| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, Magnus Hagander <magnus(at)hagander(dot)net>, Daniel Gustafsson <daniel(at)yesql(dot)se>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Update minimum SSL version |
| Date: | 2019-12-02 17:40:18 |
| Message-ID: | CA+TgmoY4E8J3id=0xJW9m3vLwdLaOoYefj334nZpLx26T-XftA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Dec 2, 2019 at 11:39 AM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> That's an excellent point, but it looks like we're pretty good
> already. I tried the patch with openssl 0.9.8x, and got this
> failure at server start:
>
> FATAL: ssl_min_protocol_version setting TLSv1.2 not supported by this build
Oh, that's pretty good.
> Maybe it'd be worth extending that to show the max supported
> version, with some rats-nest of #ifdefs, but I'm not sure if
> it's worth the trouble.
Especially if we mess up the #ifdefs. :-)
I don't have super-strong feelings that we have to try to do that. It
would be worth doing if it were easy, I think, but if our hypothesis
that this will affect relatively few people is correct, it may not
matter very much.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2019-12-02 17:51:26 | Re: Update minimum SSL version |
| Previous Message | Alvaro Herrera | 2019-12-02 16:48:40 | Re: Implementing Incremental View Maintenance |