I think Chris' original proposal of requiring at least 1.1.1 is sound. That would mean in practice stop supporting openssl 1.0.2.
While 1.1.1 has been moved to EOL, I think it is premature to stop supporting 1.1.1. At Aviatrix we are using 1.1.1, and starting to look at openssl 3.0. I think a number of other ATS users are in a similar situation. Perhaps in a year, we should re-evaluate 1.1.1 support. On Sun, Jun 25, 2023 at 12:45 AM James Peach <jpe...@apache.org> wrote: > > > > On 25 Jun 2023, at 1:13 pm, Leif Hedstrom <zw...@apache.org> wrote: > > > > We don’t really support OS versions per se anymore. The one most people > used to use, CentOS 7, is so outdated that its toolsets and libraries are > not usable. > > > > Rather, we set version requirements on all the dependencies. This was > done a few years ago, and that’s what Chris is suggesting we update for > OpenSSL. > > Ah, fair enough. Since OpenSSL 1.1.1 is EOL, it seems reasonable to > require more current versions > > https://www.openssl.org/blog/blog/2023/03/28/1.1.1-EOL/ > > > > > I think there’s a page somewhere listing the current minimum versions? > > > > — Leif > > > > > > > >> On Jun 24, 2023, at 20:41, James Peach <jpe...@apache.org> wrote: > >> > >> > >> > >>> On 24 Jun 2023, at 2:52 am, Chris McFarlen <ch...@mcfarlen.us> wrote: > >>> > >>> As part of updating the build system to cmake we are looking for areas > to simplify the build. One area could be the conditional checks and > preprocessor defines around features added to openssl on or before 1.1.1. > This email is to propose and get feedback for making the minimum supported > version of openssl be version 1.1.1 and to cleanup the code to assume the > same. > >> > >> What OpenSSL versions are provided on the supported OS and distribution > versions? > >> > >> J > >
