Hi all, While reviewing the MSVC code, I have noticed that pg_config.h.win32 is forgetting about a couple of flags defined in pg_config.h.in for v11 development. Forgetting some of them is problematic, and here are the ones I spotted: - HAVE_LDAP_INITIALIZE - HAVE_X509_GET_SIGNATURE_NID - HAVE_SSL_CLEAR_OPTIONS
HAVE_X509_GET_SIGNATURE_NID is something I worked on for the SCRAM channel binding, and not having it means that tls-server-end-point is never supported on Windows. What we need to do in this case is to extend the MSVC scripts so as "openssl version" is run once and we parse the version of OpenSSL from it. If the version is newer than 1.0.2 then the function can be used. For HAVE_LDAP_INITIALIZE, it seems to me that we could get rid of the ldap_sslinit part, but I have not studied this close enough to reach a conclusion. HAVE_SSL_CLEAR_OPTIONS means that sslcompression is not turned off by default on Windows, which does not look like a good idea to me. We could treat each issue separately, but the fact that we need to parse the function string of openssl and/or openldap to do decision-making for the MSVC script is common to all those issues. Thanks, -- Michael
signature.asc
Description: PGP signature
