Re: Add support to TLS 1.3 cipher suites and curves lists

> On 14 Oct 2024, at 15:08, Peter Eisentraut <peter@eisentraut.org> wrote:
>
> On 26.09.24 11:01, Daniel Gustafsson wrote:
>> Attached is a v7 which address a test failure in the CI.  It turns out that the
>> test_misc module gather GUC names using the :alpha: character class which only
>> allows alphabetic whereas GUC names can have digits in them.  The 0001 patch
>> fixes this by instead using the :alnum: character class which allows all
>> alphanumeric characters.  This is not directly related to this patch, it just
>> happened to be exposed by it.
>
> If we are raising the minimum version to OpenSSL 1.1.1, couldn't we then remove the version check introduced by
commitc3333dbc0c0 ("Only perform pg_strong_random init when required")? 

That's a very good point, I've done this in the v8 attached just upthread.

> FWIW, these patches generally look okay to me.  I haven't done much in-depth checking, but overall everything looks
sensible. I think Jacob already provided more in-depth reviews, but let me know if you need anything else on this. 

Thanks!  I think the v8 posted todays is about ready to go in and unless there
are objections I'll go ahead with it shortly.

--
Daniel Gustafsson