Re: SSL tests fail on OpenSSL v3.2.0

From: Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Daniel Gustafsson <daniel(at)yesql(dot)se>, Tristan Partin <tristan(at)neon(dot)tech>, Bo Anderson <mail(at)boanderson(dot)me>, Michael Paquier <michael(at)paquier(dot)xyz>, Nazir Bilal Yavuz <byavuz81(at)gmail(dot)com>, Andres Freund <andres(at)anarazel(dot)de>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: SSL tests fail on OpenSSL v3.2.0
Date: 2023-11-29 16:58:22
Message-ID: 202311291658.gdimcxunsnl7@alvherre.pgsql
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

On 2023-Nov-29, Tom Lane wrote:

> Kind of odd that, with that mission statement, they are adding
> BIO_{get,set}_app_data on the justification that OpenSSL has it
> and Postgres is starting to use it. Nonetheless, that commit
> also seems to prove the point about lack of API/ABI stability.

As I understand it, this simply means that Google is already building
their own fork of Postgres, patching it to use BoringSSL. (This makes
sense, since they offer Postgres databases in their cloud offerings.)
They don't need PGDG to support BoringSSL, but they do need to make sure
that BoringSSL is able to support being used by Postgres.

> I'm content to take their advice and not try to support BoringSSL.

That seems the right reaction. It is not our problem.

Álvaro Herrera 48°01'N 7°57'E —
"Having your biases confirmed independently is how scientific progress is
made, and hence made our great society what it is today" (Mary Gardiner)

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Andrew Dunstan 2023-11-29 17:03:04 Re: remaining sql/json patches
Previous Message Tristan Partin 2023-11-29 16:48:23 Re: SSL tests fail on OpenSSL v3.2.0