| From: | Andreas Karlsson <andreas(at)proxel(dot)se> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Christoph Berg <myon(at)debian(dot)org>, Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, Victor Wagner <vitus(at)wagner(dot)pp(dot)ru>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: OpenSSL 1.1 breaks configure and more |
| Date: | 2017-04-16 21:27:10 |
| Message-ID: | 3fe46983-e370-43d0-32b9-768017b4c0b7@proxel.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 04/16/2017 03:14 AM, Tom Lane wrote:
> 1. Back-patch that patch, probably also including the followup adjustments
> in 86029b31e and 36a3be654.
>
> 2. Add #if's to use 31cf1a1a4's coding with OpenSSL >= 1.1, while keeping
> the older code for use when built against older OpenSSLs.
>
> 3. Conditionally disable renegotiation altogether with OpenSSL >= 1.1,
> thus adopting 9.5 not 9.4 behavior when using newer OpenSSL.
>
> [...]
>
> Thoughts?
Given that I cannot recall seeing any complaints about the behavior of
9.4 compared to 9.3 I am leaning towards #1. That way there are fewer
different versions of our OpenSSL code.
Andreas
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2017-04-16 22:26:34 | Re: OpenSSL 1.1 breaks configure and more |
| Previous Message | Petr Jelinek | 2017-04-16 20:32:02 | Re: tablesync patch broke the assumption that logical rep depends on? |