On Thu, Jan 28, 2016 at 1:39 PM, Jakub Zelenka <bu...@php.net> wrote:
> Hi, > > I would like to bump a minimal OpenSSL version to 1.0.1 in our master. It > means dropping support for OpenSSL 0.9.8 and 1.0.0 in master. Both of these > versions are EOL as of 2015/12/31 and users should not use them. It will > help with maintainability (simplify code and testing) and porting to > OpenSSL 1.1.0. > > This would be just for master which means next minor version (7.1). We > already quickly discussed this in > https://www.mail-archive.com/internals@lists.php.net/msg80502.html some > time ago and I think that now is the right time to do that (before looking > to OpenSSL 1.1 compatibility). > > Are there any objections? > > Bob has made a point about Mac OS X where the system lib is still 0.9.8. Although the lib and headers seems to be removed in OS X 10.11, there are still users of 10.10-. The system OpenSSL lib is deprecated [1] and it's a bit unclear if it's still getting security fixes (haven't found any official Apple info about that but I might have missed it) but I guess it still might be patched by Apple. Also it might become a bit tricky for some users on Mac to compile PHP after we bump a minimal OpenSSL version. For that reason I'm thinking about postponing this. I would also love to hear your thoughts and possibly if someone is able to dig up the OS X OpenSSL support info, that would be great too! Cheers Jakub
