[PATCH 1/1] lib/ecdsa: Fix LibreSSL before v2.7.0
Artem Panfilov
panfilov.artyom at gmail.com
Thu Jul 29 12:40:41 CEST 2021
On 29.07.2021 02:43, Tom Rini wrote:
>
> Yes, true. And that's two 1-line if/else. That's a reasonable to me
> level of effort to keep supporting older hosts. Your patch is adding in
> 60 lines. I really do want to dig a bit more here.
For me, it doesn't matter how many lines of code were added if I can't
build host tools with older OpenSSL versions. So what's the point
of keeping OpenSSL backward compatibility?
> And honestly, part of my concerns also go around "who is going to
> maintain / test this area?". We don't have these older versions in CI
> (or we would have seen the problem before merging). Are you
> volunteering to support the relevant code areas here but on older
> openssl/libressl ?
We already have a nightly Jenkins CI job that tracks u-boot master
and sends internal reports.
The best way would be to testing in the upstream azure pipeline.
You could add the following steps in your trini/u-boot-gitlab-ci-runner docker image:
wget -O - https://www.openssl.org/source/old/1.0.2/openssl-1.0.2k.tar.gz | tar -C /opt -xz && \
cd /opt/openssl-1.0.2k/ && ./config shared && \
make && \
make install
In azure pipeline add new job for testing with old OpenSSL:
make tools-only_config tools-only NO_SDL=1 \
HOSTLDFLAGS="-ldl -L/usr/local/ssl/lib" \
HOSTCFLAGS="-I/usr/local/ssl/include"
---
Artem
More information about the U-Boot
mailing list