[InterNetNews/inn] 083097: Drop old OpenSSL and LibreSSL version support
Roman Donchenko
noreply at github.com
Tue Jun 24 20:26:21 UTC 2025
Branch: refs/heads/main
Home: https://github.com/InterNetNews/inn
Commit: 08309733864dc1d3ea0d60210b2805a051eeafca
https://github.com/InterNetNews/inn/commit/08309733864dc1d3ea0d60210b2805a051eeafca
Author: Roman Donchenko <rdonchen at outlook.com>
Date: 2025-06-24 (Tue, 24 Jun 2025)
Changed paths:
M doc/pod/inn.conf.pod
M doc/pod/install.pod
M nnrpd/misc.c
M nnrpd/nnrpd.c
M nnrpd/tls.c
M nnrpd/tls.h
Log Message:
-----------
Drop old OpenSSL and LibreSSL version support
The new baseline is OpenSSL 1.1.1 or LibreSSL 2.8.0. I chose the
former because it's the version available in Rocky Linux 8 (and
presumably RHEL 8), which is still under support. The latter is just
because it's been released around the same time.
By doing this, we can drop every preprocessor conditional that depends
on `OPENSSL_VERSION_NUMBER` and almost every one that depends on
`LIBRESSL_VERSION_NUMBER`.
In addition, we can now make the following simplifications:
* Drop support for SSLv2, since neither library supports it anymore.
For backwards compatibility, the protocol name is still allowed in
the config, but does nothing.
* Remove the setting of the `SSL_OP_SINGLE_{EC,}DH_USE` options, since
they're now permanently enabled in both libraries.
* Remove the `OPENSSL_init_ssl` call, which is now unnecessary.
* Remove the manual seeding code, since both libraries now handle
seeding automatically. In LibreSSL, `RAND_load_file` doesn't even do
anything.
close #325
see #321
To unsubscribe from these emails, change your notification settings at https://github.com/InterNetNews/inn/settings/notifications
More information about the inn-committers
mailing list