On Wed, Jan 11, 2023 at 10:23 AM Magnus Hagander <mag...@hagander.net> wrote: > Sorry to jump in (very) late in this game. So first, I like this general > approach :)
Thanks! > It feels icky to have to add configure tests just to make a test work. But I > guess there isn't really a way around that if we want to test the full thing. I agree... > However, shouldn't we be using X509_get_default_cert_file_env() to get the > name of the env? Granted it's unlikely to be anything else, but if it's an > API you're supposed to use. (In an ideal world that function would not return > anything in LibreSSL but I think it does include something, and then just > ignores it?) I think you're right, but before I do that, is the cure better than the disease? It seems like that would further complicate a part of the Perl tests that is already unnecessarily complicated. (The Postgres code doesn't use the envvar at all.) Unless you already know of an OpenSSL-alike that doesn't use that same envvar name? --Jacob
