[PATCH 1/1] lib/ecdsa: Fix LibreSSL before v2.7.0

Tom Rini trini at konsulko.com
Thu Jul 29 00:56:19 CEST 2021


On Thu, Jul 29, 2021 at 01:29:35AM +0300, Artem Panfilov wrote:
> 
> On 28.07.2021 23:07, Tom Rini wrote:
> > There is a fine line at least that I'm willing to walk in terms of
> > supporting ancient OSes directly and also not making things overly
> > complicated in our own tree.  That said, openssl tends to be one of the
> > ones where it does get hard to support old versions.  LibreSSL 2.7.5 was
> > released December 15th, 2018 and is the end of the 2.7.x line it seems.
> >
> > I'm interested to hear what the case is where the right call is the say
> > you're building modern software for real world use against such old
> > libraries.
> Hi Tom,
> I have a specific test case where I test if it's still possible to
> build upstream master u-boot on our infrastructure (progression testing).
> I also test runtime on our boards.
> 
> I understand that nowadays everyone uses docker container,
> but ​we have limited docker nodes right now on our site.
> 
> If you don't want to support OpenSSL < 1.1.0 and do not test it,
> then I suggest dropping it all over the tree because it doesn't
> make sense and looks misleading with such a partial solution.

Part of the question is then, were you enabling the SSL-related parts
before this change?  Or did the way the code is now being
enabled/disabled trigger this now being enabled when it wasn't before?

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20210728/a799ff03/attachment.sig>


More information about the U-Boot mailing list