On Mon, Nov 01, 2021 at 11:15:32PM +0100, Daniel Gustafsson wrote: > On 1 Nov 2021, at 14:33, Tom Lane <t...@sss.pgh.pa.us> wrote: >>> Judging by OpenSSL, including both is common practice unless the module only >>> deals with v3 extensions. Following that lead seems reasonable. >> >> I see that fe-secure-openssl.c includes only x509v3.h, and it builds >> successfully on hamerkop. So I'm now inclined to make be-secure-openssl.c >> match that. > > That is in and out of itself not wrong, it shouldn't be required but it's > definitely not wrong to do regardless of what's causing this.
I would follow the practice of upstream to include both if were me to be consistent, but I'm also fine if you just add x509v3.h to be-secure-openssl.c. -- Michael
signature.asc
Description: PGP signature
