> On 3 Apr 2024, at 17:29, Tom Lane <t...@sss.pgh.pa.us> wrote: > > Jacob Champion <jacob.champ...@enterprisedb.com> writes: >> As far as I can tell, no versions of LibreSSL so far provide >> X509_get_signature_info(), so this patch is probably a bit too >> aggressive. > > Another problem with cutting support is how many buildfarm members > will we lose. I scraped recent configure logs and got the attached > results. I count 3 machines running 1.0.1,
Support for 1.0.1 was removed with 8e278b657664 in July 2023 so those are not building with OpenSSL enabled already. > 18 running some flavor of 1.0.2, massasauga and snakefly run the ssl_passphrase_callback-check test but none of these run the ssl-check tests AFAICT, so we have very low coverage as is. The fact that very few animals run the ssl tests is a pet peeve of mine, it would be nice if we could get broader coverage there. Worth noting is that the OpenSSL check in configure.ac only reports what the version of the OpenSSL binary in $PATH is, not which version of the library that we build against (using --with-libs/--with-includes etc). -- Daniel Gustafsson