Add OpenSSL 3 support #19814
Add OpenSSL 3 support #19814
Conversation
|
So are you also planning on removing LibreSSL support as it relies on OpenSSL 1.0 APIs? It's really nice that you're doing the work with bringing up OpenSSL 3, but I think dropping support for OpenSSL < 1.1.0 is not a good idea. |
|
@Yardanico supporting OpenSSL 3, 1.1, 1.0, 0.9 and LibreSSL, both with dynamic and static linking (and across multiple OSes) creates a combinatorial explosion of test scenarios, making it really difficult to ensure the libraries are used securely. |
FedericoCeratto
force-pushed
the
openssl3
branch
from
af44714
to
a109e0d
Compare
FedericoCeratto
force-pushed
the
openssl3
branch
3 times, most recently
from
c9cae5e
to
be8b094
Compare
There was a problem hiding this comment.
@FedericoCeratto, I'm not sure but I think, the reason of failing on mac runners is due to this ...
|
No Luck ... the same error. I think it's due to macOS SIP. It don't pass VARIABLES starts with DYLD_ to subprocess.
DYLD_LIBRARY_PATH variables exists. But when I execute https://stackoverflow.com/questions/35568122/why-isnt-dyld-library-path-being-propagated-here I found those issues. |
|
Here are the proofs
I've a script to run compiled nimble at bin dir. When I run that |
|
Env vars get lost might get lost in different locations in nimInternalBuildKochAndRunCI. |
FedericoCeratto
force-pushed
the
openssl3
branch
from
2aa2ed1
to
82a4372
Compare
|
The library import on Mac OS X is now fixed. |
FedericoCeratto
force-pushed
the
openssl3
branch
from
46402dc
to
dccf88c
Compare
|
@ringabout @Araq the remaining issue seems to be a timeout due to slow CI. Do you think the PR can be reviewed and merged? |
FedericoCeratto
requested review from
ringabout and
Varriount
and removed request for
dom96
I restarted the failed CI. |
|
One more attempt before I'll merge it anyway. |
|
Failed CI is due to timeout, I guess. Anyway, nice work @FedericoCeratto. Congrats! |
|
@Araq is there any plan to make a minor release to add support for OpenSSL 3? A number of users are being impacted by this. |
|
@Araq finally the CI is all green :) |
|
Thanks for your hard work on this PR! Hint: mm: orc; threads: on; opt: speed; options: -d:release |
|
These changes break CI on macos 11 for many of our projects that previously worked without having to install additional dependencies: https://github.com/status-im/nim-web3/runs/8027875139?check_suite_focus=true |
due to changes in nim-lang/Nim#19814
due to changes in nim-lang/Nim#19814
due to changes in nim-lang/Nim#19814
due to changes in nim-lang/Nim#19814
due to changes in nim-lang/Nim#19814
* switch CI to the supported versions of ubuntu and macos See: - actions/runner-images#6002 - actions/runner-images#5583 * don't continue on error for Nim 1.6 * install openssl on macos for Nim devel due to changes in nim-lang/Nim#19814
due to changes in nim-lang/Nim#19814
* conservative partial revert of #19814 * fix * revert tssl * revert azure CI change * keep azure, revert version range * fully revert CI, add changelog * useOpenssl3 as separate define, .3 is a version
This reverts commit 2dcfd73.
|
Hiiii |
|
FedericoCeratto:openssl3 |
due to changes in nim-lang/Nim#19814
* switch CI to the supported version of ubuntu See actions/runner-images#6002 * don't continue on error for Nim 1.6 * install openssl on macos for Nim devel due to changes in nim-lang/Nim#19814 --------- Co-authored-by: Jacek Sieka <jacek@status.im>
* Minor refactor * Add OpenSSL 3 support Remove symbols noOpenSSLHacksq and openssl10 * Drop loading of older openssl versions * Add library path * Use only versioned libssl soname os OSX * Update .github/workflows/ci_packages.yml Co-authored-by: Hein Thant <official.heinthanth@gmail.com> * On Mac OS X CI, link OpenSSL in /usr/local/lib/ * Install OpenSSL on Mac OS X on azure pipeline * Remove DYLD_LIBRARY_PATH Co-authored-by: Hein Thant <official.heinthanth@gmail.com> Co-authored-by: Andreas Rumpf <rumpf_a@web.de> Co-authored-by: Hein Thant <official.heinthanth@gmail.com>
) * conservative partial revert of nim-lang#19814 * fix * revert tssl * revert azure CI change * keep azure, revert version range * fully revert CI, add changelog * useOpenssl3 as separate define, .3 is a version
* Revert "Add OpenSSL 3 support (nim-lang#19814)" This reverts commit 2dcfd73. * openssl 3 support no longer opt in + some 1.0 support * hopefully fix * maybe fix * final attempt * actual fix hopefully
* Revert "Add OpenSSL 3 support (nim-lang#19814)" This reverts commit 2dcfd73. * openssl 3 support no longer opt in + some 1.0 support * hopefully fix * maybe fix * final attempt * actual fix hopefully
Drop support for versions below 1.1.0
Move away from deprecated functions
Fixes: #19604