Hi Vitaly, On Wed, 2022-08-31 at 01:54 +0300, Vitaly Chikunov wrote: > Mimi, > > On Tue, Aug 30, 2022 at 11:52:54PM +0300, Vitaly Chikunov wrote: > > On Tue, Aug 30, 2022 at 07:46:40AM -0400, Mimi Zohar wrote: > > > On Tue, 2022-08-30 at 06:03 +0300, Vitaly Chikunov wrote: > > > We need to move away from OpenSSL engine support towards providers. > > > > Perhaps they will remove engines (it's not certain) in openssl4, > > but how many years will pass before that? I don't see why we should > > hurry in that. > > https://www.openssl.org/policies/releasestrat.html > Version 3.0 will be supported until 2026-09-07 (LTS). > > So all that time there will be engines support, even if they decide to > remove it in next major release. So it doesn't look like we need to > delete it ASAP. Agreed there is no rush. The original intent of this patch set, however, was to address as many deprecated warnings as possible without turning them off. Once they're turned off, they're out of sight, out of mind. The only remaining deprecated warnings, without this patch, are the engine related ones. The two alternatives both require disabling deprecated warnings: - invert "--enable-engine" to "--disable-engine" and disable the deprecated warnings. - drop this patch and turn off the deprecated warnings, if compiled with OpenSSL v3. Mimi
