PostgreSQL Source Code  git master
openssl.h
Go to the documentation of this file.
1 /*-------------------------------------------------------------------------
2  *
3  * openssl.h
4  * OpenSSL supporting functionality shared between frontend and backend
5  *
6  * Portions Copyright (c) 1996-2024, PostgreSQL Global Development Group
7  * Portions Copyright (c) 1994, Regents of the University of California
8  *
9  * IDENTIFICATION
10  * src/include/common/openssl.h
11  *
12  *-------------------------------------------------------------------------
13  */
14 #ifndef COMMON_OPENSSL_H
15 #define COMMON_OPENSSL_H
16 
17 #ifdef USE_OPENSSL
18 #include <openssl/ssl.h>
19 
20 /*
21  * LibreSSL doesn't provide any very nice way to identify the max protocol
22  * versions the library supports, analogous to TLS_MAX_VERSION in OpenSSL, so
23  * we define our own. Note in particular that this doesn't account for
24  * restrictions that might be specified in the installation's openssl.cnf.
25  *
26  * We disable SSLv3 and older in library setup, so TLSv1 is the oldest
27  * protocol version of interest.
28  */
29 #define MIN_OPENSSL_TLS_VERSION "TLSv1"
30 
31 #if defined(TLS1_3_VERSION)
32 #define MAX_OPENSSL_TLS_VERSION "TLSv1.3"
33 #elif defined(TLS1_2_VERSION)
34 #define MAX_OPENSSL_TLS_VERSION "TLSv1.2"
35 #elif defined(TLS1_1_VERSION)
36 #define MAX_OPENSSL_TLS_VERSION "TLSv1.1"
37 #else
38 #define MAX_OPENSSL_TLS_VERSION "TLSv1"
39 #endif
40 
41 #endif /* USE_OPENSSL */
42 
43 #endif /* COMMON_OPENSSL_H */