Daniel Gustafsson <daniel@yesql.se> writes:
> The patchset in https://commitfest.postgresql.org/49/5025/ which adds support
> for configuring cipher suites in TLS 1.3 handshakes require an API available in
> OpenSSL 1.1.1 and onwards. With that as motivation I'd like to propose that we
> remove support for OpenSSL 1.1.0 and set the minimum required version to 1.1.1.
> OpenSSL 1.1.0 was EOL in September 2019 and was never an LTS version, so it's
> not packaged in anything anymore AFAICT and should be very rare in production
> use in conjunction with an updated postgres. 1.1.1 LTS will be 2 years EOL by
> the time v18 ships so I doubt this will be all that controversial.
Yeah ... the alternative would be to conditionally compile the new
functionality. That doesn't seem like a productive use of developer
time if it's supporting just one version that should be extinct in
the wild by now.
regards, tom lane