Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?

Michael Paquier <michael@paquier.xyz>

From: Michael Paquier <michael@paquier.xyz>
To: Thomas Munro <thomas.munro@gmail.com>
Cc: Daniel Gustafsson <daniel@yesql.se>, Jacob Champion <jchampion@timescale.com>, Postgres hackers <pgsql-hackers@lists.postgresql.org>, Mikael Kjellström <mikael.kjellstrom@gmail.com>, pgbf@twiska.com
Date: 2023-07-03T22:16:47Z
Lists: pgsql-hackers
On Tue, Jul 04, 2023 at 06:40:49AM +1200, Thomas Munro wrote:
> curculio (OpenBSD 5.9) is failing with "undefined reference to
> `X509_get_signature_nid'", but that's OK, Mikael already supplied a
> modern OpenBSD system to replace it (schnauzer, which is green) and he
> was planning to shut curculio down (see Direct I/O thread where that
> came up because its GCC 4.2 compiler doesn't understand our stack
> alignment directives; it will also break comprehensively when I push
> the nearby all-supported-computers-have-locale_t patch from the
> check_strxfrm_bug thread).

The second and third animals to fail are skate and snapper, both using
Debian 7 Wheezy.  As far as I know, it was an LTS supported until
2018.  The owner of both machines is added in CC.  I guess that we
this stuff could just remove --with-openssl from the configure
switches.
--
Michael

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Remove obsolete unconstify()

  2. Only perform pg_strong_random init when required

  3. Remove support for OpenSSL older than 1.1.0

  4. Support SSL_R_VERSION_TOO_LOW when using LibreSSL

  5. Support disallowing SSL renegotiation when using LibreSSL

  6. Doc: Use past tense for things which happened in the past

  7. Remove support for OpenSSL 1.0.1

  8. Remove support for OpenSSL 0.9.8 and 1.0.0