Drop support for OpenSSL < 1.0
OpenSSL 1.0.0 was released over five years ago. The only OS I'm aware of that ships an older version of OpenSSL is OSX, where sensible developers already install their own OpenSSL using Homebrew or something. Can we finally kill off the ability to use OpenSSL 0.9.8 with Tor?
Doing so would let us:
- Require ECDHE,
- Require SSL_export_keying_material for proposal 244
- Drop all kinds of backward compatibility workarounds
- Have tor_tls_session_secret_cb always work.