Re: Update minimum SSL version
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Robert Haas <robertmhaas@gmail.com>
Cc: Michael Paquier <michael@paquier.xyz>,
Magnus Hagander <magnus@hagander.net>,
Daniel Gustafsson <daniel@yesql.se>,
Peter Eisentraut <peter.eisentraut@2ndquadrant.com>,
pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2019-12-02T16:39:28Z
Lists: pgsql-hackers
Robert Haas <robertmhaas@gmail.com> writes: > ... However, it would be worth putting in some > effort to make sure that we give a good error message if this happens. That's an excellent point, but it looks like we're pretty good already. I tried the patch with openssl 0.9.8x, and got this failure at server start: FATAL: ssl_min_protocol_version setting TLSv1.2 not supported by this build Maybe it'd be worth extending that to show the max supported version, with some rats-nest of #ifdefs, but I'm not sure if it's worth the trouble. regards, tom lane
Commits
-
Fix handling of OpenSSL's SSL_clear_options
- 7ad544fd8e45 11.7 landed
- 902276ff1309 12.2 landed
- 7d0bcb047717 13.0 landed
-
Remove configure check for OpenSSL's SSL_get_current_compression()
- 28f4bba66b57 13.0 landed
-
Update minimum SSL version
- b1abfec82547 13.0 landed