[ruby/openssl] Require OpenSSL 1.1.1 or later

Drop support for OpenSSL 1.1.0. OpenSSL 1.1.0 was a non-LTS release and it has reached upstream EOL in 2019-12 along with OpenSSL 1.0.2. Distributions that shipped with OpenSSL 1.1.0 include: - Debian 9 (EOL 2022-06) - Ubuntu 18.04 LTS (EOL 2023-04) https://github.com/ruby/openssl/commit/ba83abe920
author: Kazuki Yamaguchi <[email protected]> 2025-01-21 02:08:54 +0900
committer: git <[email protected]> 2025-01-21 18:14:14 +0000
commit: 43c48e3030c513c17bfcf4c37bbe533097fa1a22 (patch)
tree: f94f24f5fbbc42ea4e7ba5c2b79b9e5c7e408657 /ext/openssl/ossl_x509store.c
parent: e7bd1d1a9a59e7af71b7f994dbea3697b70225f0 (diff)
1 files changed, 0 insertions, 9 deletions
diff --git a/ext/openssl/ossl_x509store.c b/ext/openssl/ossl_x509store.c
index c707160ea8..18acdc8ad0 100644
--- a/ext/openssl/ossl_x509store.c
+++ b/ext/openssl/ossl_x509store.c
@@ -357,15 +357,6 @@ ossl_x509store_add_file(VALUE self, VALUE file)
         ossl_raise(eX509StoreError, "X509_STORE_add_lookup");
     if (X509_LOOKUP_load_file(lookup, path, X509_FILETYPE_PEM) != 1)
         ossl_raise(eX509StoreError, "X509_LOOKUP_load_file");
-#if !OSSL_OPENSSL_PREREQ(1, 1, 1) && !OSSL_IS_LIBRESSL
-    /*
-     * X509_load_cert_crl_file() which is called from X509_LOOKUP_load_file()
-     * did not check the return value of X509_STORE_add_{cert,crl}(), leaking
-     * "cert already in hash table" errors on the error queue, if duplicate
-     * certificates are found. Fixed by OpenSSL 1.1.1 and LibreSSL 3.5.0.
-     */
-    ossl_clear_error();
-#endif
 
     return self;
 }
author	Kazuki Yamaguchi <[email protected]>	2025-01-21 02:08:54 +0900
committer	git <[email protected]>	2025-01-21 18:14:14 +0000
commit	43c48e3030c513c17bfcf4c37bbe533097fa1a22 (patch)
tree	f94f24f5fbbc42ea4e7ba5c2b79b9e5c7e408657 /ext/openssl/ossl_x509store.c
parent	e7bd1d1a9a59e7af71b7f994dbea3697b70225f0 (diff)