upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-02-20 00:10:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/include/common/openssl.h
Daniel Gustafsson a70e01d430 Remove support for OpenSSL older than 1.1.0 
OpenSSL 1.0.2 has been EOL from the upstream OpenSSL project for
some time, and is no longer the default OpenSSL version with any
vendor which package PostgreSQL. By retiring support for OpenSSL
1.0.2 we can remove a lot of no longer required complexity for
managing state within libcrypto which is now handled by OpenSSL.

Reviewed-by: Jacob Champion <jacob.champion@enterprisedb.com>
Reviewed-by: Peter Eisentraut <peter@eisentraut.org>
Reviewed-by: Michael Paquier <michael@paquier.xyz>
Discussion: https://postgr.es/m/ZG3JNursG69dz1lr@paquier.xyz
Discussion: https://postgr.es/m/CA+hUKGKh7QrYzu=8yWEUJvXtMVm_CNWH1L_TLWCbZMwbi1XP2Q@mail.gmail.com
2024-09-02 13:51:48 +02:00

43 lines
1.3 KiB
C
Raw Blame History

/*-------------------------------------------------------------------------
*
* openssl.h
* OpenSSL supporting functionality shared between frontend and backend
*
* Portions Copyright (c) 1996-2024, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
* IDENTIFICATION
* src/include/common/openssl.h
*
*-------------------------------------------------------------------------
*/
#ifndef COMMON_OPENSSL_H
#define COMMON_OPENSSL_H
#ifdef USE_OPENSSL
#include <openssl/ssl.h>
/*
* LibreSSL doesn't provide any very nice way to identify the max protocol
* versions the library supports, analogous to TLS_MAX_VERSION in OpenSSL, so
* we define our own. Note in particular that this doesn't account for
* restrictions that might be specified in the installation's openssl.cnf.
*
* We disable SSLv3 and older in library setup, so TLSv1 is the oldest
* protocol version of interest.
*/
#define MIN_OPENSSL_TLS_VERSION "TLSv1"
#if defined(TLS1_3_VERSION)
#define MAX_OPENSSL_TLS_VERSION "TLSv1.3"
#elif defined(TLS1_2_VERSION)
#define MAX_OPENSSL_TLS_VERSION "TLSv1.2"
#elif defined(TLS1_1_VERSION)
#define MAX_OPENSSL_TLS_VERSION "TLSv1.1"
#else
#define MAX_OPENSSL_TLS_VERSION "TLSv1"
#endif
#endif /* USE_OPENSSL */
#endif /* COMMON_OPENSSL_H */
Reference in a new issue View git blame Copy permalink