Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add missing symbols for postgres (#979)
This had already existed in AWS-LC when we were working on removing decrepit. During the work for that, we had the consensus that we would remove everything that did not have usage internally and incrementally add back functions if customers needed the functionality. We can consider influencing the Postgres upstream by submitting a PR to them to ifdef out the Cast ciphersuites. However, this change would only be added in new Postgres releases and won't be applicable to old releases. PostgreSQL Versions 11-15 are currently supported, with each major version of PostgreSQL having a support timeline of 5 years. Any upstream influence we make now, won't truly be felt until PostgreSQL15 is deprecated in 2027 (assuming an upstream contribution makes it to Version 16). Considering these factors, we should look to add minimal support for the Cast ciphersuites through EVP now, so we can gain adoption in existing versions of PostGres. We can still make an upstream contribution to ifdef the CAST, blowfish, and des usage out of PostGres when building with AWS-LC, so that new versions of PostGres don't continue rely on this behavior. We're making sure to only expose the minimal amount of symbols needed, which are the EVP_CIPHERs in this case. We're also adding the AWS_LC_DEPRECATED macro in front of the CAST ciphersuites to indicate that these function should not be relied on. This will intentionally cause current builds of PostGres to complain about deprecated symbols. We can make an upstream contribution to ifdef these deprecated symbols to silence these warnings.
- Loading branch information
1 parent
413bce5
commit d31f1c3