Daniel Gustafsson <daniel@yesql.se> writes:
> On 7 Mar 2024, at 20:58, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> This could probably do with a comment, and we need to propagate
>> the fix into libpq's copy of the function too. Barring objections,
>> I'll take care of that and push it later today.
> LGTM.
Done so far as be-secure-openssl.c and fe-secure-openssl.c are
concerned. But I noticed that src/common/cryptohash_openssl.c and
src/common/hmac_openssl.c have their own, rather half-baked versions
of SSLerrmessage. I didn't do anything about that in the initial
patch, because it's not clear to me that those routines would ever
see system-errno-based errors, plus their comments claim that
returning NULL isn't terribly bad. But if we want to do something
about it, I don't think that maintaining 3 copies of the code is the
way to go. Maybe push be-secure-openssl.c's version into src/common?
regards, tom lane