Thread

  1. Re: PostgreSQL and OpenSSL 4.0.0

    Daniel Gustafsson <daniel@yesql.se> — 2026-05-27T10:47:32Z

    > On 27 May 2026, at 02:06, Michael Paquier <michael@paquier.xyz> wrote:
    > 
    > On Tue, May 26, 2026 at 10:16:40AM +0200, Daniel Gustafsson wrote:
    >> I have plans for fixing this in v20 but for 14-19 there isn't much we can do
    >> except unconstifying.
    > 
    > Indeed, no objections regarding that for the stable branches.
    
    Thanks for confirming.  I am currently re-testing all the combinations of stable
    postgres branches and supported OpenSSL and LibreSSL versions.
    
    > For v20, it sounds to me that cutting through the set of versions of
    > OpenSSL supported should make the situation much saner, even if the
    > range of changes seems to be limited due to the LibreSSL story.
    
    Not to thread-jack myself, but.  I have a WIP patch for v20 which separates the
    code into {fe|be}-secure-openssl.c and {fe[be}-secure-libressl such that we can
    start modernizing our OpenSSL code without breaking LibreSSL or risk ending up
    with an impenetrable ifdef soup.  Will share shortly to get a discussion going
    for how we want to deal with TLS support in 20 and onwards.
    
    --
    Daniel Gustafsson