On 23.09.21 20:51, Daniel Gustafsson wrote:
> For the 13- backbranches we also need to backport 22e1943f1 ("pgcrypto: Check
> for error return of px_cipher_decrypt()" by Peter E) in order to avoid
> incorrect results for decrypt tests on disallowed ciphers. Does anyone have
> any concerns about applying this to backbranches?
This should be backpatched as a bug fix.
> 13 and older will, when compiled against OpenSSL 3.0.0, produce a fair amount
> of compiler warnings on usage of depreceted functionality but there is really
> anything we can do as suppressing that is beyond the scope of a backpatchable
> fix IMHO.
Right, that's just a matter of adjusting the compiler warnings.
Earlier in this thread, I had suggested backpatching the
OPENSSL_API_COMPAT definition to PG13, but now I'm thinking I wouldn't
bother, since that still wouldn't help with anything older.
