On 22.06.23 01:53, Michael Paquier wrote:
> Looking at the relevant thread from 2020, this was still at the point
> where we did not consider supporting 3.0 for all the stable branches
> because 3.0 was in alpha:
> https://www.postgresql.org/message-id/3d4afcfc-0930-1389-b9f7-59bdf11fb125@2ndquadrant.com
>
> However, recent fixes like cab553a have made that possible, and we do
> build with OpenSSL 3.0 across the whole set of stable branches.
> Regarding the versions of OpenSSL supported:
> - REL_13_STABLE requires 1.0.1 since 7b283d0e1.
> - REL_12_STABLE and REL_11_STABLE require 0.9.8.
>
> For 0.9.8, OPENSSL_API_COMPAT needs to be set at 0x00908000L (see
> upstream's CHANGES.md). So I don't see a reason not to do as
> suggested by Andres?
The message linked to above also says:
> I'm not sure. I don't have a good sense of what OpenSSL versions we
> claim to support in branches older than PG13. We made a conscious
> decision for 1.0.1 in PG13, but I seem to recall that that discussion
> also revealed that the version assumptions before that were quite
> inconsistent. Code in PG12 and before makes references to OpenSSL as
> old as 0.9.6. But OpenSSL 3.0.0 will reject a compat level older than
> 0.9.8.