Home > mailing lists

Re: OpenSSL 3.0.0 vs old branches - Mailing list pgsql-hackers

From	Andrew Dunstan
Subject	Re: OpenSSL 3.0.0 vs old branches
Date	February 7, 2023 00:19:30
Msg-id	c8f06082-527b-1b9c-139b-64da2b63f359@dunslane.net Whole thread Raw
In response to	Re: OpenSSL 3.0.0 vs old branches (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: OpenSSL 3.0.0 vs old branches
List	pgsql-hackers

Tree view

On 2023-02-06 Mo 11:13, Tom Lane wrote:

Andrew Dunstan <andrew@dunslane.net> writes:

I recently moved crake to a new machine running Fedora 36, which has 
OpenSSL 3.0.0. This causes the SSL tests to fail on branches earlier 
than release 13, so I propose to backpatch commit f0d2c65f17 to the 
release 11 and 12 branches.

Hmm ... according to that commit message,
  Note that the minimum supported OpenSSL version is 1.0.1 as of  7b283d0e1d1d79bf1c962d790c94d2a53f3bb38a, so this does not introduce  any new version requirements.

So presumably, changing this test would break it for OpenSSL 0.9.8,
which is still nominally supported in those branches.  On the other
hand, this test isn't run by default, so users would likely never
notice anyway.

On the whole, +1 for doing this (after the release freeze lifts).

Presumably we don't have any buildfarm animals running with such old versions of openssl, or they would be failing the same test on release >= 13.

I'll push this in due course.

cheers

andrew

--
Andrew Dunstan
EDB: https://www.enterprisedb.com

pgsql-hackers by date:

From: Peter Eisentraut
Date: 07 February 2023, 00:16:34
Subject: Re: Allow tailoring of ICU locales with custom rules

From: Andres Freund
Date: 07 February 2023, 00:21:57
Subject: Re: run pgindent on a regular basis / scripted manner

Re: OpenSSL 3.0.0 vs old branches - Mailing list pgsql-hackers

Previous

Next