On Thu, Jul 29, 2021 at 01:29:35AM +0300, Artem Panfilov wrote:
On 28.07.2021 23:07, Tom Rini wrote:
There is a fine line at least that I'm willing to walk in terms of supporting ancient OSes directly and also not making things overly complicated in our own tree. That said, openssl tends to be one of the ones where it does get hard to support old versions. LibreSSL 2.7.5 was released December 15th, 2018 and is the end of the 2.7.x line it seems.
I'm interested to hear what the case is where the right call is the say you're building modern software for real world use against such old libraries.
Hi Tom, I have a specific test case where I test if it's still possible to build upstream master u-boot on our infrastructure (progression testing). I also test runtime on our boards.
I understand that nowadays everyone uses docker container, but we have limited docker nodes right now on our site.
If you don't want to support OpenSSL < 1.1.0 and do not test it, then I suggest dropping it all over the tree because it doesn't make sense and looks misleading with such a partial solution.
Part of the question is then, were you enabling the SSL-related parts before this change? Or did the way the code is now being enabled/disabled trigger this now being enabled when it wasn't before?