Re: OpenSSL 1.1 breaks configure and more
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Andreas Karlsson <andreas@proxel.se>
Cc: Heikki Linnakangas <hlinnaka@iki.fi>, Victor Wagner <vitus@wagner.pp.ru>,
pgsql-hackers@postgresql.org, Christoph Berg <myon@debian.org>
Date: 2016-09-05T00:23:43Z
Lists: pgsql-hackers
Andreas Karlsson <andreas@proxel.se> writes: > On 08/30/2016 08:42 AM, Heikki Linnakangas wrote: >> PS. I just remembered that I've wanted to refactor the pgcrypto calls >> for symmetric encryption to use the newer EVP API for some time, and >> even posted a patch for that >> (https://www.postgresql.org/message-id/561274F1.1030000@iki.fi). I >> dropped the ball back then, but I think I'll go ahead and do that now, >> once we get these other OpenSSL changes in. > Nice! Judging by the number of people who have popped up recently with their own OpenSSL 1.1 patches, I think there is going to be a lot of demand for back-patching some sort of 1.1 support into our back branches. All this talk of refactoring does not sound very back-patchable. Should we be thinking of what we can extract that is back-patchable? regards, tom lane
Commits
-
Back-patch 9.4-era SSL renegotiation code into 9.3 and 9.2.
- fbfeceb25362 9.3.17 landed
- 58384149bdbd 9.2.21 landed