William A. Rowe Jr. wrote:
On 3/16/2010 4:53 PM, Kees Dekker wrote:
* I saw a lot of NT4 code.
What NT4 code? You must be referring to _WIN32_WINNT macro
sometimes set
to 0x400. It does not denote NT4-specific code, it denotes
that NT4 is
required *minimum*. Meaning that it targets *all* Windows versions
*past* 4: 2000, XP, 2003, Vista, 2008, 7, etc.
Example: rand_win.c, check on osverinfo.dwMajorVersion< 5 (i.e. NT4).
And all places, using GetVersion()>= 0x80000000 points to Win9x code.
But, please ignore this remark. My key point is the dependency to user32.dll.
Sorry for causing confusion.
It is past time to deprecate all 9x and NT support, but I expect we will
only see this occur in OpenSSL 1.0.0 (in which case, deprecating 2000 is
equally valid, since Extended Support for Windows 2000 Server and Windows
2000 Professional ends on July 13, 2010).
These machines are toxins when connected to a public internet due to known
security flaws, we must go on the assumption that the typical user/operator
does not know how to/does not go to the trouble to disable unused services.
As a security layer provider, OpenSSL project would obviously be much more
attentive to such issues than a typical open source project.
Therefore Windows XP/2003 as a baseline, going forwards is completely
reasonable. I realize this is a tangent of the original report, but its
certainly legitimate.
OpenSSL support many platforms and I could not found reason project to
be limited in backward compatible support as Microsoft Windows OS-es.
Roumen
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
