Michael Paquier <michael@paquier.xyz> writes:
> The docs of OpenSSL mention the use of both successively, where
> ENGINE_free() does the cleanup after ENGINE_by_id(), and
> ENGINE_finish() cleans up after ENGINE_init():
> https://www.openssl.org/docs/man1.1.0/man3/ENGINE_finish.html
Yeah, that reference page pretty definitely agrees with what
we're doing.
> And an actual issue is that we have no coverage for it:
> https://coverage.postgresql.org/src/interfaces/libpq/fe-secure-openssl.c.gcov.html
Oh, hmm ... I'd supposed that the code in question was exercised
in normal SSL connections, but now I see it's not so. It looks
like you need a non-default SSL "engine" to be available?? Might
be hard to test this as a routine thing if it requires additional
software.
regards, tom lane