Thread
-
Re: PostgreSQL and OpenSSL 4.0.0
Daniel Gustafsson <daniel@yesql.se> — 2026-05-27T10:47:32Z
> On 27 May 2026, at 02:06, Michael Paquier <michael@paquier.xyz> wrote: > > On Tue, May 26, 2026 at 10:16:40AM +0200, Daniel Gustafsson wrote: >> I have plans for fixing this in v20 but for 14-19 there isn't much we can do >> except unconstifying. > > Indeed, no objections regarding that for the stable branches. Thanks for confirming. I am currently re-testing all the combinations of stable postgres branches and supported OpenSSL and LibreSSL versions. > For v20, it sounds to me that cutting through the set of versions of > OpenSSL supported should make the situation much saner, even if the > range of changes seems to be limited due to the LibreSSL story. Not to thread-jack myself, but. I have a WIP patch for v20 which separates the code into {fe|be}-secure-openssl.c and {fe[be}-secure-libressl such that we can start modernizing our OpenSSL code without breaking LibreSSL or risk ending up with an impenetrable ifdef soup. Will share shortly to get a discussion going for how we want to deal with TLS support in 20 and onwards. -- Daniel Gustafsson