Remove support for OpenSSL versions older than 0.9.8.

OpenSSL officially only supports 1.0.1 and newer. Some OS distributions
still provide patches for 0.9.8, but anything older than that is not
interesting anymore. Let's simplify things by removing compatibility code.

Andreas Karlsson, with small changes by me.

3 files changed, 15 insertions, 45 deletions

diff --git a/doc/src/sgml/installation.sgml b/doc/src/sgml/installation.sgml
index a9968756e65..14a6d57aeaf 100644
--- a/doc/src/sgml/installation.sgml
+++ b/doc/src/sgml/installation.sgml
@@ -252,10 +252,17 @@ su - postgres
 
     <listitem>
      <para>
-      You need <application>Kerberos</>, <productname>OpenSSL</>,
-      <productname>OpenLDAP</>, and/or
-      <application>PAM</>, if you want to support authentication or
-      encryption using those services.
+      You need <productname>OpenSSL</>, if you want to support
+      encrypted client connections. The minimum required version is
+      0.9.8.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      You need <application>Kerberos</>, <productname>OpenLDAP</>,
+      and/or <application>PAM</>, if you want to support authentication
+      using those services.
      </para>
     </listitem>
 
@@ -2827,30 +2834,6 @@ MANPATH=/usr/lib/scohelp/%L/man:/usr/dt/man:/usr/man:/usr/share/man:scohelp:/usr
    </sect3>
 
    <sect3>
-    <title>Problems with OpenSSL</title>
-
-    <para>
-     When you build PostgreSQL with OpenSSL support you might get
-     compilation errors in the following files:
-     <itemizedlist>
-      <listitem><para><filename>src/backend/libpq/crypt.c</filename></para></listitem>
-      <listitem><para><filename>src/backend/libpq/password.c</filename></para></listitem>
-      <listitem><para><filename>src/interfaces/libpq/fe-auth.c</filename></para></listitem>
-      <listitem><para><filename>src/interfaces/libpq/fe-connect.c</filename></para></listitem>
-     </itemizedlist>
-
-     This is because of a namespace conflict between the standard
-     <filename>/usr/include/crypt.h</filename> header and the header
-     files provided by OpenSSL.
-    </para>
-
-    <para>
-     Upgrading your OpenSSL installation to version 0.9.6a fixes this
-     problem.  Solaris 9 and above has a newer version of OpenSSL.
-    </para>
-   </sect3>
-
-   <sect3>
     <title>configure Complains About a Failed Test Program</title>
 
     <para>
diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml
index 2f9350b10e1..4e34f00e44d 100644
--- a/doc/src/sgml/libpq.sgml
+++ b/doc/src/sgml/libpq.sgml
@@ -1238,8 +1238,7 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname
       <listitem>
        <para>
         If set to 1 (default), data sent over SSL connections will be
-        compressed (this requires <productname>OpenSSL</> version
-        0.9.8 or later).
+        compressed.
         If set to 0, compression will be disabled (this requires
         <productname>OpenSSL</> 1.0.0 or later).
         This parameter is ignored if a connection without SSL is made,
diff --git a/doc/src/sgml/pgcrypto.sgml b/doc/src/sgml/pgcrypto.sgml
index c4cefde4f78..bf514aacf35 100644
--- a/doc/src/sgml/pgcrypto.sgml
+++ b/doc/src/sgml/pgcrypto.sgml
@@ -1184,12 +1184,12 @@ gen_random_uuid() returns uuid
       <row>
        <entry>SHA224/256/384/512</entry>
        <entry>yes</entry>
-       <entry>yes (Note 1)</entry>
+       <entry>yes</entry>
       </row>
       <row>
        <entry>Other digest algorithms</entry>
        <entry>no</entry>
-       <entry>yes (Note 2)</entry>
+       <entry>yes (Note 1)</entry>
       </row>
       <row>
        <entry>Blowfish</entry>
@@ -1199,7 +1199,7 @@ gen_random_uuid() returns uuid
       <row>
        <entry>AES</entry>
        <entry>yes</entry>
-       <entry>yes (Note 3)</entry>
+       <entry>yes</entry>
       </row>
       <row>
        <entry>DES/3DES/CAST5</entry>
@@ -1232,23 +1232,11 @@ gen_random_uuid() returns uuid
    <orderedlist>
     <listitem>
      <para>
-      SHA2 algorithms were added to OpenSSL in version 0.9.8.  For
-      older versions, <filename>pgcrypto</> will use built-in code.
-     </para>
-    </listitem>
-    <listitem>
-     <para>
       Any digest algorithm OpenSSL supports is automatically picked up.
       This is not possible with ciphers, which need to be supported
       explicitly.
      </para>
     </listitem>
-    <listitem>
-     <para>
-      AES is included in OpenSSL since version 0.9.7.  For
-      older versions, <filename>pgcrypto</> will use built-in code.
-     </para>
-    </listitem>
    </orderedlist>
   </sect3>