diff options
| author | Michael Paquier <michael@paquier.xyz> | 2020-01-06 12:51:44 +0900 |
|---|---|---|
| committer | Michael Paquier <michael@paquier.xyz> | 2020-01-06 12:51:44 +0900 |
| commit | 7b283d0e1d1d79bf1c962d790c94d2a53f3bb38a (patch) | |
| tree | d4a456b4edccc3b57d18b7925bf5a6bcf3113816 /src/backend/libpq/be-secure-openssl.c | |
| parent | fc3100112395485f1c65848b273b3235de4aad07 (diff) | |
| download | postgresql-7b283d0e1d1d79bf1c962d790c94d2a53f3bb38a.tar.gz postgresql-7b283d0e1d1d79bf1c962d790c94d2a53f3bb38a.zip | |
Remove support for OpenSSL 0.9.8 and 1.0.0
Support is out of scope from all the major vendors for these versions
(for example RHEL5 uses a version based on 0.9.8, and RHEL6 uses 1.0.1),
and it created some extra maintenance work. Upstream has stopped
support of 0.9.8 in December 2015 and of 1.0.0 in February 2016.
Since b1abfec, note that the default SSL protocol version set with
ssl_min_protocol_version is TLSv1.2, whose support was added in OpenSSL
1.0.1, so there is no point to enforce ssl_min_protocol_version to TLSv1
in the SSL tests.
Author: Michael Paquier
Reviewed-by: Daniel Gustafsson, Tom Lane
Discussion: https://postgr.es/m/20191205083252.GE5064@paquier.xyz
Diffstat (limited to 'src/backend/libpq/be-secure-openssl.c')
| -rw-r--r-- | src/backend/libpq/be-secure-openssl.c | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c index 7ad32116eab..62f1fcab2b0 100644 --- a/src/backend/libpq/be-secure-openssl.c +++ b/src/backend/libpq/be-secure-openssl.c @@ -223,9 +223,7 @@ be_tls_init(bool isServerStart) } /* disallow SSL session tickets */ -#ifdef SSL_OP_NO_TICKET /* added in OpenSSL 0.9.8f */ SSL_CTX_set_options(context, SSL_OP_NO_TICKET); -#endif /* disallow SSL session caching, too */ SSL_CTX_set_session_cache_mode(context, SSL_SESS_CACHE_OFF); |