Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?

Daniel Gustafsson <daniel@yesql.se>

From: Daniel Gustafsson <daniel@yesql.se>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Michael Paquier <michael@paquier.xyz>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2023-05-25T08:27:02Z
Lists: pgsql-hackers
> On 24 May 2023, at 16:15, Tom Lane <tgl@sss.pgh.pa.us> wrote:

> We had definitely better have some animals still using 1.0.2, but
> I don't see much reason to think that the last public release
> wouldn't be good enough.

There are still RHEL7 animals like chub who use 1.0.2 so I'm not worried.  We
might want to consider displaying the OpenSSL version number during configure
(meson already does it) in all branches to make it easier to figure out which
versions we have coverage for?

--
Daniel Gustafsson




Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Remove obsolete unconstify()

  2. Only perform pg_strong_random init when required

  3. Remove support for OpenSSL older than 1.1.0

  4. Support SSL_R_VERSION_TOO_LOW when using LibreSSL

  5. Support disallowing SSL renegotiation when using LibreSSL

  6. Doc: Use past tense for things which happened in the past

  7. Remove support for OpenSSL 1.0.1

  8. Remove support for OpenSSL 0.9.8 and 1.0.0