Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Jacob Champion <jchampion@timescale.com>
Cc: Daniel Gustafsson <daniel@yesql.se>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2023-05-27T02:02:41Z
Lists: pgsql-hackers
On Fri, May 26, 2023 at 09:10:17AM -0700, Jacob Champion wrote: > Can X509_get_signature_nid be moved to the required section up above? > As it is now, anyone configuring with -Dssl=auto can still pick up a > 1.0.1 build, which Meson accepts, and then the build fails downstream. > If we require the function instead, Meson will ignore 1.0.1 (or, for > -Dssl=openssl, complain before we compile). Yes, I was wondering a bit if something more should be marked as required, but just saw more value in removing all references to this function. Making the build fail straight when setting up things is OK by me, but I am not convinced that X509_get_signature_nid() would be the right choice for the job, as it is an OpenSSL artifact originally, AFAIK. The same problem exists with OpenSSL 1.0.0 on HEAD when building with meson? CRYPTO_new_ex_data() and SSL_new() exist there. > t/001_ssltests.pl has a reference to 1.0.1 that can probably be > entirely deleted: > > # ... (Nor for OpenSSL > # 1.0.1, but that's old enough that accommodating it isn't worth the cost.) Not touching that is intentional. It sounded useful to me as an historic reference for LibreSSL ;) -- Michael
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Remove obsolete unconstify()
- 1fb2308e698e 18.0 landed
-
Only perform pg_strong_random init when required
- c3333dbc0c0f 18.0 landed
-
Remove support for OpenSSL older than 1.1.0
- a70e01d4306f 18.0 landed
-
Support SSL_R_VERSION_TOO_LOW when using LibreSSL
- d80f2ce29465 17.0 landed
-
Support disallowing SSL renegotiation when using LibreSSL
- 44e27f0a6d07 17.0 landed
-
Doc: Use past tense for things which happened in the past
- 91d6429fad55 17.0 landed
-
Remove support for OpenSSL 1.0.1
- 8e278b657664 17.0 landed
-
Remove support for OpenSSL 0.9.8 and 1.0.0
- 7b283d0e1d1d 13.0 cited