> On 6 Feb 2020, at 20:04, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> I think this should be reverted. Perhaps there's a way to do it without
> these problems, but we failed to find one in the past.
Or change to the v1 patch in this thread, which avoids the problem by doing it
in the OpenSSL code. It's a shame to have generic TLS functionality be OpenSSL
specific when everything else TLS has been abstracted, but not working is
clearly a worse option.
cheers ./daniel