On Tue, Dec 3, 2019 at 4:53 AM Michael Paquier <mich...@paquier.xyz> wrote:
> On Mon, Dec 02, 2019 at 12:51:26PM -0500, Tom Lane wrote: > > Yah. Although, looking at the code in be-secure-openssl.c, > > it doesn't look that hard to do in an extensible way. > > Something like (untested) > > While we are on the topic... Here is another wild idea. We discussed > not so long ago about removing support for OpenSSL 0.9.8 from the > tree. What if we removed support for 1.0.0 and 0.9.8 for 13~. This > would solve a couple of compatibility headaches, and we have TLSv1.2 > support automatically for all the versions supported. Note that 1.0.0 > has been retired by upstream in February 2014. > Is 1.0.1 considered a separate major from 1.0.0, in this reasoning? Because while retiring 1.0.0 should probably not be that terrible, 1.0.1 is still in very widespread use on most long term supported distributions. -- Magnus Hagander Me: https://www.hagander.net/ <http://www.hagander.net/> Work: https://www.redpill-linpro.com/ <http://www.redpill-linpro.com/>
