fix: improve openssl checker

[ffontaine]

Improve openssl checker to avoid false positives with bind, exim, http_server, i2pd, janus, libssh, nginx, nmap, node, ntp, ntpsec, proftpd, sofia-sip, stunnel, tor and zabbix binaries which link dynamically with openssl library (and save the associated version number) or which has the following string:

OpenSSL 1.1.1 or newer

While at it, add an OpenWRT test package

[codecov-commenter]

Codecov Report

Merging #2987 (f6b2717) into main (9bdba0c) will increase coverage by 0.00%.
The diff coverage is 100.00%.

❗ Current head f6b2717 differs from pull request most recent head 51f1077. Consider uploading reports for the commit 51f1077 to get more accurate results

@@           Coverage Diff           @@
##             main    #2987   +/-   ##
=======================================
  Coverage   82.67%   82.68%           
=======================================
  Files         674      676    +2     
  Lines       10626    10660   +34     
  Branches     1426     1429    +3     
=======================================
+ Hits         8785     8814   +29     
  Misses       1474     1474           
- Partials      367      372    +5     

Flag	Coverage Δ
longtests	81.66% <100.00%> (+5.23%)	⬆️
win-longtests	80.10% <100.00%> (-0.28%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
test/test_data/apache_http_server.py	100.00% <ø> (ø)
test/test_data/bind.py	100.00% <ø> (ø)
test/test_data/exim.py	100.00% <ø> (ø)
test/test_data/i2pd.py	100.00% <ø> (ø)
test/test_data/janus.py	100.00% <ø> (ø)
test/test_data/libssh.py	100.00% <ø> (ø)
test/test_data/nginx.py	100.00% <ø> (ø)
test/test_data/nmap.py	100.00% <ø> (ø)
test/test_data/node.py	100.00% <ø> (ø)
test/test_data/ntp.py	100.00% <ø> (ø)
... and 8 more

... and 16 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[terriko]

I imagine this one will make a lot of folk happy. Thanks!

[terriko]

Whoops, hit approve too soon. Looks like the PR is missing a condensed download package for the new ipk.

[terriko]

Noticed the removal of pyca cryptography test and I think we should keep that one. Did it break when you updated the patterns?

[terriko]

The cryptography package really does include a copy of openssl. Or it did at the time this test was added, anyhow. I don't know offhand if later versions found another way, but it was policy to include the correct, latest openssl as part of the wheel to reduce dependency friction with various OSes.

So I think we should keep this test. It's surprising but likely useful to make sure we don't stop detecting that.

[ffontaine]

I updated the pattern to continue to detect openssl in cryptography

[terriko]

Thank you! Time to get this merged.