matthew.sel...@twosigma.com said:
> What's the cost of keeping 1.1.0 as the minimum version that we support?
Not much if any. NTS won't work.
> What's the cost of keeping 1.1.1 as the minimum version that we support?
22 ifdefs. They are all in the crypto code. None in NTS.
libaes_siv ha
Hi Hal,
See https://packages.debian.org/search?keywords=openssl for the versions of
openssl across supported Debian versions.
Debian oldstable has 1.1.1w and I know some people using that distro without
NTS, in production.
I think we should use 1.1.0 as the minimum and drop the shims for
EVP_
> On 06/11/2024 11:47 AM PDT Hal Murray via devel wrote:
:::snip:::
> So it looks like 1.1.0 isn't supported at all, much less older versions.
> But if you aren't using NTS, we just need the crypto routines. So is
> anybody running our code without NTS on really really really old versions
> of O
We have code like this in several places:
#ifndef EVP_MD_CTX_new
#define EVP_MD_CTX_new() EVP_MD_CTX_create()
#endif
The man page for EVP_MD_CTX_new() says:
The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were
renamed
to EVP_MD_CTX_new() and EVP_MD_CTX_free(
