Home > mailing lists

Re: Retire support for OpenSSL 1.1.1 due to raised API requirements - Mailing list pgsql-hackers

From	Daniel Gustafsson
Subject	Re: Retire support for OpenSSL 1.1.1 due to raised API requirements
Date	September 10 14:44:42
Msg-id	6C3D2F05-39AD-4B15-BF56-14B5B0749811@yesql.se Whole thread Raw
In response to	Re: Retire support for OpenSSL 1.1.1 due to raised API requirements (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

> On 10 Sep 2024, at 00:53, Michael Paquier <michael@paquier.xyz> wrote:
>
> On Mon, Sep 09, 2024 at 11:29:09PM +0200, Daniel Gustafsson wrote:
>> Agreed.  OpenSSL 1.1.1 is very different story and I suspect we'll be stuck on
>> that level for some time, but 1.1.0 is gone from production use.
>
> The cleanup induced by the removal of 1.1.0 is minimal.  I'm on board
> about your argument with SSL_CTX_set_ciphersuites() to drop 1.1.0 and
> simplify the other feature.

Yeah, the change to existing code is trivial but avoiding adding a kluge to
handle versions without the relevant API will save complexity.  Thanks for
review.

This change will be committed together with the TLSv1.3 cipher suite pathcset,
just wanted to bring it up here and not hide it in another thread.

--
Daniel Gustafsson

pgsql-hackers by date:

From: Peter Smith
Date: 10 September, 14:19:37
Subject: Re: Pgoutput not capturing the generated columns

From: Amit Kapila
Date: 10 September, 14:46:27
Subject: Re: Invalid Assert while validating REPLICA IDENTITY?

Re: Retire support for OpenSSL 1.1.1 due to raised API requirements - Mailing list pgsql-hackers

Previous

Next