[oi-dev] phasing out openssl 1.0.2 (mostly)

Alan Coopersmith alan.coopersmith at oracle.com
Sat Feb 24 21:33:53 UTC 2024


On 2/24/24 09:27, Goetz T. Fischer wrote:
> having a peek at other repos shows that e.g. the solaris userland has sort of a
> compromise solution. they do set the ssl version explicitly. however, their
> package names only contain the major version like "openssl-3" and the same goes
> for the install paths like "/usr/openssl/3/". that's not as flexible as having
> $(OPENSSL_INCDIR) and $(OPENSSL_LIBDIR) only or having it sorted by the
> mediator but at least allows all 3.x versions without code changes.

Note that solaris-userland only supports 2 versions of openssl, 1.0.2 & 3.0.x,
due to the support lifetimes and FIPS-140 certifications.  (While OpenSSL now
promises that all later 3.x versions will be backwards compatible with 3.0,
they are also promising a longer support life for 3.0.x than 3.1.x or 3.2.x:
https://www.openssl.org/policies/releasestrat.html )

	-alan-



More information about the oi-dev mailing list