Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?

Jacob Champion <jacob.champion@enterprisedb.com>

From: Jacob Champion <jacob.champion@enterprisedb.com>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Peter Eisentraut <peter@eisentraut.org>, Michael Paquier <michael@paquier.xyz>, Tom Lane <tgl@sss.pgh.pa.us>, Thomas Munro <thomas.munro@gmail.com>, Postgres hackers <pgsql-hackers@lists.postgresql.org>, mikael.kjellstrom@gmail.com
Date: 2024-04-05T21:53:22Z
Lists: pgsql-hackers
On Fri, Apr 5, 2024 at 2:48 PM Daniel Gustafsson <daniel@yesql.se> wrote:
> But does that actually work?  If I change the API_COMPAT to the 1.1.1 version
> number and run configure against 1.0.2 it passes just fine.  Am I missing some
> clever trick here?

Similarly, I changed my API_COMPAT to a nonsense 0x90100000L and
- a 1.1.1 build succeeds
- a 3.0 build fails
- LibreSSL doesn't appear to care or check that #define at all

--Jacob



Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Remove obsolete unconstify()

  2. Only perform pg_strong_random init when required

  3. Remove support for OpenSSL older than 1.1.0

  4. Support SSL_R_VERSION_TOO_LOW when using LibreSSL

  5. Support disallowing SSL renegotiation when using LibreSSL

  6. Doc: Use past tense for things which happened in the past

  7. Remove support for OpenSSL 1.0.1

  8. Remove support for OpenSSL 0.9.8 and 1.0.0