[PATCH 1/1] lib/ecdsa: Fix LibreSSL before v2.7.0

Tom Rini trini at konsulko.com
Wed Jul 28 22:07:01 CEST 2021


On Wed, Jul 28, 2021 at 03:00:44PM -0500, Alex G. wrote:
> Hi Artem,
> 
> I'm re-adding the u-boot mailing list to the CC field, as I see your email
> contains no sensitive information.
> 
> On 7/28/21 2:30 PM, Artem Panfilov wrote:
> > We have broken CI builds on your bare-metal CentOS 7 servers with latest
> > master. I think it is good reason to have  a support. Our corporate
> > clients have CentOS 7 too.
> 
> I thought we solved problems associated with bare builds on ancient OSes by
> using containerized builds. There's is CI infrastructure based on this on
> source.denx.de that uses docker. As things change, and we eventually move to
> GNU TLS, a lot more things might break for old build hosts. I believe it's
> worth looking at containerized builds.
> 
> Given that a solution exists for your problem, I think the argument for this
> patch quite weak.

There is a fine line at least that I'm willing to walk in terms of
supporting ancient OSes directly and also not making things overly
complicated in our own tree.  That said, openssl tends to be one of the
ones where it does get hard to support old versions.  LibreSSL 2.7.5 was
released December 15th, 2018 and is the end of the 2.7.x line it seems.

I'm interested to hear what the case is where the right call is the say
you're building modern software for real world use against such old
libraries.

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20210728/9bd7dcde/attachment.sig>


More information about the U-Boot mailing list