Daniel Gustafsson <dan...@yesql.se> writes: > On 7 Mar 2024, at 20:58, Tom Lane <t...@sss.pgh.pa.us> wrote: >> This could probably do with a comment, and we need to propagate >> the fix into libpq's copy of the function too. Barring objections, >> I'll take care of that and push it later today.
> LGTM. Done so far as be-secure-openssl.c and fe-secure-openssl.c are concerned. But I noticed that src/common/cryptohash_openssl.c and src/common/hmac_openssl.c have their own, rather half-baked versions of SSLerrmessage. I didn't do anything about that in the initial patch, because it's not clear to me that those routines would ever see system-errno-based errors, plus their comments claim that returning NULL isn't terribly bad. But if we want to do something about it, I don't think that maintaining 3 copies of the code is the way to go. Maybe push be-secure-openssl.c's version into src/common? regards, tom lane