Re: OpenSSL 1.1 breaks configure and more
Michael Paquier <michael.paquier@gmail.com>
From: Michael Paquier <michael.paquier@gmail.com>
To: Heikki Linnakangas <hlinnaka@iki.fi>
Cc: Tom Lane <tgl@sss.pgh.pa.us>,
Peter Eisentraut <peter.eisentraut@2ndquadrant.com>, Andreas Karlsson <andreas@proxel.se>, Victor Wagner <vitus@wagner.pp.ru>, PostgreSQL mailing lists <pgsql-hackers@postgresql.org>,
Christoph Berg <myon@debian.org>
Date: 2016-08-27T14:07:12Z
Lists: pgsql-hackers
On Sat, Aug 27, 2016 at 2:04 AM, Heikki Linnakangas <hlinnaka@iki.fi> wrote: > On 08/26/2016 07:44 PM, Tom Lane wrote: >> Peter Eisentraut <peter.eisentraut@2ndquadrant.com> writes: >> Also, I get this on fully-up-to-date OS X (El Capitan): >> >> $ openssl version >> OpenSSL 0.9.8zh 14 Jan 2016 > > > Ok, sold, let's remove support for OpenSSL < 0.9.8. Yes I think it's a wiser plan to not brush up newer versions than that. >> Worth noting though is that without -Wno-deprecated-declarations, you >> find that Apple has sprinkled the entire OpenSSL API with deprecation >> warnings. That suggests that their plan for the future is to drop it >> rather than update it. Should we be thinking ahead to that? > > > Yeah, they want people to move to their own SSL library [1]. I doubt they > will actually remove it any time soon, but who knows. It would be a good > project for someone with an OS X system and some spare time, to write a > patch to build with OS X's native SSL library instead of OpenSSL. The code > is structured nicely to enable that now. > > [1] I couldn't find any official statement, but lots of blog posts saying > the same thing. As well on El Capitan: $ ssh -V OpenSSH_6.9p1, LibreSSL 2.1.8 So could it be possible that it would be a switch from openssl to libressl instead? -- Michael
Commits
-
Back-patch 9.4-era SSL renegotiation code into 9.3 and 9.2.
- fbfeceb25362 9.3.17 landed
- 58384149bdbd 9.2.21 landed