Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?
Thomas Munro <thomas.munro@gmail.com>
From: Thomas Munro <thomas.munro@gmail.com>
To: Michael Paquier <michael@paquier.xyz>
Cc: Daniel Gustafsson <daniel@yesql.se>,
Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2023-09-08T00:19:28Z
Lists: pgsql-hackers
On Fri, Sep 8, 2023 at 11:48 AM Michael Paquier <michael@paquier.xyz> wrote: > On Thu, Sep 07, 2023 at 01:44:11PM +0200, Daniel Gustafsson wrote: > > Sadly I wouldn't be the least bit surprised if there are 1.0.2 users on modern > > operating systems, especially given its LTS status (which OpenSSL hasn't even > > capped but sells by "for as long as it remains commercially viable to do so" > > basis). > > Yes, I would not be surprised by that either. TBH, I don't like much > the fact that we rely on OpenSSL to decide when we should cut it. > Particularly since all the changes given to it after it got EOL'd are > close source at this point. Right, just like there are people running ancient PostgreSQL and buying support. That's not relevant to PostgreSQL 17 IMHO, which should target contemporary distributions. BTW I'm not asking anyone to do anything here, I just didn't want to allow the "RHEL ELS" and "closed source OpenSSL [sic]" theories mentioned on this thread to go unchallenged. Next time I'm trying to clean up some other cruft in our tree, I don't want this thread to be cited as evidence that that is our policy, because I don't buy it, it doesn't make any sense. Of course there is someone, somewhere selling support for anything you can think of. There are companies that support VAXen. There's a company in Irvine, California selling and supporting modern drop-in replacements for PDP 11s for production use.
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Remove obsolete unconstify()
- 1fb2308e698e 18.0 landed
-
Only perform pg_strong_random init when required
- c3333dbc0c0f 18.0 landed
-
Remove support for OpenSSL older than 1.1.0
- a70e01d4306f 18.0 landed
-
Support SSL_R_VERSION_TOO_LOW when using LibreSSL
- d80f2ce29465 17.0 landed
-
Support disallowing SSL renegotiation when using LibreSSL
- 44e27f0a6d07 17.0 landed
-
Doc: Use past tense for things which happened in the past
- 91d6429fad55 17.0 landed
-
Remove support for OpenSSL 1.0.1
- 8e278b657664 17.0 landed
-
Remove support for OpenSSL 0.9.8 and 1.0.0
- 7b283d0e1d1d 13.0 cited