Re: Dropping support for OpenSSL <1.1.1, LibreSSL <3.1.0

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


On Fri, Feb 17, 2023 at 03:17:58PM +1100, Damien Miller wrote:
> Hi,
> We carry some compat code for old OpenSSL <1.1.1 and LibreSSL <3.1.0.
> OpenSSL 1.0.x is no longer supported upstream and AFAIK LibreSSL do
> not support old versions at all.
> I'd like to retire this config code, which would mean that users on
> platforms that include the versions of libcrypto would have to either
> bring their own libcrypto or compile OpenSSH --without-openssl (and
> accept the very limited crypto algorithm selection in the resulting
> build).
> AFAIK most supported mainstream OSs have long since moved on from
> these versions. The only OSs that seem to use OpenSSL 1.0.x are RHEL7
> (in some commercial limited extended support mode) and Ubuntu 14.04
> (supported until 2024/04).
> IMO almost nobody will be upgrading OpenSSH on these systems, and
> (also IMO) they aren't worth the cost of maintaining the
> compatibility code.
> Before I go ahead and delete it, does anyone have opinions to the
> contrary?

Good idea!

> -d
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@xxxxxxxxxxx

Member - Liberal International This is doctor@xxxxx Ici doctor@xxxxx
Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism 
Rather than confront their ways and turn from folly they seek lies to cover themselves, and so all their work will be destroyed. -unknown Beware
openssh-unix-dev mailing list

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux