Due to a conflict in macro names on Windows between <wincrypt.h>
and <openssl/ssl.h> these headers need to be included using a
predictable pattern with an undef to handle that. The GSSAPI
header <gssapi.h> does include <wincrypt.h> which cause problems
with compiling PostgreSQL using MSVC when OpenSSL and GSSAPI are
both enabled in the tree. Rather than fixing piecemeal for each
file including gssapi headers, move the the includes and undef
to a new file which should be used to centralize the logic.
This patch is a reworked version of a patch by Imran Zaheer
proposed earlier in the thread. Once this has proven effective
in master we should look at backporting this as the problem
exist at least since v16.
Author: Daniel Gustafsson <
[email protected]>
Co-authored-by: Imran Zaheer <[email protected]>
Reported-by: Dave Page <[email protected]>
Reviewed-by: Andres Freund <[email protected]>
Reviewed-by: vignesh C <[email protected]>
Discussion: https://postgr.es/m/
20240708173204[email protected]
#include "miscadmin.h"
#include "utils/builtins.h"
-/*
- * On Windows, <wincrypt.h> includes a #define for X509_NAME, which breaks our
- * ability to use OpenSSL's version of that symbol if <wincrypt.h> is pulled
- * in after <openssl/ssl.h> ... and, at least on some builds, it is. We
- * can't reliably fix that by re-ordering #includes, because libpq/libpq-be.h
- * #includes <openssl/ssl.h>. Instead, just zap the #define again here.
- */
-#ifdef X509_NAME
-#undef X509_NAME
-#endif
-
PG_MODULE_MAGIC;
static Datum X509_NAME_field_to_text(X509_NAME *name, text *fieldName);
#ifdef ENABLE_GSS
-#if defined(HAVE_GSSAPI_H)
-#include <gssapi.h>
-#include <gssapi_ext.h>
-#else
-#include <gssapi/gssapi.h>
-#include <gssapi/gssapi_ext.h>
-#endif
+#include "libpq/pg-gssapi.h"
extern void pg_GSS_error(const char *errmsg,
OM_uint32 maj_stat, OM_uint32 min_stat);
#endif
#include <netinet/tcp.h>
-#ifdef ENABLE_GSS
-#if defined(HAVE_GSSAPI_H)
-#include <gssapi.h>
-#else
-#include <gssapi/gssapi.h>
-#endif /* HAVE_GSSAPI_H */
-#endif /* ENABLE_GSS */
+#include "libpq/pg-gssapi.h"
#ifdef ENABLE_SSPI
#define SECURITY_WIN32
--- /dev/null
+/*-------------------------------------------------------------------------
+ *
+ * pg-gssapi.h
+ * Definitions for including GSSAPI headers
+ *
+ * Portions Copyright (c) 1996-2025, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * src/include/libpq/pg-gssapi.h
+ *
+ *-------------------------------------------------------------------------
+ */
+
+#ifndef PG_GSSAPI_H
+#define PG_GSSAPI_H
+
+#ifdef ENABLE_GSS
+
+/* IWYU pragma: begin_exports */
+#if defined(HAVE_GSSAPI_H)
+#include <gssapi.h>
+#include <gssapi_ext.h>
+#else
+#include <gssapi/gssapi.h>
+#include <gssapi/gssapi_ext.h>
+#endif
+/* IWYU pragma: end_exports */
+
+/*
+* On Windows, <wincrypt.h> includes a #define for X509_NAME, which breaks our
+* ability to use OpenSSL's version of that symbol if <wincrypt.h> is pulled
+* in after <openssl/ssl.h> ... and, at least on some builds, it is. We
+* can't reliably fix that by re-ordering #includes, because libpq/libpq-be.h
+* #includes <openssl/ssl.h>. Instead, just zap the #define again here.
+*/
+#ifdef X509_NAME
+#undef X509_NAME
+#endif
+
+#endif /* ENABLE_GSS */
+
+#endif /* PG_GSSAPI_H */
#include "fe-auth-sasl.h"
#include "pqexpbuffer.h"
-/* IWYU pragma: begin_exports */
-#ifdef ENABLE_GSS
-#if defined(HAVE_GSSAPI_H)
-#include <gssapi.h>
-#else
-#include <gssapi/gssapi.h>
-#endif
-#endif
-/* IWYU pragma: end_exports */
+#include "libpq/pg-gssapi.h"
#ifdef ENABLE_SSPI
#define SECURITY_WIN32
projects / postgresql.git / commitdiff