Re: Retire support for OpenSSL 1.1.1 due to raised API requirements
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Cc: Tom Lane <tgl@sss.pgh.pa.us>,
Michael Paquier <michael@paquier.xyz>
Date: 2024-10-03T10:17:03Z
Lists: pgsql-hackers
> On 10 Sep 2024, at 10:44, Daniel Gustafsson <daniel@yesql.se> wrote: > This change will be committed together with the TLSv1.3 cipher suite pathcset, > just wanted to bring it up here and not hide it in another thread. In the TLSv1.3 cipher suite thread it was brought up that this bump in minimum version would bump the minimum version of libressl to 3.4, whcih corresponds to the OpenBSD 3.4 release (from October 2021). The OpenBSD project only supports the two last releases (7.7 will be the latest by the time v18 ships it seems) and I assume LibreSSL follows that since they don't state anything else AFAICT. To keep this from being buried on another thread I figured I'd bring it up here as well. We don't explicitly mention which libressl version we support, if we raise it as proposed here then perhaps it's a good time to state that in the docs. -- Daniel Gustafsson
Commits
-
Raise the minimum supported OpenSSL version to 1.1.1
- 6c66b7443ceb 18.0 landed
-
Remove support for OpenSSL older than 1.1.0
- a70e01d4306f 18.0 cited