From 1ddb9e14eadf95802c835a3754af5621615ded30 Mon Sep 17 00:00:00 2001
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Fri, 9 May 2025 11:50:33 -0400
Subject: [PATCH] Centralize ssl tests' check for whether we're using LibreSSL.

Right now there's only one caller, so that this is merely
an exercise in shoving code from one module to another,
but there will shortly be another one.  It seems better to
avoid having two copies of this highly-subject-to-change test.

Back-patch to v15, where we first introduced some tests that
don't work with LibreSSL.

Reported-by: Thomas Munro <thomas.munro@gmail.com>
Author: Tom Lane <tgl@sss.pgh.pa.us>
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Discussion: https://postgr.es/m/CA+hUKG+fLqyweHqFSBcErueUVT0vDuSNWui-ySz3+d_APmq7dw@mail.gmail.com
Backpatch-through: 15
---
 src/test/ssl/t/SSL/Backend/OpenSSL.pm | 20 ++++++++++++++++++++
 src/test/ssl/t/SSL/Server.pm          | 17 +++++++++++++++++
 2 files changed, 37 insertions(+)

diff --git a/src/test/ssl/t/SSL/Backend/OpenSSL.pm b/src/test/ssl/t/SSL/Backend/OpenSSL.pm
index aed6005b432..b8f169410d2 100644
--- a/src/test/ssl/t/SSL/Backend/OpenSSL.pm
+++ b/src/test/ssl/t/SSL/Backend/OpenSSL.pm
@@ -26,6 +26,7 @@ package SSL::Backend::OpenSSL;
 
 use strict;
 use warnings;
+use PostgreSQL::Test::Utils;
 use File::Basename;
 use File::Copy;
 
@@ -204,6 +205,25 @@ sub get_library
 	return $self->{_library};
 }
 
+=pod
+
+=item $backend->library_is_libressl()
+
+Detect whether the SSL library is LibreSSL.
+
+=cut
+
+sub library_is_libressl
+{
+	my ($self) = @_;
+
+	# The HAVE_SSL_CTX_SET_CERT_CB macro isn't defined for LibreSSL.
+	# (Nor for OpenSSL 1.0.1, but that's old enough that accommodating it
+	# isn't worth the cost.)
+	# We may eventually need a less-bogus heuristic.
+	return not check_pg_config("#define HAVE_SSL_CTX_SET_CERT_CB 1");
+}
+
 # Internal method for copying a set of files, taking into account wildcards
 sub _copy_files
 {
diff --git a/src/test/ssl/t/SSL/Server.pm b/src/test/ssl/t/SSL/Server.pm
index e3f8cbb451f..c7c894e209c 100644
--- a/src/test/ssl/t/SSL/Server.pm
+++ b/src/test/ssl/t/SSL/Server.pm
@@ -243,6 +243,23 @@ sub ssl_library
 
 =pod
 
+=item $server->is_libressl()
+
+Detect whether the currently used SSL backend is LibreSSL.
+(Ideally we'd not need this hack, but presently we do.)
+
+=cut
+
+sub is_libressl
+{
+	my $self = shift;
+	my $backend = $self->{backend};
+
+	return $backend->library_is_libressl();
+}
+
+=pod
+
 =item switch_server_cert(params)
 
 Change the configuration to use the given set of certificate, key, ca and