Re: OpenSSL 3.0.0 vs old branches

From: Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>
To: Andrew Dunstan <andrew(at)dunslane(dot)net>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: Re: OpenSSL 3.0.0 vs old branches
Date: 2023-02-07 07:18:53
Message-ID: 2b2f97d5-b2e9-564e-ea71-96dd62799e47@enterprisedb.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On 06.02.23 16:56, Andrew Dunstan wrote:
> I recently moved crake to a new machine running Fedora 36, which has
> OpenSSL 3.0.0. This causes the SSL tests to fail on branches earlier
> than release 13, so I propose to backpatch commit f0d2c65f17 to the
> release 11 and 12 branches.

This is not the only patch that we did to support OpenSSL 3.0.0. There
was a very lengthy discussion that resulted in various patches. Unless
we have a complete analysis of what was done and how it affects various
branches, I would not do this. Notably, we did actually consider what
to backpatch, and the current state is the result of that. So let's not
throw that away without considering that carefully. Even if it gets it
to compile, I personally would not *trust* it without that analysis. I
think we should just leave it alone and consider OpenSSL 3.0.0
unsupported in the branches were it is now unsupported. OpenSSL 1.1.1
is still supported upstream to serve those releases.

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message wangw.fnst@fujitsu.com 2023-02-07 07:28:33 RE: [PATCH] Reuse Workers and Replication Slots during Logical Replication
Previous Message Masahiko Sawada 2023-02-07 07:11:17 Re: Perform streaming logical transactions by background workers and parallel apply