On 29.07.2021 02:43, Tom Rini wrote:
Yes, true. And that's two 1-line if/else. That's a reasonable to me level of effort to keep supporting older hosts. Your patch is adding in 60 lines. I really do want to dig a bit more here.
For me, it doesn't matter how many lines of code were added if I can't build host tools with older OpenSSL versions. So what's the point of keeping OpenSSL backward compatibility?
And honestly, part of my concerns also go around "who is going to maintain / test this area?". We don't have these older versions in CI (or we would have seen the problem before merging). Are you volunteering to support the relevant code areas here but on older openssl/libressl ?
We already have a nightly Jenkins CI job that tracks u-boot master and sends internal reports.
The best way would be to testing in the upstream azure pipeline.
You could add the following steps in your trini/u-boot-gitlab-ci-runner docker image: wget -O - https://www.openssl.org/source/old/1.0.2/openssl-1.0.2k.tar.gz | tar -C /opt -xz && \ cd /opt/openssl-1.0.2k/ && ./config shared && \ make && \ make install
In azure pipeline add new job for testing with old OpenSSL: make tools-only_config tools-only NO_SDL=1 \ HOSTLDFLAGS="-ldl -L/usr/local/ssl/lib" \ HOSTCFLAGS="-I/usr/local/ssl/include"
--- Artem