Daniel Gustafsson <dan...@yesql.se> writes:
>> On 7 May 2025, at 06:34, Tom Lane <t...@sss.pgh.pa.us> wrote:
>> I couldn't help noticing that the backtraces went through
>> lib/libssl/tls13_legacy.c, which doesn't give a warm feeling
>> about how supported they think our usage is (and perhaps also
>> explains why they didn't detect this bug themselves).
> Since we no longer support 1.0.2 we can apply something like the (lightly
> tested) attached which should be a no-op as we already use TLS_method() but
> via
> an alias.
Yeah, I saw that SSLv23_method() was merely an alias for TLS_method()
in LibreSSL as well. That means unfortunately that your proposal is
just cosmetic and doesn't get us out of using code that they're
calling "legacy". I wonder what it would take to get to the "modern"
code paths.
regards, tom lane
