> On 27 May 2026, at 02:06, Michael Paquier <[email protected]> wrote:
>
> On Tue, May 26, 2026 at 10:16:40AM +0200, Daniel Gustafsson wrote:
>> I have plans for fixing this in v20 but for 14-19 there isn't much we can do
>> except unconstifying.
>
> Indeed, no objections regarding that for the stable branches.
Thanks for confirming. I am currently re-testing all the combinations of stable
postgres branches and supported OpenSSL and LibreSSL versions.
> For v20, it sounds to me that cutting through the set of versions of
> OpenSSL supported should make the situation much saner, even if the
> range of changes seems to be limited due to the LibreSSL story.
Not to thread-jack myself, but. I have a WIP patch for v20 which separates the
code into {fe|be}-secure-openssl.c and {fe[be}-secure-libressl such that we can
start modernizing our OpenSSL code without breaking LibreSSL or risk ending up
with an impenetrable ifdef soup. Will share shortly to get a discussion going
for how we want to deal with TLS support in 20 and onwards.
--
Daniel Gustafsson
