Re: [JDBC] [HACKERS] Channel binding support for SCRAM-SHA-256

Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> writes:
> On 1/4/18 16:17, Tom Lane wrote:
>> dromedary is whinging about OBJ_find_sigid_algs, as well.

> Yeah, it seems like we might need to fine-tune this a bit more to make
> it work across all OpenSSL versions. I'm going to let the buildfarm
> take a run through the current code and see what other issues arise.

Well, it looks like the older machines don't like OBJ_find_sigid_algs,
and the newest machines don't like what you're trying to pass to it:

/home/andres/build/buildfarm-calliphoridae/HEAD/pgsql.build/../pgsql/src/backend/libpq/be-secure-openssl.c: In function ‘be_tls_get_certificate_hash’:
/home/andres/build/buildfarm-calliphoridae/HEAD/pgsql.build/../pgsql/src/backend/libpq/be-secure-openssl.c:1268:50: error: dereferencing pointer to incomplete type ‘X509 {aka struct x509_st}’
if (!OBJ_find_sigid_algs(OBJ_obj2nid(server_cert->sig_alg->algorithm),
^~

so this is looking mighty like a crashed and burned patch from here :-(

regards, tom lane