Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?

Michael Paquier <michael@paquier.xyz>

From: Michael Paquier <michael@paquier.xyz>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Thomas Munro <thomas.munro@gmail.com>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2023-09-07T23:48:12Z
Lists: pgsql-hackers
On Thu, Sep 07, 2023 at 01:44:11PM +0200, Daniel Gustafsson wrote:
> Sadly I wouldn't be the least bit surprised if there are 1.0.2 users on modern
> operating systems, especially given its LTS status (which OpenSSL hasn't even
> capped but sells by "for as long as it remains commercially viable to do so"
> basis).

Yes, I would not be surprised by that either.  TBH, I don't like much
the fact that we rely on OpenSSL to decide when we should cut it.  
Particularly since all the changes given to it after it got EOL'd are
close source at this point.

> That being said, my gut feeling is that 3.x has gotten pretty good
> market penetration.

Perhaps.
--
Michael

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Remove obsolete unconstify()

  2. Only perform pg_strong_random init when required

  3. Remove support for OpenSSL older than 1.1.0

  4. Support SSL_R_VERSION_TOO_LOW when using LibreSSL

  5. Support disallowing SSL renegotiation when using LibreSSL

  6. Doc: Use past tense for things which happened in the past

  7. Remove support for OpenSSL 1.0.1

  8. Remove support for OpenSSL 0.9.8 and 1.0.0