Hi all,
Perhaps some of you guys knew about that, but I just found about this
stuff this morning:
https://boringssl.googlesource.com/boringssl/+/HEAD/PORTING.md
Looking at the porting section many routines have changed compared to
OpenSSL. I can't imagine this fork to become a complete replacement of
OpenSSL, but it may be worth considering an integration in Postgres
code depending on the features it will have (Curve25519,
Ed25519 mentioned). Also since 9.4 the SSL code paths have been
rearranged to allow more implementations to be done with other SSL
libraries.
Note that I am wondering also about the long-term stability and
potential backward-incompatibilities of the routines in this fork
though (recall for example v8 major breakage wround 3.14, if I recall
correctly this version number).
Thoughts?
--
Michael