Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?

On 02.09.24 14:26, Daniel Gustafsson wrote:
>> On 2 Sep 2024, at 10:03, Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
>>
>>> On 23 Aug 2024, at 01:56, Michael Paquier <michael(at)paquier(dot)xyz> wrote:
>>>
>>> On Thu, Aug 22, 2024 at 11:13:15PM +0200, Daniel Gustafsson wrote:
>>>> On 22 Aug 2024, at 02:31, Michael Paquier <michael(at)paquier(dot)xyz> wrote:
>>>>> Just do it :)
>>>>
>>>> That's my plan, I wanted to wait a bit to see if anyone else chimed in with
>>>> concerns.
>>>
>>> Cool, thanks!
>>
>> Attached is a rebased v15 (only changes are commit-message changes noted by
>> Peter upthread) for the sake of archives, and for a green-check run in the
>> CFBot. Assuming this builds green I intend to push this.
>
> And pushed. All BF owners with animals using 1.0.2 have been notified but not
> all have been updated (or modified to skip SSL) so there will be some failing.

A small follow-up for this: With the current minimum OpenSSL version
being 1.1.0, we can remove an unconstify() call; see attached patch.

See this OpenSSL commit:
<https://github.com/openssl/openssl/commit/8ab31975ba>. The analogous
LibreSSL change is here:
<https://cvsweb.openbsd.org/src/lib/libcrypto/bio/bss_mem.c?rev=1.17&content-type=text/x-cvsweb-markup>.
I don't know if we have a concrete minimum LibreSSL version, but the
change is about as old as the OpenSSL change.