Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?

Joe Conway <mail@joeconway.com>

From: Joe Conway <mail@joeconway.com>
To: Peter Eisentraut <peter@eisentraut.org>, Daniel Gustafsson <daniel@yesql.se>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Michael Paquier <michael@paquier.xyz>, Jacob Champion <jacob.champion@enterprisedb.com>, Thomas Munro <thomas.munro@gmail.com>, Postgres hackers <pgsql-hackers@lists.postgresql.org>, Mikael Kjellström <mikael.kjellstrom@gmail.com>
Date: 2024-08-21T14:48:38Z
Lists: pgsql-hackers
On 8/21/24 09:01, Peter Eisentraut wrote:
> On 07.08.24 15:49, Daniel Gustafsson wrote:
>>> On 5 Aug 2024, at 15:36, Joe Conway <mail@joeconway.com> wrote:
>> 
>>> It would not shock me to see complaints from others after we rip out support
>>> for 1.0.2, but maybe not ¯\_(ツ)_/¯
>> 
>> 
>> I think it's highly likely that we will see complaints for any support we
>> deprecate.  OpenSSL 1.0.2 will however still be supported for another 5 years
>> with v17 (which is ~9years past its EOL date) so I don't feel too bad about it.
> 
> Is anything -- other than this inquiry -- preventing this patch set from
> getting committed?

The overwhelming consensus seemed to be "just do it", so FWIW consider 
my reservations withdrawn ;-)

-- 
Joe Conway
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com



Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Remove obsolete unconstify()

  2. Only perform pg_strong_random init when required

  3. Remove support for OpenSSL older than 1.1.0

  4. Support SSL_R_VERSION_TOO_LOW when using LibreSSL

  5. Support disallowing SSL renegotiation when using LibreSSL

  6. Doc: Use past tense for things which happened in the past

  7. Remove support for OpenSSL 1.0.1

  8. Remove support for OpenSSL 0.9.8 and 1.0.0