Hello,
In a nutshell: 1. Must Mbed TLS support Python 3.4 to configure and test, or can 3.6 be enough? 2. Must the supplied CMake scripts support 2.8.12.2, or can 3.5.2 be enough?
This thread is about minimum tool versions to configure, build and test Mbed TLS (excluding TLS interoperability testing and some maintainer scripts) on Linux and similar (Unix-like) platforms. (This is not about the set of platforms where Mbed TLS will _run_, which is as close to “anything with CHAR_BIT==8 and sizeof(size_t) >= 4” as we can make it.)
Our general guideline is that Mbed TLS should build out of the box on supported versions of major desktop and server operating systems. In practice, this has tended to mean supporting tool versions from RHEL/CentOS, SLES and Ubuntu LTS releases (but not necessarily extended security maintenance releases).
Last year (https://lists.trustedfirmware.org/pipermail/mbed-tls/2020-April/thread.html) we concluded that we should support the following minimum versions, which will remain supported in the Mbed TLS 2.16 long-time support (LTS) branch:
clang 3.8 cmake 2.8.12.2 gcc 4.4 make 3.81 python 3.4 (in 2.16: only to build the unit tests, not to configure)
Since then, RHEL 6 and Ubuntu 16.04 have reached their end of life, the CentOS world has changed considerably. Looking at maintained platforms after April 2021 (https://github.com/ARMmbed/mbedtls/issues/2896#issuecomment-603471273), our current goal for the upcoming Mbed TLS 2.x LTS (last release before 3.0) is:
clang 6.0 cmake 2.8.12.2 (or 3.5.2? or 3.10.2?) gcc 4.8 make 3.82 python 3.6 (or 3.4.10?)
Regarding Python: is there any demand for supporting Python versions older than 3.6? Python 3 is required to fine-tune the library configuration (it is not needed if you use the default config.h or a handwritten one) and build the unit tests.
Regarding CMake: it is increasingly problematic for us to support CMake 2.8.12, which is only required for RHEL 7: other distributions under consideration have at least CMake 3.5. There is an ongoing effort to improve our CMake scripts to make it easier to integrate Mbed TLS into a larger project, but it is difficult to preserve backward compatibility with 2.8.12. Would it be acceptable to require CMake >= 3.5? CMake >= 3.10.2?
If you have any constraints that are not captured here or if you have an opinion regarding Python and CMake versions, please let us know quickly.