Re: PG20 Minimum Dependency Thread

Jacob Champion <jacob.champion@enterprisedb.com>

From: Jacob Champion <jacob.champion@enterprisedb.com>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2026-06-18T21:32:23Z
Lists: pgsql-hackers
On Thu, Jun 18, 2026 at 2:06 PM Daniel Gustafsson <daniel@yesql.se> wrote:
> The entire OpenSSL 3.x line will be down to just 3.5 LTS by the time we ship
> v20.

Yeah. Though RH have been apparently shipping breaking updates to
OpenSSL in RHEL 9+, so the conversation may look completely different
when we get to those EOLs.

> One complicating factor when it comes to OpenSSL is that we need the 1.1.1 API
> support in order to keep LibreSSL supported.

True -- but I think that even if your split didn't land, surrounding
the necessary code with `#ifdef LIBRESSL_VERSION_NUMBER` would be a
big maintainability upgrade compared to "all code paths must support
both OpenSSL 1.1.1 _and_ LibreSSL which is
kind-of-not-really-the-same".

--Jacob