Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:94517 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 88609 invoked from network); 15 Jul 2016 21:18:58 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 15 Jul 2016 21:18:58 -0000 Authentication-Results: pb1.pair.com header.from=me@kelunik.com; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=me@kelunik.com; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain kelunik.com from 81.169.146.218 cause and error) X-PHP-List-Original-Sender: me@kelunik.com X-Host-Fingerprint: 81.169.146.218 mo4-p00-ob.smtp.rzone.de Received: from [81.169.146.218] ([81.169.146.218:45577] helo=mo4-p00-ob.smtp.rzone.de) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 4C/5B-20986-F3359875 for ; Fri, 15 Jul 2016 17:18:57 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1468617533; l=6924; s=domk; d=kelunik.com; h=Content-Type:Cc:To:Subject:Date:From:References:In-Reply-To: MIME-Version; bh=zBAYDe5knP5e6sxA9aTsryMwm+kKLFYrfoPFBSkH5Z8=; b=lduIZNrU8AWB8cXP9XutOzgVwkFjOfWzhTI/2XVnPOtByX0Jath+MS/FtTdm+xoELDX Mi+7iskpqZHM9xAsR1EAuwjeKAoBntPxhTar7yowwQGSJs5rVWrqadLyfnIqJ1Ts2AtO0 rxoB7cun8L3ca31FD7u3yimMIvhKv13vRG8= X-RZG-AUTH: :IWkkfkWkbvHsXQGmRYmUo9mls2vWuiu+7SLGvomb4bl9EfHtO3I6 X-RZG-CLASS-ID: mo00 Received: from mail-wm0-f41.google.com ([74.125.82.41]) by smtp.strato.de (RZmta 38.13 AUTH) with ESMTPSA id D0a26ds6FLIqFVR (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp384r1 with 384 ECDH bits, eq. 7680 bits RSA)) (Client did not present a certificate) for ; Fri, 15 Jul 2016 23:18:52 +0200 (CEST) Received: by mail-wm0-f41.google.com with SMTP id o80so45428489wme.1 for ; Fri, 15 Jul 2016 14:18:52 -0700 (PDT) X-Gm-Message-State: ALyK8tITR7+5VXUvnOn/osCekkStnxhrp3dGJGreS+NKITTo9wlQpjWb90YYX9V9U+uBIV1rMyZffK68wlVSNw== X-Received: by 10.28.60.136 with SMTP id j130mr15747615wma.93.1468617532140; Fri, 15 Jul 2016 14:18:52 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.27.206 with HTTP; Fri, 15 Jul 2016 14:18:51 -0700 (PDT) In-Reply-To: References: <10aa7da4-9880-811a-92f8-71ae5dcce621@gmail.com> Date: Fri, 15 Jul 2016 23:18:51 +0200 X-Gmail-Original-Message-ID: Message-ID: To: Jakub Zelenka Cc: Pierre Joye , Stanislav Malyshev , PHP internals list Content-Type: multipart/alternative; boundary=001a1148e21050b24c0537b32a76 Subject: Re: [PHP-DEV] Re: Bumping minimal OpenSSL version to 1.0.1 in master for PHP 7.1 From: me@kelunik.com (Niklas Keller) --001a1148e21050b24c0537b32a76 Content-Type: text/plain; charset=UTF-8 2016-07-15 18:30 GMT+02:00 Jakub Zelenka : > Hi, > > On Fri, Jul 15, 2016 at 9:48 AM, Pierre Joye wrote: > > > hi, > > > > On Fri, Jul 15, 2016 at 5:07 AM, Stanislav Malyshev > > > wrote: > > > Hi! > > > > > >> For that reason I'm thinking about postponing this. I would also love > to > > >> hear your thoughts and possibly if someone is able to dig up the OS X > > >> OpenSSL support info, that would be great too! > > > > > > As somebody working almost exclusively on OS X for my php builds for > the > > > last couple of years - I don't care too much what Apple ships or does > > > not ship by default. It's usually out-of-date and hard to use anyway. > > > And many libraries aren't there so you have to use external packages in > > > any case, and if you already do, homebrew is one of the best. > > > > > > It's much easier to spend a little time once and install all necessary > > > libs from homebrew and build against that. So for master, I wouldn't > > > have too many worries in this regard. > > > > > > BTW, homebrew is now on 1.0.2g. Which is not latest-greatest, but not > > > bad. And it is also not hard to use more recent sources IIRC. > > > > I agree with Stas about OSX. It will take (a lot of) time until Apple > > ships 7.1 with OSX. Most developers use either a VM, homebrew or an > > alternative due to many outdated components. They do provide latest > > versions as far as I remember. > > > > All in all I think we should drop these features and also require 1.x. > > > > > I have been thinking about it more and I think you are right. We should > drop the support for 0.9.8 and 1.0.0 that are EOL. Just the fact that Apple > deprecated it and suggested not using the system lib says a lot. When we > add that OS X 10.11 (El Capitan) doesn't even ship header and lib files and > the back-patching is not probably great, then there is probably no reason > to keep it for the cost of the maintenance of these old versions which > slows the development of openssl ext up. Especially after I add support for > OpenSSL 1.1. > > Unless someone has got a strong feeling and good reason why we shouldn't > drop it, I will bump the minimal version in the next couple of days. > > Thanks for the feedback! > > P.S. forgot to send link for the Apple info about OpenSSL before so here it > is :) : > > > https://developer.apple.com/library/mac/documentation/Security/Conceptual/cryptoservices/GeneralPurposeCrypto/GeneralPurposeCrypto.html > > Cheers > > Jakub > I'm not sure, but I guess it would be good if this happened before feature freeze / beta1 which will be tagged on 18th / 19th July. Regards, Niklas --001a1148e21050b24c0537b32a76--