Re: Update minimum SSL version

Magnus Hagander <magnus@hagander.net>

From: Magnus Hagander <magnus@hagander.net>
To: Michael Paquier <michael@paquier.xyz>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Robert Haas <robertmhaas@gmail.com>, Daniel Gustafsson <daniel@yesql.se>, Peter Eisentraut <peter.eisentraut@2ndquadrant.com>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2019-12-03T11:44:32Z
Lists: pgsql-hackers
On Tue, Dec 3, 2019 at 12:09 PM Michael Paquier <michael@paquier.xyz> wrote:

> On Tue, Dec 03, 2019 at 10:10:57AM +0100, Magnus Hagander wrote:
> > Is 1.0.1 considered a separate major from 1.0.0, in this reasoning?
> Because
> > while retiring 1.0.0 should probably not be that terrible, 1.0.1 is still
> > in very widespread use on most long term supported distributions.
>
> 1.0.1 and 1.0.0 are two different major releases in the OpenSSL world,
> so my suggestion would be to cut support for everything which does not
> have TLSv1.2, meaning that we keep compatibility with 1.0.1 for
> a longer period.
>

Good, that's what I thought you meant :) And that makes it sound like a
working plan to me.

-- 
 Magnus Hagander
 Me: https://www.hagander.net/ <http://www.hagander.net/>
 Work: https://www.redpill-linpro.com/ <http://www.redpill-linpro.com/>

Commits

  1. Fix handling of OpenSSL's SSL_clear_options

  2. Remove configure check for OpenSSL's SSL_get_current_compression()

  3. Update minimum SSL version