> On 20 Mar 2018, at 05:15, Tom Lane <t...@sss.pgh.pa.us> wrote: > > Peter Eisentraut <peter.eisentr...@2ndquadrant.com> writes: >> On 3/17/18 15:12, Daniel Gustafsson wrote: >>> On 17 Mar 2018, at 17:47, Tom Lane <t...@sss.pgh.pa.us> wrote: >>>> Buildfarm reports that SSL_clear_options isn't available everywhere. > >>> Per some reading of the documentation and various patchers it seems >>> SSL_clear_options() was introduced in 0.9.8m and SSL_OP_NO_COMPRESSION in >>> 1.0.0. > >> It seems the failure is limited to an old NetBSD version. They might >> have patched their libssl locally somehow. Is it worth supporting this? > > Dunno, but the other side of the coin is that the goals of this patch > don't seem like a sufficient reason to break backwards compatibility > with any platform.
If we test for SSL_clear_options(), and use the sk_SSL_COMP_zero() where not available, we should be able to keep backwards compatibility with older OpenSSL revisions even if the distros have patched them AFAICT. Unless you’re already working on it I can take a stab at it. cheers ./daniel
