pgsql: pgcrypto: Remove non-OpenSSL support

pgcrypto: Remove non-OpenSSL support

pgcrypto had internal implementations of some encryption algorithms,
as an alternative to calling out to OpenSSL. These were rarely used,
since most production installations are built with OpenSSL. Moreover,
maintaining parallel code paths makes the code more complex and
difficult to maintain.

This patch removes these internal implementations. Now, pgcrypto is
only built if OpenSSL support is configured.

Reviewed-by: Daniel Gustafsson <daniel(at)yesql(dot)se>
Discussion: https://www.postgresql.org/message-id/flat/0b42f1df-8cba-6a30-77d7-acc241cc88c1%40enterprisedb.com

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/db7d1a7b0530e8cbd045744e1c75b0e63fb6916f

Modified Files
--------------
contrib/Makefile | 5 +-
contrib/pgcrypto/Makefile | 73 +-
contrib/pgcrypto/blf.c | 499 -----
contrib/pgcrypto/blf.h | 46 -
contrib/pgcrypto/imath.c | 3588 -----------------------------------
contrib/pgcrypto/imath.h | 445 -----
contrib/pgcrypto/internal-sha2.c | 206 --
contrib/pgcrypto/internal.c | 585 ------
contrib/pgcrypto/pgp-mpi-internal.c | 304 ---
contrib/pgcrypto/rijndael.c | 677 -------
contrib/pgcrypto/rijndael.h | 59 -
contrib/pgcrypto/rijndael.tbl | 1138 -----------
doc/src/sgml/pgcrypto.sgml | 113 +-
src/tools/msvc/Mkvcbuild.pm | 39 +-
src/tools/msvc/vcregress.pl | 7 +-
15 files changed, 42 insertions(+), 7742 deletions(-)

Hi,

On 2021-11-05 13:09:55 +0000, Peter Eisentraut wrote:
> pgcrypto: Remove non-OpenSSL support
>
> pgcrypto had internal implementations of some encryption algorithms,
> as an alternative to calling out to OpenSSL. These were rarely used,
> since most production installations are built with OpenSSL. Moreover,
> maintaining parallel code paths makes the code more complex and
> difficult to maintain.
>
> This patch removes these internal implementations. Now, pgcrypto is
> only built if OpenSSL support is configured.

This appears to have broken msvc pgcrypto being tested with msvc. I think
that's because pgcrypto is still listed in the "base" @contrib_excludes and
thus just isn't getting built anymore, now that the special-case build rule is
gone?

Greetings,

Andres Freund

Andres Freund <andres(at)anarazel(dot)de> writes:
> This appears to have broken msvc pgcrypto being tested with msvc. I think
> that's because pgcrypto is still listed in the "base" @contrib_excludes and
> thus just isn't getting built anymore, now that the special-case build rule is
> gone?

I came to the same conclusion and pushed that change. We'll soon
see whether it's sufficient.

regards, tom lane

Hi,

On 2021-11-06 18:07:09 -0400, Tom Lane wrote:
> Andres Freund <andres(at)anarazel(dot)de> writes:
> > This appears to have broken msvc pgcrypto being tested with msvc. I think
> > that's because pgcrypto is still listed in the "base" @contrib_excludes and
> > thus just isn't getting built anymore, now that the special-case build rule is
> > gone?
>
> I came to the same conclusion and pushed that change. We'll soon
> see whether it's sufficient.

It was sufficient. The tests are still running, but the pgcrypto test just
passed (see contribcheck_test):
https://cirrus-ci.com/task/6128369478664192
vs previous run before rebasing:
https://cirrus-ci.com/task/5856750176829440

This is the meson branch, but testing the src/tools/msvc style build.

Greetings,

Andres Freund

On Sat, Nov 06, 2021 at 03:34:20PM -0700, Andres Freund wrote:
> It was sufficient. The tests are still running, but the pgcrypto test just
> passed (see contribcheck_test):
> https://cirrus-ci.com/task/6128369478664192
> vs previous run before rebasing:
> https://cirrus-ci.com/task/5856750176829440
>
> This is the meson branch, but testing the src/tools/msvc style build.

The build is fixed, but not the buildfarm:
2021-11-06 15:49:48.623 EDT [21704:4] pg_regress/init LOG: statement:
CREATE EXTENSION pgcrypto;
2021-11-06 15:49:48.637 EDT [21704:5] pg_regress/init ERROR: could
not access file "$libdir/pgcrypto": No such file or directory
2021-11-06 15:49:48.637 EDT [21704:6] pg_regress/init STATEMENT:
CREATE EXTENSION pgcrypto;

It looks like this missed an installation path. This should be
reproducible in my own environment, but I don't have the room to look
at it seriously today.
--
Michael

Hi,

On 2021-11-07 10:38:07 +0900, Michael Paquier wrote:
> On Sat, Nov 06, 2021 at 03:34:20PM -0700, Andres Freund wrote:
> > It was sufficient. The tests are still running, but the pgcrypto test just
> > passed (see contribcheck_test):
> > https://cirrus-ci.com/task/6128369478664192
> > vs previous run before rebasing:
> > https://cirrus-ci.com/task/5856750176829440
> >
> > This is the meson branch, but testing the src/tools/msvc style build.
>
> The build is fixed, but not the buildfarm:
> 2021-11-06 15:49:48.623 EDT [21704:4] pg_regress/init LOG: statement:
> CREATE EXTENSION pgcrypto;
> 2021-11-06 15:49:48.637 EDT [21704:5] pg_regress/init ERROR: could
> not access file "$libdir/pgcrypto": No such file or directory
> 2021-11-06 15:49:48.637 EDT [21704:6] pg_regress/init STATEMENT:
> CREATE EXTENSION pgcrypto;
>
> It looks like this missed an installation path. This should be
> reproducible in my own environment, but I don't have the room to look
> at it seriously today.

Hm? That's what I was seeing before, and what got fixed by
3c2c391dc9f82fae181508ebcc2f7621ffefd024

Greetings,

Andres Freund

Hi,

On 2021-11-06 19:07:29 -0700, Andres Freund wrote:
> On 2021-11-07 10:38:07 +0900, Michael Paquier wrote:
> > On Sat, Nov 06, 2021 at 03:34:20PM -0700, Andres Freund wrote:
> > > It was sufficient. The tests are still running, but the pgcrypto test just
> > > passed (see contribcheck_test):
> > > https://cirrus-ci.com/task/6128369478664192
> > > vs previous run before rebasing:
> > > https://cirrus-ci.com/task/5856750176829440
> > >
> > > This is the meson branch, but testing the src/tools/msvc style build.
> >
> > The build is fixed, but not the buildfarm:
> > 2021-11-06 15:49:48.623 EDT [21704:4] pg_regress/init LOG: statement:
> > CREATE EXTENSION pgcrypto;
> > 2021-11-06 15:49:48.637 EDT [21704:5] pg_regress/init ERROR: could
> > not access file "$libdir/pgcrypto": No such file or directory
> > 2021-11-06 15:49:48.637 EDT [21704:6] pg_regress/init STATEMENT:
> > CREATE EXTENSION pgcrypto;
> >
> > It looks like this missed an installation path. This should be
> > reproducible in my own environment, but I don't have the room to look
> > at it seriously today.
>
> Hm? That's what I was seeing before, and what got fixed by
> 3c2c391dc9f82fae181508ebcc2f7621ffefd024

The log excerpt appears to be from bowerbird [1], and predates that commit. I
didn't see any windows buildfarm run that completed since the above commit.

Greetings,

Andres Freund

[1] https://buildfarm.postgresql.org/cgi-bin/show_log.pl?nm=bowerbird&dt=2021-11-06%2019%3A13%3A40

Andres Freund <andres(at)anarazel(dot)de> writes:
> The log excerpt appears to be from bowerbird [1], and predates that commit. I
> didn't see any windows buildfarm run that completed since the above commit.

bowerbird just came through with a green run.

regards, tom lane