public inbox for [email protected]
help / color / mirror / Atom feedFrom: Daniel Gustafsson <[email protected]>
To: Michael Paquier <[email protected]>
Cc: Tom Lane <[email protected]>
Cc: PostgreSQL-development <[email protected]>
Subject: Re: PostgreSQL and OpenSSL 4.0.0
Date: Wed, 27 May 2026 12:47:32 +0200
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
> On 27 May 2026, at 02:06, Michael Paquier <[email protected]> wrote:
>
> On Tue, May 26, 2026 at 10:16:40AM +0200, Daniel Gustafsson wrote:
>> I have plans for fixing this in v20 but for 14-19 there isn't much we can do
>> except unconstifying.
>
> Indeed, no objections regarding that for the stable branches.
Thanks for confirming. I am currently re-testing all the combinations of stable
postgres branches and supported OpenSSL and LibreSSL versions.
> For v20, it sounds to me that cutting through the set of versions of
> OpenSSL supported should make the situation much saner, even if the
> range of changes seems to be limited due to the LibreSSL story.
Not to thread-jack myself, but. I have a WIP patch for v20 which separates the
code into {fe|be}-secure-openssl.c and {fe[be}-secure-libressl such that we can
start modernizing our OpenSSL code without breaking LibreSSL or risk ending up
with an impenetrable ifdef soup. Will share shortly to get a discussion going
for how we want to deal with TLS support in 20 and onwards.
--
Daniel Gustafsson
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected]
Subject: Re: PostgreSQL and OpenSSL 4.0.0
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox