| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL-development <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: PostgreSQL and OpenSSL 4.0.0 |
| Date: | 2026-05-27 10:47:32 |
| Message-ID: | D020ACBB-A431-4068-92BE-218C26881FD0@yesql.se |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On 27 May 2026, at 02:06, Michael Paquier <michael(at)paquier(dot)xyz> wrote:
>
> On Tue, May 26, 2026 at 10:16:40AM +0200, Daniel Gustafsson wrote:
>> I have plans for fixing this in v20 but for 14-19 there isn't much we can do
>> except unconstifying.
>
> Indeed, no objections regarding that for the stable branches.
Thanks for confirming. I am currently re-testing all the combinations of stable
postgres branches and supported OpenSSL and LibreSSL versions.
> For v20, it sounds to me that cutting through the set of versions of
> OpenSSL supported should make the situation much saner, even if the
> range of changes seems to be limited due to the LibreSSL story.
Not to thread-jack myself, but. I have a WIP patch for v20 which separates the
code into {fe|be}-secure-openssl.c and {fe[be}-secure-libressl such that we can
start modernizing our OpenSSL code without breaking LibreSSL or risk ending up
with an impenetrable ifdef soup. Will share shortly to get a discussion going
for how we want to deal with TLS support in 20 and onwards.
--
Daniel Gustafsson
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Xuneng Zhou | 2026-05-27 10:55:18 | Fix safe_wal_size for slots without restart_lsn |
| Previous Message | Joel Jacobson | 2026-05-27 10:43:54 | Re: [PATCH] Fix LISTEN startup race with direct advancement |