search

CrunchyData / pgnodemx

A PostgreSQL extension that provides SQL functions to allow capture of node OS metrics via SQL queries.
Apache License 2.0
49 stars 11 forks source link

OpenSSL 3 removes FIPS_mode #15

Closed df7cb closed 1 year ago

df7cb commented 1 year ago

In OpenSSL 3, FIPS_mode() is removed. Replace using EVP_default_properties_is_fips_enabled().

Compiling with OpenSSL, FIPS_mode raises errors:

pgnodemx.c: In function ‘pgnodemx_fips_mode’:
pgnodemx.c:688:13: warning: implicit declaration of function ‘FIPS_mode’ [-Wimplicit-function-declaration]
  688 |         if (FIPS_mode())
      |             ^~~~~~~~~

postgres=# create extension pgnodemx with schema exporter ;
ERROR:  could not load library "/usr/pgsql-14-tde/lib/pgnodemx.so": /usr/pgsql-14-tde/lib/pgnodemx.so: undefined symbol: FIPS_mode

Redhat ships a /usr/include/openssl/fips.h header that restores the definition:

# define FIPS_mode() EVP_default_properties_is_fips_enabled(NULL)

... but at least on my Debian system, that header isn't present, so properly call EVP_default_properties_is_fips_enabled() in pgnodemx.c.