Re: SSL tests fail on OpenSSL v3.2.0

On Mon Nov 27, 2023 at 7:14 PM CST, Tom Lane wrote:
> "Tristan Partin" <tristan(at)neon(dot)tech> writes:
> > On Mon Nov 27, 2023 at 6:21 PM CST, Tom Lane wrote:
> >> What about LibreSSL? In general, I'm not too pleased with just assuming
> >> that BIO_get_app_data exists.
>
> > Falling back to what existed before is invalid.
>
> Well, sure it only worked by accident, but it did work with older
> OpenSSL versions. If we assume that BIO_get_app_data exists, and
> somebody tries to use it with a version that hasn't got that,
> it won't work.
>
> Having said that, my concern was mainly driven by the comments in
> configure.ac claiming that this was an OpenSSL 1.1.0 addition.
> Looking at the relevant commits, 593d4e47d and 5c6df67e0, it seems
> that that was less about "the function doesn't exist before 1.1.0"
> and more about "in 1.1.0 we have to use the function because we
> can no longer directly access the ptr field". If the function
> does exist in 0.9.8 then I concur that we don't need to test.

I have gone back all the way to 1.0.0 and confirmed that the function
exists. Didn't choose to go further than that since Postgres doesn't
support it.

--
Tristan Partin
Neon (https://neon.tech)