On 22.06.23 01:53, Michael Paquier wrote:
Looking at the relevant thread from 2020, this was still at the point
where we did not consider supporting 3.0 for all the stable branches
because 3.0 was in alpha:
https://www.postgresql.org/message-id/3d4afcfc-0930-1389-b9f7-59bdf11fb...@2ndquadrant.com
However, recent fixes like cab553a have made that possible, and we do
build with OpenSSL 3.0 across the whole set of stable branches.
Regarding the versions of OpenSSL supported:
- REL_13_STABLE requires 1.0.1 since 7b283d0e1.
- REL_12_STABLE and REL_11_STABLE require 0.9.8.
For 0.9.8, OPENSSL_API_COMPAT needs to be set at 0x00908000L (see
upstream's CHANGES.md). So I don't see a reason not to do as
suggested by Andres?
The message linked to above also says:
> I'm not sure. I don't have a good sense of what OpenSSL versions we
> claim to support in branches older than PG13. We made a conscious
> decision for 1.0.1 in PG13, but I seem to recall that that discussion
> also revealed that the version assumptions before that were quite
> inconsistent. Code in PG12 and before makes references to OpenSSL as
> old as 0.9.6. But OpenSSL 3.0.0 will reject a compat level older than
> 0.9.8.
