Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: Peter Eisentraut <peter@eisentraut.org>
Cc: Michael Paquier <michael@paquier.xyz>,
Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2024-09-10T08:11:25Z
Lists: pgsql-hackers
> On 10 Sep 2024, at 10:01, Peter Eisentraut <peter@eisentraut.org> wrote: >> And pushed. All BF owners with animals using 1.0.2 have been notified but not >> all have been updated (or modified to skip SSL) so there will be some failing. > > A small follow-up for this: With the current minimum OpenSSL version being 1.1.0, we can remove an unconstify() call; see attached patch. Nice catch. > See this OpenSSL commit: <https://github.com/openssl/openssl/commit/8ab31975ba>. The analogous LibreSSL change is here: <https://cvsweb.openbsd.org/src/lib/libcrypto/bio/bss_mem.c?rev=1.17&content-type=text/x-cvsweb-markup>. > I don't know if we have a concrete minimum LibreSSL version, but the change is about as old as the OpenSSL change. We've never documented the minimum LibreSSL version we support, but given that we regularly test LibreSSL and fix breakage in our support I think we should. -- Daniel Gustafsson
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Remove obsolete unconstify()
- 1fb2308e698e 18.0 landed
-
Only perform pg_strong_random init when required
- c3333dbc0c0f 18.0 landed
-
Remove support for OpenSSL older than 1.1.0
- a70e01d4306f 18.0 landed
-
Support SSL_R_VERSION_TOO_LOW when using LibreSSL
- d80f2ce29465 17.0 landed
-
Support disallowing SSL renegotiation when using LibreSSL
- 44e27f0a6d07 17.0 landed
-
Doc: Use past tense for things which happened in the past
- 91d6429fad55 17.0 landed
-
Remove support for OpenSSL 1.0.1
- 8e278b657664 17.0 landed
-
Remove support for OpenSSL 0.9.8 and 1.0.0
- 7b283d0e1d1d 13.0 cited