Thread: pgsql: Remove support for OpenSSL older than 1.1.0
Remove support for OpenSSL older than 1.1.0 OpenSSL 1.0.2 has been EOL from the upstream OpenSSL project for some time, and is no longer the default OpenSSL version with any vendor which package PostgreSQL. By retiring support for OpenSSL 1.0.2 we can remove a lot of no longer required complexity for managing state within libcrypto which is now handled by OpenSSL. Reviewed-by: Jacob Champion <jacob.champion@enterprisedb.com> Reviewed-by: Peter Eisentraut <peter@eisentraut.org> Reviewed-by: Michael Paquier <michael@paquier.xyz> Discussion: https://postgr.es/m/ZG3JNursG69dz1lr@paquier.xyz Discussion: https://postgr.es/m/CA+hUKGKh7QrYzu=8yWEUJvXtMVm_CNWH1L_TLWCbZMwbi1XP2Q@mail.gmail.com Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/a70e01d4306fdbcd5fbedb4ca97e5c21c995da60 Modified Files -------------- configure | 31 ++-- configure.ac | 12 +- contrib/pgcrypto/openssl.c | 8 - doc/src/sgml/installation.sgml | 2 +- doc/src/sgml/libpq.sgml | 36 ++--- meson.build | 23 +-- src/backend/libpq/be-secure-openssl.c | 24 +-- src/common/Makefile | 3 +- src/common/hmac_openssl.c | 20 +-- src/common/meson.build | 1 - src/common/protocol_openssl.c | 117 --------------- src/include/common/openssl.h | 14 +- src/include/pg_config.h.in | 15 -- src/interfaces/libpq/fe-connect.c | 18 --- src/interfaces/libpq/fe-secure-openssl.c | 246 ------------------------------- src/interfaces/libpq/fe-secure.c | 35 ++--- src/interfaces/libpq/libpq-int.h | 23 --- src/test/ssl/t/001_ssltests.pl | 3 +- 18 files changed, 55 insertions(+), 576 deletions(-)
Hi Daniel,
On Mon, 2 Sept 2024 at 21:54, Daniel Gustafsson <dgustafsson@postgresql.org> wrote:
>
> Remove support for OpenSSL older than 1.1.0
>
I am trying to update my buildfarm animals for this, and although I fixed massasauga (essentially by skipping the test for now), I am unclear why snakefly still fails (now, much later into the cycle).
Could you point me on how to fix snakefly?
(I've tried to disable SSL tests, but that doesn't seem to be helping).
https://buildfarm.postgresql.org/cgi-bin/show_log.pl?nm=snakefly&dt=2024-09-03%2009%3A56%3A46
-
Thanks
Robins
On Mon, 2 Sept 2024 at 21:54, Daniel Gustafsson <dgustafsson@postgresql.org> wrote:
>
> Remove support for OpenSSL older than 1.1.0
>
I am trying to update my buildfarm animals for this, and although I fixed massasauga (essentially by skipping the test for now), I am unclear why snakefly still fails (now, much later into the cycle).
Could you point me on how to fix snakefly?
(I've tried to disable SSL tests, but that doesn't seem to be helping).
https://buildfarm.postgresql.org/cgi-bin/show_log.pl?nm=snakefly&dt=2024-09-03%2009%3A56%3A46
-
Thanks
Robins