diff options
| author | Daniel Gustafsson <dgustafsson@postgresql.org> | 2024-09-02 13:51:48 +0200 |
|---|---|---|
| committer | Daniel Gustafsson <dgustafsson@postgresql.org> | 2024-09-02 13:51:48 +0200 |
| commit | a70e01d4306fdbcd5fbedb4ca97e5c21c995da60 (patch) | |
| tree | 78a6e4588190fcd1568f98f28b3b38eef028c8e6 /src/interfaces/libpq/fe-secure.c | |
| parent | 6ebeeae29626e742bbe16db3fa6fccf1186c0dfb (diff) | |
| download | postgresql-a70e01d4306fdbcd5fbedb4ca97e5c21c995da60.tar.gz postgresql-a70e01d4306fdbcd5fbedb4ca97e5c21c995da60.zip | |
Remove support for OpenSSL older than 1.1.0
OpenSSL 1.0.2 has been EOL from the upstream OpenSSL project for
some time, and is no longer the default OpenSSL version with any
vendor which package PostgreSQL. By retiring support for OpenSSL
1.0.2 we can remove a lot of no longer required complexity for
managing state within libcrypto which is now handled by OpenSSL.
Reviewed-by: Jacob Champion <jacob.champion@enterprisedb.com>
Reviewed-by: Peter Eisentraut <peter@eisentraut.org>
Reviewed-by: Michael Paquier <michael@paquier.xyz>
Discussion: https://postgr.es/m/ZG3JNursG69dz1lr@paquier.xyz
Discussion: https://postgr.es/m/CA+hUKGKh7QrYzu=8yWEUJvXtMVm_CNWH1L_TLWCbZMwbi1XP2Q@mail.gmail.com
Diffstat (limited to 'src/interfaces/libpq/fe-secure.c')
| -rw-r--r-- | src/interfaces/libpq/fe-secure.c | 35 |
1 files changed, 10 insertions, 25 deletions
diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c index f628082337e..5567be9d39d 100644 --- a/src/interfaces/libpq/fe-secure.c +++ b/src/interfaces/libpq/fe-secure.c @@ -108,42 +108,27 @@ PQsslInUse(PGconn *conn) } /* - * Exported function to allow application to tell us it's already - * initialized OpenSSL. + * Exported function to allow application to tell us it's already initialized + * OpenSSL. Since OpenSSL 1.1.0 it is no longer required to explicitly + * initialize libssl and libcrypto, so this is a no-op. This function remains + * for backwards API compatibility. */ void PQinitSSL(int do_init) { -#ifdef USE_SSL - pgtls_init_library(do_init, do_init); -#endif + /* no-op */ } /* - * Exported function to allow application to tell us it's already - * initialized OpenSSL and/or libcrypto. + * Exported function to allow application to tell us it's already initialized + * OpenSSL. Since OpenSSL 1.1.0 it is no longer required to explicitly + * initialize libssl and libcrypto, so this is a no-op. This function remains + * for backwards API compatibility. */ void PQinitOpenSSL(int do_ssl, int do_crypto) { -#ifdef USE_SSL - pgtls_init_library(do_ssl, do_crypto); -#endif -} - -/* - * Initialize global SSL context - */ -int -pqsecure_initialize(PGconn *conn, bool do_ssl, bool do_crypto) -{ - int r = 0; - -#ifdef USE_SSL - r = pgtls_init(conn, do_ssl, do_crypto); -#endif - - return r; + /* no-op */ } /* |