Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?

Daniel Gustafsson <daniel@yesql.se>

From: Daniel Gustafsson <daniel@yesql.se>
To: Thomas Munro <thomas.munro@gmail.com>
Cc: Michael Paquier <michael@paquier.xyz>, Jacob Champion <jchampion@timescale.com>, Postgres hackers <pgsql-hackers@lists.postgresql.org>, Mikael Kjellström <mikael.kjellstrom@gmail.com>
Date: 2023-07-03T18:53:52Z
Lists: pgsql-hackers
> On 3 Jul 2023, at 20:40, Thomas Munro <thomas.munro@gmail.com> wrote:
> 
> On Mon, Jul 3, 2023 at 4:26 PM Michael Paquier <michael@paquier.xyz> wrote:
>> I have not gone back to this part yet, though I plan to do so.  As we
>> are at the beginning of the development cycle, I have applied the
>> patch to remove support for 1.0.1 for now on HEAD.  Let's see what the
>> buildfarm tells.
> 
> curculio (OpenBSD 5.9) is failing with "undefined reference to
> `X509_get_signature_nid'", but that's OK, Mikael already supplied a
> modern OpenBSD system to replace it

Thanks for the report!  OpenBSD 5.9 was released in 2016 and is thus well over
5 years EOL, so I agree that it doesn't warrant a code change from us to
support this.

--
Daniel Gustafsson




Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Remove obsolete unconstify()

  2. Only perform pg_strong_random init when required

  3. Remove support for OpenSSL older than 1.1.0

  4. Support SSL_R_VERSION_TOO_LOW when using LibreSSL

  5. Support disallowing SSL renegotiation when using LibreSSL

  6. Doc: Use past tense for things which happened in the past

  7. Remove support for OpenSSL 1.0.1

  8. Remove support for OpenSSL 0.9.8 and 1.0.0