| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Retire support for OpenSSL 1.1.1 due to raised API requirements |
| Date: | 2024-09-09 14:48:30 |
| Message-ID: | 3146086.1725893310@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Daniel Gustafsson <daniel(at)yesql(dot)se> writes:
> The patchset in https://commitfest.postgresql.org/49/5025/ which adds support
> for configuring cipher suites in TLS 1.3 handshakes require an API available in
> OpenSSL 1.1.1 and onwards. With that as motivation I'd like to propose that we
> remove support for OpenSSL 1.1.0 and set the minimum required version to 1.1.1.
> OpenSSL 1.1.0 was EOL in September 2019 and was never an LTS version, so it's
> not packaged in anything anymore AFAICT and should be very rare in production
> use in conjunction with an updated postgres. 1.1.1 LTS will be 2 years EOL by
> the time v18 ships so I doubt this will be all that controversial.
Yeah ... the alternative would be to conditionally compile the new
functionality. That doesn't seem like a productive use of developer
time if it's supporting just one version that should be extinct in
the wild by now.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2024-09-09 15:24:28 | Re: query ID goes missing with extended query protocol |
| Previous Message | Fujii Masao | 2024-09-09 14:36:46 | Remove old RULE privilege completely |