(c) EBCDIC. z/OS is still alive. I'll concede that one is weird and hard to get hold of, but it has a lot of users still.
This ISN'T the Linux kernel. It's userspace code and longer lived and wider spread than Linux and pretty fundamental to security. Even with the 'dead' platforms crossed out, it has far more variants to support than Linux, and typically longer support lifetimes. So, some device like a router has been out in the field ten years but still works just fine, are you going to block security updates for it ? You won't get major cleanups without purging platforms like Windows, OS/X, AIX, HP/UX. Windows, I'd suggest most of the cruft there could be removed by insisting that it builds with gnu make/cygwin installed but using the native MS compiler. That's probably the biggest single cleanup possible and it's very much a 'live' platform. Peter From: "Theodore Ts'o" <ty...@mit.edu> To: openssl-dev@openssl.org Date: 03/06/2014 12:01 PM Subject: Re: AW: Which platforms will be supported in the future on which platforms will be removed? Sent by: owner-openssl-...@openssl.org On Tue, Jun 03, 2014 at 11:22:58AM +1000, Peter Waltenberg wrote: > > I won't argue that sometimes legacy support makes the code hard to read, > but in itself I don't think it's causing bugs. The OpenBSD people are right here. If it's hard to read, then we don't have many eyeballs on the code. And while that isn't the only way to curtail an active development community (Sun Microsytems came up with many more), it's certainly one of the more effective ones. It's not like someone wakes up and says, "I know! I'll screw over the entire internet by introducing a security bug!" It happens by accident, and the messier your code is, the more likely it is to happen. Code needs to be easy to read; or else you get bugs. There's a reason why the Linux kernel coding style strongly discourages in-line #ifdef's in code. > I'd also point out that legacy platforms are pretty common in the embedded > space and may even make up the majority of instances of OpenSSL in the > wild. I don't think there are a lot of embedded systems using (a) VMS, (b) Windows 3.1, or (c) EBCDIC. Cheers, - Ted ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org