< Previous by Date Date Index Next by Date >
< Previous in Thread Thread Index Next in Thread >

Re: [reSIProcate] OpenSSL 1.1.0 / non-backwards-compatible API changes



On 18/11/16 14:44, Scott Godin wrote:
> I think it makes sense to keep resip trunk instep with the latest
> OpenSSL.  We can endeavor to be backwards compatible whenever the effort
> is reasonable.
> 

I did a test build with the OpenSSL 1.1.0c headers

There are many errors, but many are repeated due to the same things
being included over and over again in many places.  This makes it
identify how much work is really involved in this change.

Just building the rutil directory only gives a very small handful of
errors, so maybe fixing those will fix a lot of the errors that appear
building other parts of the code.

Thinking about the bigger picture:

- OpenSSL 1.0.x will still be officially support for some years
https://www.openssl.org/policies/releasestrat.html

- RHEL7 users will still be on OpenSSL 1.0.x for some time

- Debian appears to be considering releasing both 1.0.2 and 1.1.x due to
the fact so many packages won't support 1.1.x yet

- Ubuntu and Fedora don't appear to be going fully 1.1.x until at least
the end of next year

So maybe we can make this change more gradually and not included in 1.11.0

Regards,

Daniel