Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?

Michael Paquier <michael@paquier.xyz>

From: Michael Paquier <michael@paquier.xyz>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2023-05-24T09:52:09Z
Lists: pgsql-hackers
On Wed, May 24, 2023 at 11:36:56AM +0200, Daniel Gustafsson wrote:
> 1.0.2 is also an LTS version available commercially for premium support
> customers of OpenSSL (1.1.1 will become an LTS version as well), with 1.0.2zh
> slated for release next week.  This raises the likelyhood of Postgres
> installations using 1.0.2 in production still, and for some time to come.

Good point.  Indeed, that makes it pretty clear that not dropping
1.0.2 would be the best option for the time being, so 0001 would be
enough.

I am wondering if we should worry about having a buildfarm member that
could test these binaries, though, in case they have compatibility
issues..  But it would be harder to debug without the code at hand, as
well.
--
Michael

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Remove obsolete unconstify()

  2. Only perform pg_strong_random init when required

  3. Remove support for OpenSSL older than 1.1.0

  4. Support SSL_R_VERSION_TOO_LOW when using LibreSSL

  5. Support disallowing SSL renegotiation when using LibreSSL

  6. Doc: Use past tense for things which happened in the past

  7. Remove support for OpenSSL 1.0.1

  8. Remove support for OpenSSL 0.9.8 and 1.0.0