On Thu, Sep 2, 2021 at 2:28 PM Tom Rini trini@konsulko.com wrote:
On Thu, Jul 29, 2021 at 01:31:21PM -0500, Alexandru Gagniuc wrote:
Older OpenSSL and libressl versions have a slightly different API. This require #ifdefs to support. However, we still can't support it because the ECDSA path does not compile with these older versions. These #ifdefs are truly a vestigial appendage.
Alternatively, the ECDSA path could be updated for older libraries, but this requires significant extra code, and #ifdefs. Those libraries are over three years old, and there concerns whether it makes sense to build modern software for real world use against such old libraries.
Thusly, remove #ifdefs and code for old OpenSSL and LibreSSL support.
Signed-off-by: Alexandru Gagniuc mr.nuke.me@gmail.com
Applied to u-boot/next, thanks!
According to recent CVE announcements 1.1.0 is out of support [1], does it make sense to just support 1.1.1x and later?