On Fri, Feb 17, 2023 at 03:17:58PM +1100, Damien Miller wrote: > Hi, > > We carry some compat code for old OpenSSL <1.1.1 and LibreSSL <3.1.0. > OpenSSL 1.0.x is no longer supported upstream and AFAIK LibreSSL do > not support old versions at all. > > I'd like to retire this config code, which would mean that users on > platforms that include the versions of libcrypto would have to either > bring their own libcrypto or compile OpenSSH --without-openssl (and > accept the very limited crypto algorithm selection in the resulting > build). > > AFAIK most supported mainstream OSs have long since moved on from > these versions. The only OSs that seem to use OpenSSL 1.0.x are RHEL7 > (in some commercial limited extended support mode) and Ubuntu 14.04 > (supported until 2024/04). > > IMO almost nobody will be upgrading OpenSSH on these systems, and > (also IMO) they aren't worth the cost of maintaining the > compatibility code. > > Before I go ahead and delete it, does anyone have opinions to the > contrary? > Good idea! > -d > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev -- Member - Liberal International This is doctor@xxxxx Ici doctor@xxxxx Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b Rather than confront their ways and turn from folly they seek lies to cover themselves, and so all their work will be destroyed. -unknown Beware https://mindspring.com _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
