On Saturday, September 18, 2021 1:04 PM, Eric Biggers wrote: > Aleksander, can you look into these? These look like compiler warnings, why did they break the build? The reason for the warnings is that the Engines API that we use with OpenSSL <= 1.1 has started to be deprecated with OpenSSL release 3.0. The replacement that OpenSSL offers is called "Providers": https://www.openssl.org/docs/man3.0/man7/migration_guide.html#Engines-and-METHOD-APIs Unfortunately, the Providers API is only available starting with version 3.0, the same version that deprecates Engines: https://www.openssl.org/docs/manmaster/man3/OSSL_PROVIDER_load.html So, our options here are: 1. Tolerate deprecation warnings from the compiler until the OpenSSL version that provides the new replacement API is widespread enough to stop supporting OpenSSL versions <= 1.1 (I think this is the most reasonable approach, after all that's how deprecation mechanisms are meant to be used). 2. Use a bunch of preprocessor conditional #ifdefs to support both OpenSSL pre-3.0 with Engines and post-3.0 with Providers. This would make code pretty messy IMHO, but should be doable. I can start working on a patch if we get consensus; however, my opinion is that we should withhold from that until OpenSSL 3 is the standard release on mainstream distros.
|