PostgreSQL and OpenSSL 4.0.0
With OpenSSL 4.0.0 shipping GA a few days ago I tried compiling PostgreSQL
against it and run the tests. Unsurpisingly the test pass just fine and it
compiles without error since they aren't removing any API's we use (they are
deprecating more APIs we use, more on that in later threads). There are
however a number of warnings since they changed constness on a number of API's.
Sadly, just adopting const cause similar warnings on OpenSSL 1.1.1 and LibreSSL
so we need to do uglier tricks with casting away constness.
The attached patch, while not pretty, allows libpq and sslinfo to build without
warnings on OpenSSL 1.1.1 through 4.0.0 as well as on LibreSSL (and there is
quite some variability in constness across all these API versions).
--
Daniel Gustafsson
Attachments:
0001-ssl-Declare-variables-const-as-per-OpenSSL-4-API-upd.patchapplication/octet-stream; name=0001-ssl-Declare-variables-const-as-per-OpenSSL-4-API-upd.patch; x-unix-mode=0644Download+22-22
On Thu, Apr 16, 2026 at 03:32:54PM +0200, Daniel Gustafsson wrote:
The attached patch, while not pretty, allows libpq and sslinfo to build without
warnings on OpenSSL 1.1.1 through 4.0.0 as well as on LibreSSL (and there is
quite some variability in constness across all these API versions).
Thanks for that. That is super fast.
This is likely going to require a backpatch at some point, right?
What's the impact of the blast in branches where we need to support
OpenSSL down to 1.0.1, which is the minimum version in REL_14_STABLE?
--
Michael