Hi all, Could we bump minimum requirements of OpenSSL version to 1.0.2 on next major release?
I just noticed that SSLUtils says that Traffic Server requires an OpenSSL library version 0.9.4 or greater [*1]. But I think nobody is using such old OpenSSL. So we can bump minimum version of OpenSSL. According to OpenSSL Release Strategy [*2], version 1.0.2 is current minimum supported version by OpenSSL community. And version 1.0.1 was end of support 2 years ago (at 2016-12-31). Version 1.0.2 looks reasonable choice. If we could bump minimum version of OpenSSL, we can remove many ifdefs in SSL components. > With regards to current and future releases the OpenSSL project has adopted the following policy: > > - Version 1.1.0 will be supported until one year after the release of 1.1.1 > - Version 1.0.2 will be supported until 2019-12-31 (LTS). > - Version 1.0.1 is no longer supported. > - Version 1.0.0 is no longer supported. > - Version 0.9.8 is no longer supported. [*1] https://github.com/apache/trafficserver/blob/c811aea9e0484433fbdd63e0fa6b9fbab87085eb/iocore/net/SSLUtils.cc#L85-L88 [*2] https://www.openssl.org/policies/releasestrat.html Thanks, Masaori
