have the `backtrace_symbols' function. */ - #undef HAVE_BACKTRACE_SYMBOLS - --/* Define to 1 if you have the `BIO_get_data' function. */ --#undef HAVE_BIO_GET_DATA -- - /* Define to 1 if you have the `BIO_meth_new' function. */ - #undef HAVE_BIO_METH_NEW - -diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c -index 7f27767da6..383fdbe80e 100644 ---- a/src/interfaces/libpq/fe-secure-openssl.c -+++ b/src/interfaces/libpq/fe-secure-openssl.c -@@ -1661,11 +1661,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name) - * to retry; do we need to adopt their logic for that? - */ - --#ifndef HAVE_BIO_GET_DATA --#define BIO_get_data(bio) (bio->ptr) --#define BIO_set_data(bio, data) (bio->ptr = data) --#endif -- -+/* protected by ssl_config_mutex */ - static BIO_METHOD *my_bio_methods; - - static int -@@ -1673,7 +1669,7 @@ my_sock_read(BIO *h, char *buf, int size) - { - int res; - -- res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size); -+ res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size); - BIO_clear_retry_flags(h); - if (res < 0) - { -@@ -1703,7 +1699,7 @@ my_sock_write(BIO *h, const char *buf, int size) - { - int res; - -- res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size); -+ res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size); - BIO_clear_retry_flags(h); - if (res < 0) - { -@@ -1794,7 +1790,7 @@ my_SSL_set_fd(PGconn *conn, int fd) - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); - goto err; - } -- BIO_set_data(bio, conn); -+ BIO_set_app_data(bio, conn); - - SSL_set_bio(conn->ssl, bio, bio); - BIO_set_fd(bio, fd, BIO_NOCLOSE); -diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl -index 8cdd0d2e68..cc7bd98c83 100644 ---- a/src/test/ssl/t/001_ssltests.pl -+++ b/src/test/ssl/t/001_ssltests.pl -@@ -538,7 +538,7 @@ $node->connect_fails( - $node->connect_fails( - "$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt sslkey=ssl/client-revoked_tmp.key", - "certificate authorization fails with revoked client cert", -- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/, -+ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|, - # revoked certificates should not authenticate the user - log_unlike => [qr/connection authenticated:/],); - -@@ -591,7 +591,7 @@ switch_server_cert($node, 'server-cn-only', undef, undef, - $node->connect_fails( - "$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt sslkey=ssl/client-revoked_tmp.key", - "certificate authorization fails with revoked client cert with server-side CRL directory", -- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/); -+ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|); - - # clean up - foreach my $key (@keys) -diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm -index 577b5afea7..53d60dbd25 100644 ---- a/src/tools/msvc/Solution.pm -+++ b/src/tools/msvc/Solution.pm -@@ -229,7 +229,6 @@ sub GenerateFiles - HAVE_ATOMICS => 1, - HAVE_ATOMIC_H => undef, - HAVE_BACKTRACE_SYMBOLS => undef, -- HAVE_BIO_GET_DATA => undef, - HAVE_BIO_METH_NEW => undef, - HAVE_CLOCK_GETTIME => undef, - HAVE_COMPUTED_GOTO => undef, -@@ -562,7 +561,6 @@ sub GenerateFiles - || ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0')) - { - $define{HAVE_ASN1_STRING_GET0_DATA} = 1; -- $define{HAVE_BIO_GET_DATA} = 1; - $define{HAVE_BIO_METH_NEW} = 1; - $define{HAVE_HMAC_CTX_FREE} = 1; - $define{HAVE_HMAC_CTX_NEW} = 1; diff --git a/dev-db/postgresql/files/postgresql-14-xml-2.12.patch b/dev-db/postgresql/files/postgresql-14-xml-2.12.patch deleted file mode 100644 index 2b1d6b1b3448..000000000000 --- a/dev-db/postgresql/files/postgresql-14-xml-2.12.patch +++ /dev/null @@ -1,83 +0,0 @@ -From 29e25a6b1eb1b77ecfdbcb5b8dc07c8a6cdcf089 Mon Sep 17 00:00:00 2001 -From: Tom Lane -Date: Mon, 29 Jan 2024 12:06:08 -0500 -Subject: [PATCH] Fix incompatibilities with libxml2 >= 2.12.0. - -libxml2 changed the required signature of error handler callbacks -to make the passed xmlError struct "const". This is causing build -failures on buildfarm member caiman, and no doubt will start showing -up in the field quite soon. Add a version check to adjust the -declaration of xml_errorHandler() according to LIBXML_VERSION. - -2.12.x also produces deprecation warnings for contrib/xml2/xpath.c's -assignment to xmlLoadExtDtdDefaultValue. I see no good reason for -that to still be there, seeing that we disabled external DTDs (at a -lower level) years ago for security reasons. Let's just remove it. - -Back-patch to all supported branches, since they might all get built -with newer libxml2 once it gets a bit more popular. (The back -branches produce another deprecation warning about xpath.c's use of -xmlSubstituteEntitiesDefault(). We ought to consider whether to -back-patch all or part of commit 65c5864d7 to silence that. It's -less urgent though, since it won't break the buildfarm.) - -Discussion: https://postgr.es/m/1389505.1706382262@sss.pgh.pa.us ---- - contrib/xml2/xpath.c | 1 - - src/backend/utils/adt/xml.c | 14 ++++++++++++-- - 2 files changed, 12 insertions(+), 3 deletions(-) - -diff --git a/contrib/xml2/xpath.c b/contrib/xml2/xpath.c -index 1e5b71d9a0..f44caf0020 100644 ---- a/contrib/xml2/xpath.c -+++ b/contrib/xml2/xpath.c -@@ -75,7 +75,6 @@ pgxml_parser_init(PgXmlStrictness strictness) - xmlInitParser(); - - xmlSubstituteEntitiesDefault(1); -- xmlLoadExtDtdDefaultValue = 1; - - return xmlerrcxt; - } -diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c -index df7a1b6c40..d7caaaaca0 100644 ---- a/src/backend/utils/adt/xml.c -+++ b/src/backend/utils/adt/xml.c -@@ -65,6 +65,16 @@ - #if LIBXML_VERSION >= 20704 - #define HAVE_XMLSTRUCTUREDERRORCONTEXT 1 - #endif -+ -+/* -+ * libxml2 2.12 decided to insert "const" into the error handler API. -+ */ -+#if LIBXML_VERSION >= 21200 -+#define PgXmlErrorPtr const xmlError * -+#else -+#define PgXmlErrorPtr xmlErrorPtr -+#endif -+ - #endif /* USE_LIBXML */ - - #include "access/htup_details.h" -@@ -119,7 +129,7 @@ struct PgXmlErrorContext - - static xmlParserInputPtr xmlPgEntityLoader(const char *URL, const char *ID, - xmlParserCtxtPtr ctxt); --static void xml_errorHandler(void *data, xmlErrorPtr error); -+static void xml_errorHandler(void *data, PgXmlErrorPtr error); - static void xml_ereport_by_code(int level, int sqlcode, - const char *msg, int errcode); - static void chopStringInfoNewlines(StringInfo str); -@@ -1750,7 +1760,7 @@ xml_ereport(PgXmlErrorContext *errcxt, int level, int sqlcode, const char *msg) - * Error handler for libxml errors and warnings - */ - static void --xml_errorHandler(void *data, xmlErrorPtr error) -+xml_errorHandler(void *data, PgXmlErrorPtr error) - { - PgXmlErrorContext *xmlerrcxt = (PgXmlErrorContext *) data; - xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) error->ctxt; --- -2.30.2 - diff --git a/dev-db/postgresql/files/postgresql-15-openssl3.2.patch b/dev-db/postgresql/files/postgresql-15-openssl3.2.patch deleted file mode 100644 index 6e0b954a9f0b..000000000000 --- a/dev-db/postgresql/files/postgresql-15-openssl3.2.patch +++ /dev/null @@ -1,194 +0,0 @@ -commit a4927ebffae000198f6054eea26191ac2e50697f -Author: Tom Lane -Date: Tue Nov 28 12:34:03 2023 -0500 - - Use BIO_{get,set}_app_data instead of BIO_{get,set}_data. - - We should have done it this way all along, but we accidentally got - away with using the wrong BIO field up until OpenSSL 3.2. There, - the library's BIO routines that we rely on use the "data" field - for their own purposes, and our conflicting use causes assorted - weird behaviors up to and including core dumps when SSL connections - are attempted. Switch to using the approved field for the purpose, - i.e. app_data. - - While at it, remove our configure probes for BIO_get_data as well - as the fallback implementation. BIO_{get,set}_app_data have been - there since long before any OpenSSL version that we still support, - even in the back branches. - - Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor - change in an error message spelling that evidently came in with 3.2. - - Tristan Partin and Bo Andreson. Back-patch to all supported branches. - - Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com - -diff --git a/configure b/configure -index d83a402ea1..d55440cd6a 100755 ---- a/configure -+++ b/configure -@@ -13239,7 +13239,7 @@ done - # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. -- for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free -+ for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free - do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` - ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -diff --git a/configure.ac b/configure.ac -index 570daced81..2bc752ca1a 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1347,7 +1347,7 @@ if test "$with_ssl" = openssl ; then - # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. -- AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free]) -+ AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free]) - # OpenSSL versions before 1.1.0 required setting callback functions, for - # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock() - # function was removed. -diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c -index f5c5ed210e..aed8a75345 100644 ---- a/src/backend/libpq/be-secure-openssl.c -+++ b/src/backend/libpq/be-secure-openssl.c -@@ -839,11 +839,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor) - * to retry; do we need to adopt their logic for that? - */ - --#ifndef HAVE_BIO_GET_DATA --#define BIO_get_data(bio) (bio->ptr) --#define BIO_set_data(bio, data) (bio->ptr = data) --#endif -- - static BIO_METHOD *my_bio_methods = NULL; - - static int -@@ -853,7 +848,7 @@ my_sock_read(BIO *h, char *buf, int size) - - if (buf != NULL) - { -- res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size); -+ res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size); - BIO_clear_retry_flags(h); - if (res <= 0) - { -@@ -873,7 +868,7 @@ my_sock_write(BIO *h, const char *buf, int size) - { - int res = 0; - -- res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size); -+ res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size); - BIO_clear_retry_flags(h); - if (res <= 0) - { -@@ -949,7 +944,7 @@ my_SSL_set_fd(Port *port, int fd) - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); - goto err; - } -- BIO_set_data(bio, port); -+ BIO_set_app_data(bio, port); - - BIO_set_fd(bio, fd, BIO_NOCLOSE); - SSL_set_bio(port->ssl, bio, bio); -diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in -index d09e9f9a1c..768e3d719c 100644 ---- a/src/include/pg_config.h.in -+++ b/src/include/pg_config.h.in -@@ -77,9 +77,6 @@ - /* Define to 1 if you have the `backtrace_symbols' function. */ - #undef HAVE_BACKTRACE_SYMBOLS - --/* Define to 1 if you have the `BIO_get_data' function. */ --#undef HAVE_BIO_GET_DATA -- - /* Define to 1 if you have the `BIO_meth_new' function. */ - #undef HAVE_BIO_METH_NEW - -diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c -index af59ff49f7..c19b0dc078 100644 ---- a/src/interfaces/libpq/fe-secure-openssl.c -+++ b/src/interfaces/libpq/fe-secure-openssl.c -@@ -1800,11 +1800,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name) - * to retry; do we need to adopt their logic for that? - */ - --#ifndef HAVE_BIO_GET_DATA --#define BIO_get_data(bio) (bio->ptr) --#define BIO_set_data(bio, data) (bio->ptr = data) --#endif -- -+/* protected by ssl_config_mutex */ - static BIO_METHOD *my_bio_methods; - - static int -@@ -1812,7 +1808,7 @@ my_sock_read(BIO *h, char *buf, int size) - { - int res; - -- res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size); -+ res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size); - BIO_clear_retry_flags(h); - if (res < 0) - { -@@ -1842,7 +1838,7 @@ my_sock_write(BIO *h, const char *buf, int size) - { - int res; - -- res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size); -+ res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size); - BIO_clear_retry_flags(h); - if (res < 0) - { -@@ -1933,7 +1929,7 @@ my_SSL_set_fd(PGconn *conn, int fd) - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); - goto err; - } -- BIO_set_data(bio, conn); -+ BIO_set_app_data(bio, conn); - - SSL_set_bio(conn->ssl, bio, bio); - BIO_set_fd(bio, fd, BIO_NOCLOSE); -diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl -index 707f4005af..c570b48a1b 100644 ---- a/src/test/ssl/t/001_ssltests.pl -+++ b/src/test/ssl/t/001_ssltests.pl -@@ -682,7 +682,7 @@ $node->connect_fails( - "$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt " - . sslkey('client-revoked.key'), - "certificate authorization fails with revoked client cert", -- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/, -+ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|, - # revoked certificates should not authenticate the user - log_unlike => [qr/connection authenticated:/],); - -@@ -743,6 +743,6 @@ $node->connect_fails( - "$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt " - . sslkey('client-revoked.key'), - "certificate authorization fails with revoked client cert with server-side CRL directory", -- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/); -+ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|); - - done_testing(); -diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm -index 790f03b05e..a53239fa28 100644 ---- a/src/tools/msvc/Solution.pm -+++ b/src/tools/msvc/Solution.pm -@@ -226,7 +226,6 @@ sub GenerateFiles - HAVE_ATOMICS => 1, - HAVE_ATOMIC_H => undef, - HAVE_BACKTRACE_SYMBOLS => undef, -- HAVE_BIO_GET_DATA => undef, - HAVE_BIO_METH_NEW => undef, - HAVE_CLOCK_GETTIME => undef, - HAVE_COMPUTED_GOTO => undef, -@@ -566,7 +565,6 @@ sub GenerateFiles - || ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0')) - { - $define{HAVE_ASN1_STRING_GET0_DATA} = 1; -- $define{HAVE_BIO_GET_DATA} = 1; - $define{HAVE_BIO_METH_NEW} = 1; - $define{HAVE_HMAC_CTX_FREE} = 1; - $define{HAVE_HMAC_CTX_NEW} = 1; diff --git a/dev-db/postgresql/files/postgresql-15-xml-2.12.patch b/dev-db/postgresql/files/postgresql-15-xml-2.12.patch deleted file mode 100644 index fd8b963f9381..000000000000 --- a/dev-db/postgresql/files/postgresql-15-xml-2.12.patch +++ /dev/null @@ -1,83 +0,0 @@ -From 3f8ac13b19764e3a485772d3cbb3ae6c4047eef2 Mon Sep 17 00:00:00 2001 -From: Tom Lane -Date: Mon, 29 Jan 2024 12:06:07 -0500 -Subject: [PATCH] Fix incompatibilities with libxml2 >= 2.12.0. - -libxml2 changed the required signature of error handler callbacks -to make the passed xmlError struct "const". This is causing build -failures on buildfarm member caiman, and no doubt will start showing -up in the field quite soon. Add a version check to adjust the -declaration of xml_errorHandler() according to LIBXML_VERSION. - -2.12.x also produces deprecation warnings for contrib/xml2/xpath.c's -assignment to xmlLoadExtDtdDefaultValue. I see no good reason for -that to still be there, seeing that we disabled external DTDs (at a -lower level) years ago for security reasons. Let's just remove it. - -Back-patch to all supported branches, since they might all get built -with newer libxml2 once it gets a bit more popular. (The back -branches produce another deprecation warning about xpath.c's use of -xmlSubstituteEntitiesDefault(). We ought to consider whether to -back-patch all or part of commit 65c5864d7 to silence that. It's -less urgent though, since it won't break the buildfarm.) - -Discussion: https://postgr.es/m/1389505.1706382262@sss.pgh.pa.us ---- - contrib/xml2/xpath.c | 1 - - src/backend/utils/adt/xml.c | 14 ++++++++++++-- - 2 files changed, 12 insertions(+), 3 deletions(-) - -diff --git a/contrib/xml2/xpath.c b/contrib/xml2/xpath.c -index a692dc6be8..94641930f7 100644 ---- a/contrib/xml2/xpath.c -+++ b/contrib/xml2/xpath.c -@@ -75,7 +75,6 @@ pgxml_parser_init(PgXmlStrictness strictness) - xmlInitParser(); - - xmlSubstituteEntitiesDefault(1); -- xmlLoadExtDtdDefaultValue = 1; - - return xmlerrcxt; - } -diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c -index 6411f56b99..aae0692586 100644 ---- a/src/backend/utils/adt/xml.c -+++ b/src/backend/utils/adt/xml.c -@@ -65,6 +65,16 @@ - #if LIBXML_VERSION >= 20704 - #define HAVE_XMLSTRUCTUREDERRORCONTEXT 1 - #endif -+ -+/* -+ * libxml2 2.12 decided to insert "const" into the error handler API. -+ */ -+#if LIBXML_VERSION >= 21200 -+#define PgXmlErrorPtr const xmlError * -+#else -+#define PgXmlErrorPtr xmlErrorPtr -+#endif -+ - #endif /* USE_LIBXML */ - - #include "access/htup_details.h" -@@ -119,7 +129,7 @@ struct PgXmlErrorContext - - static xmlParserInputPtr xmlPgEntityLoader(const char *URL, const char *ID, - xmlParserCtxtPtr ctxt); --static void xml_errorHandler(void *data, xmlErrorPtr error); -+static void xml_errorHandler(void *data, PgXmlErrorPtr error); - static void xml_ereport_by_code(int level, int sqlcode, - const char *msg, int errcode); - static void chopStringInfoNewlines(StringInfo str); -@@ -1749,7 +1759,7 @@ xml_ereport(PgXmlErrorContext *errcxt, int level, int sqlcode, const char *msg) - * Error handler for libxml errors and warnings - */ - static void --xml_errorHandler(void *data, xmlErrorPtr error) -+xml_errorHandler(void *data, PgXmlErrorPtr error) - { - PgXmlErrorContext *xmlerrcxt = (PgXmlErrorContext *) data; - xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) error->ctxt; --- -2.30.2 - diff --git a/dev-db/postgresql/files/postgresql-16-openssl3.2.patch b/dev-db/postgresql/files/postgresql-16-openssl3.2.patch deleted file mode 100644 index 2740187d9f4e..000000000000 --- a/dev-db/postgresql/files/postgresql-16-openssl3.2.patch +++ /dev/null @@ -1,216 +0,0 @@ -commit 9140a24b312176ebb4e6eb6458b33ce640c04440 -Author: Tom Lane -Date: Tue Nov 28 12:34:03 2023 -0500 - - Use BIO_{get,set}_app_data instead of BIO_{get,set}_data. - - We should have done it this way all along, but we accidentally got - away with using the wrong BIO field up until OpenSSL 3.2. There, - the library's BIO routines that we rely on use the "data" field - for their own purposes, and our conflicting use causes assorted - weird behaviors up to and including core dumps when SSL connections - are attempted. Switch to using the approved field for the purpose, - i.e. app_data. - - While at it, remove our configure probes for BIO_get_data as well - as the fallback implementation. BIO_{get,set}_app_data have been - there since long before any OpenSSL version that we still support, - even in the back branches. - - Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor - change in an error message spelling that evidently came in with 3.2. - - Tristan Partin and Bo Andreson. Back-patch to all supported branches. - - Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com - -diff --git a/configure b/configure -index 82e45657b2..907c777b9c 100755 ---- a/configure -+++ b/configure -@@ -12982,7 +12982,7 @@ done - # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. -- for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free -+ for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free - do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` - ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -diff --git a/configure.ac b/configure.ac -index fcea0bcab4..ab32bfdd08 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1385,7 +1385,7 @@ if test "$with_ssl" = openssl ; then - # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. -- AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free]) -+ AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free]) - # OpenSSL versions before 1.1.0 required setting callback functions, for - # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock() - # function was removed. -diff --git a/meson.build b/meson.build -index 51b5285924..96fc2e139a 100644 ---- a/meson.build -+++ b/meson.build -@@ -1278,7 +1278,6 @@ if sslopt in ['auto', 'openssl'] - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. - ['OPENSSL_init_ssl'], -- ['BIO_get_data'], - ['BIO_meth_new'], - ['ASN1_STRING_get0_data'], - ['HMAC_CTX_new'], -diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c -index e9c86d08df..49dca0cda9 100644 ---- a/src/backend/libpq/be-secure-openssl.c -+++ b/src/backend/libpq/be-secure-openssl.c -@@ -844,11 +844,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor) - * to retry; do we need to adopt their logic for that? - */ - --#ifndef HAVE_BIO_GET_DATA --#define BIO_get_data(bio) (bio->ptr) --#define BIO_set_data(bio, data) (bio->ptr = data) --#endif -- - static BIO_METHOD *my_bio_methods = NULL; - - static int -@@ -858,7 +853,7 @@ my_sock_read(BIO *h, char *buf, int size) - - if (buf != NULL) - { -- res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size); -+ res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size); - BIO_clear_retry_flags(h); - if (res <= 0) - { -@@ -878,7 +873,7 @@ my_sock_write(BIO *h, const char *buf, int size) - { - int res = 0; - -- res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size); -+ res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size); - BIO_clear_retry_flags(h); - if (res <= 0) - { -@@ -954,7 +949,7 @@ my_SSL_set_fd(Port *port, int fd) - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); - goto err; - } -- BIO_set_data(bio, port); -+ BIO_set_app_data(bio, port); - - BIO_set_fd(bio, fd, BIO_NOCLOSE); - SSL_set_bio(port->ssl, bio, bio); -diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in -index 6d572c3820..174544630e 100644 ---- a/src/include/pg_config.h.in -+++ b/src/include/pg_config.h.in -@@ -70,9 +70,6 @@ - /* Define to 1 if you have the `backtrace_symbols' function. */ - #undef HAVE_BACKTRACE_SYMBOLS - --/* Define to 1 if you have the `BIO_get_data' function. */ --#undef HAVE_BIO_GET_DATA -- - /* Define to 1 if you have the `BIO_meth_new' function. */ - #undef HAVE_BIO_METH_NEW - -diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c -index 390c888c96..fb6404ade0 100644 ---- a/src/interfaces/libpq/fe-secure-openssl.c -+++ b/src/interfaces/libpq/fe-secure-openssl.c -@@ -1830,11 +1830,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name) - * to retry; do we need to adopt their logic for that? - */ - --#ifndef HAVE_BIO_GET_DATA --#define BIO_get_data(bio) (bio->ptr) --#define BIO_set_data(bio, data) (bio->ptr = data) --#endif -- -+/* protected by ssl_config_mutex */ - static BIO_METHOD *my_bio_methods; - - static int -@@ -1842,7 +1838,7 @@ my_sock_read(BIO *h, char *buf, int size) - { - int res; - -- res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size); -+ res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size); - BIO_clear_retry_flags(h); - if (res < 0) - { -@@ -1872,7 +1868,7 @@ my_sock_write(BIO *h, const char *buf, int size) - { - int res; - -- res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size); -+ res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size); - BIO_clear_retry_flags(h); - if (res < 0) - { -@@ -1963,7 +1959,7 @@ my_SSL_set_fd(PGconn *conn, int fd) - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); - goto err; - } -- BIO_set_data(bio, conn); -+ BIO_set_app_data(bio, conn); - - SSL_set_bio(conn->ssl, bio, bio); - BIO_set_fd(bio, fd, BIO_NOCLOSE); -diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl -index 76442de063..9bb28fbc83 100644 ---- a/src/test/ssl/t/001_ssltests.pl -+++ b/src/test/ssl/t/001_ssltests.pl -@@ -781,7 +781,7 @@ $node->connect_fails( - "$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt " - . sslkey('client-revoked.key'), - "certificate authorization fails with revoked client cert", -- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/, -+ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|, - # temporarily(?) skip this check due to timing issue - # log_like => [ - # qr{Client certificate verification failed at depth 0: certificate revoked}, -@@ -886,7 +886,7 @@ $node->connect_fails( - "$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt " - . sslkey('client-revoked.key'), - "certificate authorization fails with revoked client cert with server-side CRL directory", -- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/, -+ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|, - # temporarily(?) skip this check due to timing issue - # log_like => [ - # qr{Client certificate verification failed at depth 0: certificate revoked}, -@@ -899,7 +899,7 @@ $node->connect_fails( - "$common_connstr user=ssltestuser sslcert=ssl/client-revoked-utf8.crt " - . sslkey('client-revoked-utf8.key'), - "certificate authorization fails with revoked UTF-8 client cert with server-side CRL directory", -- expected_stderr => qr/SSL error: sslv3 alert certificate revoked/, -+ expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|, - # temporarily(?) skip this check due to timing issue - # log_like => [ - # qr{Client certificate verification failed at depth 0: certificate revoked}, -diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm -index b6d31c3583..711fae853f 100644 ---- a/src/tools/msvc/Solution.pm -+++ b/src/tools/msvc/Solution.pm -@@ -225,7 +225,6 @@ sub GenerateFiles - HAVE_ATOMICS => 1, - HAVE_ATOMIC_H => undef, - HAVE_BACKTRACE_SYMBOLS => undef, -- HAVE_BIO_GET_DATA => undef, - HAVE_BIO_METH_NEW => undef, - HAVE_COMPUTED_GOTO => undef, - HAVE_COPYFILE => undef, -@@ -503,7 +502,6 @@ sub GenerateFiles - || ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0')) - { - $define{HAVE_ASN1_STRING_GET0_DATA} = 1; -- $define{HAVE_BIO_GET_DATA} = 1; - $define{HAVE_BIO_METH_NEW} = 1; - $define{HAVE_HMAC_CTX_FREE} = 1; - $define{HAVE_HMAC_CTX_NEW} = 1; diff --git a/dev-db/postgresql/files/postgresql-16-xml-2.12.patch b/dev-db/postgresql/files/postgresql-16-xml-2.12.patch deleted file mode 100644 index aac072c67393..000000000000 --- a/dev-db/postgresql/files/postgresql-16-xml-2.12.patch +++ /dev/null @@ -1,83 +0,0 @@ -From e02fea093ebb7ff5093c4cd9827710000bb31146 Mon Sep 17 00:00:00 2001 -From: Tom Lane -Date: Mon, 29 Jan 2024 12:06:07 -0500 -Subject: [PATCH] Fix incompatibilities with libxml2 >= 2.12.0. - -libxml2 changed the required signature of error handler callbacks -to make the passed xmlError struct "const". This is causing build -failures on buildfarm member caiman, and no doubt will start showing -up in the field quite soon. Add a version check to adjust the -declaration of xml_errorHandler() according to LIBXML_VERSION. - -2.12.x also produces deprecation warnings for contrib/xml2/xpath.c's -assignment to xmlLoadExtDtdDefaultValue. I see no good reason for -that to still be there, seeing that we disabled external DTDs (at a -lower level) years ago for security reasons. Let's just remove it. - -Back-patch to all supported branches, since they might all get built -with newer libxml2 once it gets a bit more popular. (The back -branches produce another deprecation warning about xpath.c's use of -xmlSubstituteEntitiesDefault(). We ought to consider whether to -back-patch all or part of commit 65c5864d7 to silence that. It's -less urgent though, since it won't break the buildfarm.) - -Discussion: https://postgr.es/m/1389505.1706382262@sss.pgh.pa.us ---- - contrib/xml2/xpath.c | 1 - - src/backend/utils/adt/xml.c | 14 ++++++++++++-- - 2 files changed, 12 insertions(+), 3 deletions(-) - -diff --git a/contrib/xml2/xpath.c b/contrib/xml2/xpath.c -index a692dc6be8..94641930f7 100644 ---- a/contrib/xml2/xpath.c -+++ b/contrib/xml2/xpath.c -@@ -75,7 +75,6 @@ pgxml_parser_init(PgXmlStrictness strictness) - xmlInitParser(); - - xmlSubstituteEntitiesDefault(1); -- xmlLoadExtDtdDefaultValue = 1; - - return xmlerrcxt; - } -diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c -index 2300c7ebf3..9f4e775003 100644 ---- a/src/backend/utils/adt/xml.c -+++ b/src/backend/utils/adt/xml.c -@@ -66,6 +66,16 @@ - #if LIBXML_VERSION >= 20704 - #define HAVE_XMLSTRUCTUREDERRORCONTEXT 1 - #endif -+ -+/* -+ * libxml2 2.12 decided to insert "const" into the error handler API. -+ */ -+#if LIBXML_VERSION >= 21200 -+#define PgXmlErrorPtr const xmlError * -+#else -+#define PgXmlErrorPtr xmlErrorPtr -+#endif -+ - #endif /* USE_LIBXML */ - - #include "access/htup_details.h" -@@ -123,7 +133,7 @@ static xmlParserInputPtr xmlPgEntityLoader(const char *URL, const char *ID, - xmlParserCtxtPtr ctxt); - static void xml_errsave(Node *escontext, PgXmlErrorContext *errcxt, - int sqlcode, const char *msg); --static void xml_errorHandler(void *data, xmlErrorPtr error); -+static void xml_errorHandler(void *data, PgXmlErrorPtr error); - static int errdetail_for_xml_code(int code); - static void chopStringInfoNewlines(StringInfo str); - static void appendStringInfoLineSeparator(StringInfo str); -@@ -2002,7 +2012,7 @@ xml_errsave(Node *escontext, PgXmlErrorContext *errcxt, - * Error handler for libxml errors and warnings - */ - static void --xml_errorHandler(void *data, xmlErrorPtr error) -+xml_errorHandler(void *data, PgXmlErrorPtr error) - { - PgXmlErrorContext *xmlerrcxt = (PgXmlErrorContext *) data; - xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) error->ctxt; --- -2.30.2 - -- cgit v1.2.3