| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Thomas Munro <thomas(dot)munro(at)gmail(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
| Subject: | Re: disabled SSL log_like tests |
| Date: | 2025-05-08 15:05:20 |
| Message-ID: | 2C91E50A-BBBF-4863-8582-6BF2C645CCC1@yesql.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On 8 May 2025, at 15:49, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>
> Daniel Gustafsson <daniel(at)yesql(dot)se> writes:
>> On 7 May 2025, at 23:54, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>>> +# Determine whether this build uses OpenSSL or LibreSSL. As a heuristic, the
>>> +# HAVE_SSL_CTX_SET_CERT_CB macro isn't defined for LibreSSL.
>>> +my $libressl = not check_pg_config("#define HAVE_SSL_CTX_SET_CERT_CB 1");
>
>> Longer term it would be nice to move this into SSL::Server and have the module
>> export a function or symbol which returns the underlying library and version,
>> but that's not for this patch.
>
> I was feeling itchy about having two copies of code that looks none
> too set-in-stone. Maybe we should just do that. Any preferences
> on the API?
There is already SSL::Server::ssl_library() which returns the underlying
library, but it's not smart enough to differentiate between which flavour of
OpenSSL compatible library is being used (OpenSSL, Libressl, BoringSSL etc) as
it's only returning a hardcoded string as of now. My plan was to expand that
at some point.
--
Daniel Gustafsson
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2025-05-08 15:14:19 | Re: PG 18 release notes draft committed |
| Previous Message | David G. Johnston | 2025-05-08 14:49:32 | Re: Improve docs for n_distinct_inherited |