Thanks for the work and the update. May I suggest to submit the update to 2023Q2 status reports too? https://docs.freebsd.org/en/articles/freebsd-status-report-process/#_submit_your_report
Cheers, Lorenzo Salvadore Inviato da Proton Mail mobile -------- Messaggio originale -------- Il 8 Giu 2023, 19:13, Ed Maste ha scritto: > As previously mentioned[1] FreeBSD 14.0 will include OpenSSL 3.0. We expect > to merge the update to main in the near future (within the next week or two) > and are ready for wider testing. Supported by the FreeBSD Foundation, Pierre > Pronchery has been working on the update in the src tree, with assistance > from Enji Cooper (ngie@), and me (emaste@). Thanks to Antoine Brodin > (antoine@) and Muhammad Moinur Rahman (bofh@) for ports exp-runs and > fixes/workarounds and to Dag-Erling (des@) for updating ldns in the base > system. ## Base system compatibility status Most of the base system is ready > for a seamless switch to OpenSSL 3.0. For several components we've added > `-DOPENSSL_API_COMPAT=0x10100000L` to CFLAGS to specify the API version, > which avoids deprecation warnings from OpenSSL 3.0. Changes have also been > made to avoid OpenSSL APIs already deprecated in OpenSSL 1.1. We can continue > the process of updating to contemporary APIs after OpenSSL 3.0 is in the > tree. Additional changes are still required for libarchive and seven > Kerberos-related libraries or tools. Workarounds are ready to go along with > the OpenSSL 3 import, and proper fixes are in progress in the upstream > projects. A segfault from `openssl x509` in the i386 ports exp-run is under > investigation and needs to be addressed prior to the merge. ## Ports > compatibility With bofh@'s recent www/node18 and www/node20 patches the ports > tree is in reasonable shape for OpenSSL 3.0 in the base system. The exp-run > (link below) has a list of the failing ports, and I've emailed all of the > maintainers as a heads-up. None of the remaining failures are responsible for > a large number of skipped ports (i.e., the failures are either leaf ports or > are responsible for only a small number of skipped ports). I expect that some > or many of these will need to be addressed after the change lands in the src > tree. ## Call for testing We welcome feedback from anyone willing to test the > work in progress. Pierre's update can be obtained from the pull request[2] or > by fetching the branch[3]. If desired I will provide a large diff against > main. ## Links - Base system OpenSSL 3.0 update tracking PR: > https://bugs.freebsd.org/271615 - Ports exp-run with OpenSSL 3.0 in the base > system: https://bugs.freebsd.org/271656 [1] > https://lists.freebsd.org/archives/freebsd-current/2023-May/003609.html [2] > https://github.com/freebsd/freebsd-src/pull/760 [3] > https://github.com/khorben/freebsd-src/tree/khorben/openssl-3.0.9
