diff -crN '--exclude=.git' '--exclude=.gitee' '--exclude=.vscode' opengauss_server_600/src/common/interfaces/libpq/fe-secure.cpp opengauss_server_600_edit/src/common/interfaces/libpq/fe-secure.cpp *** opengauss_server_600/src/common/interfaces/libpq/fe-secure.cpp 2024-11-19 20:01:27.697621300 +0800 --- opengauss_server_600_edit/src/common/interfaces/libpq/fe-secure.cpp 2024-11-19 20:04:07.461621300 +0800 *************** *** 446,451 **** --- 446,454 ---- libpq_gettext("SSL error: %s, remote datanode %s, error: %s\n"), errm, conn->remote_nodename, strerror(errno)); SSLerrfree(errm); + #ifdef ENABLE_OPENSSL3 + REMEMBER_EPIPE(spinfo, errno == EPIPE); + #endif /* assume the connection is broken */ result_errno = ECONNRESET; n = -1; *************** *** 596,601 **** --- 599,607 ---- libpq_gettext("SSL error: %s, remote datanode %s, error: %s\n"), errm, conn->remote_nodename, strerror(errno)); SSLerrfree(errm); + #ifdef ENABLE_OPENSSL3 + REMEMBER_EPIPE(spinfo, errno == EPIPE); + #endif /* assume the connection is broken */ result_errno = ECONNRESET; n = -1; diff -crN '--exclude=.git' '--exclude=.gitee' '--exclude=.vscode' opengauss_server_600/src/gausskernel/security/keymgr/encrypt/security_aead_aes_hmac_enc_key.cpp opengauss_server_600_edit/src/gausskernel/security/keymgr/encrypt/security_aead_aes_hmac_enc_key.cpp *** opengauss_server_600/src/gausskernel/security/keymgr/encrypt/security_aead_aes_hmac_enc_key.cpp 2024-11-19 20:01:27.705621300 +0800 --- opengauss_server_600_edit/src/gausskernel/security/keymgr/encrypt/security_aead_aes_hmac_enc_key.cpp 2024-11-19 20:04:07.773621300 +0800 *************** *** 47,52 **** --- 47,62 ---- const int RAND_COUNT = 100; + #ifdef ENABLE_OPENSSL3 + void HmacCtxGroup::free_hmac_ctx(HMAC_CTX** ctx_tmp) const + { + if (*ctx_tmp != NULL) { + HMAC_CTX_free(*ctx_tmp); + *ctx_tmp = NULL; + } + } + #endif + /* Derives all the required keys from the given root key */ AeadAesHamcEncKey::AeadAesHamcEncKey(unsigned char *root_key, size_t root_key_size) { diff -crN '--exclude=.git' '--exclude=.gitee' '--exclude=.vscode' opengauss_server_600/src/gausskernel/security/keymgr/encrypt/security_sm2_enc_key.cpp opengauss_server_600_edit/src/gausskernel/security/keymgr/encrypt/security_sm2_enc_key.cpp *** opengauss_server_600/src/gausskernel/security/keymgr/encrypt/security_sm2_enc_key.cpp 2024-11-19 20:01:27.705621300 +0800 --- opengauss_server_600_edit/src/gausskernel/security/keymgr/encrypt/security_sm2_enc_key.cpp 2024-11-19 20:04:07.773621300 +0800 *************** *** 163,174 **** --- 163,176 ---- return CMKEM_EVP_ERR; } + #ifndef ENABLE_OPENSSL3 ret = EVP_PKEY_set_alias_type(public_evp_key, EVP_PKEY_SM2); if (ret != 1) { cmkem_errmsg("EVP_PKEY_set_alias_type to EVP_PKEY_SM2 failed!"); EVP_PKEY_free(public_evp_key); return CMKEM_EVP_ERR; } + #endif /* do cipher. */ ctx = EVP_PKEY_CTX_new(public_evp_key, NULL); *************** *** 253,264 **** --- 255,268 ---- return CMKEM_EVP_ERR; } + #ifndef ENABLE_OPENSSL3 ret = EVP_PKEY_set_alias_type(private_evp_key, EVP_PKEY_SM2); if (ret != 1) { cmkem_errmsg("EVP_PKEY_set_alias_type to EVP_PKEY_SM2 failed!"); EVP_PKEY_free(private_evp_key); return CMKEM_EVP_ERR; } + #endif /* do cipher. */ ctx = EVP_PKEY_CTX_new(private_evp_key, NULL); diff -crN '--exclude=.git' '--exclude=.gitee' '--exclude=.vscode' opengauss_server_600/src/include/keymgr/encrypt/security_aead_aes_hamc_enc_key.h opengauss_server_600_edit/src/include/keymgr/encrypt/security_aead_aes_hamc_enc_key.h *** opengauss_server_600/src/include/keymgr/encrypt/security_aead_aes_hamc_enc_key.h 2024-11-19 20:01:27.721621300 +0800 --- opengauss_server_600_edit/src/include/keymgr/encrypt/security_aead_aes_hamc_enc_key.h 2024-11-19 20:04:08.037621300 +0800 *************** *** 49,54 **** --- 49,57 ---- HMAC_CTX* ctx_worker; HMAC_CTX* ctx_template; private: + #ifdef ENABLE_OPENSSL3 + void free_hmac_ctx(HMAC_CTX** ctx_tmp) const; + #else void free_hmac_ctx(HMAC_CTX** ctx_tmp) { if (*ctx_tmp != NULL) { *************** *** 56,61 **** --- 59,65 ---- *ctx_tmp = NULL; } } + #endif }; /*