azure-sdk-for-cpp
azure-sdk-for-cpp copied to clipboard
This line requires OpenSSL >= 3.0; with other words drops support for OpenSSL 1.1.1
https://github.com/Azure/azure-sdk-for-cpp/blob/083a88e8849d54be50aa50434995f480b67d1274/sdk/core/azure-core/src/http/curl/curl.cpp#L1447
Just want to make sure that this was really intended 😉 - personally I believe supporting OpenSSL version 1.1.1 is a must since e.g ubuntu 21.10 (impish) debian 11 (bullseye) still distribute version 1.1.1.
This was intended. For better or worse, the Azure SDK has moved to OpenSSL 3.0 because vcpkg forces all clients of vcpkg to use OpenSSL 3.0 and the Azure SDK's OpenSSL dependencies is managed via vcpkg.
Does the addition of the OpenSSL 3 API cause challenges for your use of the Azure SDK for C++?
@LarryOsterman Thanks for the answer.
I'm using the Azure SDK for C++ in conjunction with https://github.com/Azure/azure-iot-sdk-c to build a edge module that connects to Azure Blob Storage on IoT Edge. Because of the IoT-Context and other 3rd party software we are directly linking the library (no use of cmake or vcpkg) and are more or less bound to the distributed/supported OpenSSL version.
Maybe my use-case is somewhat special, but I would have advised to postpone the usage of OpenSSL 3 until the most important Linux LTS distributions officially support it 😉
For now the workaround is simple - I just use the slightly older release (azure storage 12.6.1) that builds fine with OpenSSL 1.1.1.
Unfortunately, our hands are currently tied due to vcpkg moving to OpenSSL 3.0. We are currently investigating if it is possible to use vcpkg overlays to move back to OpenSSL 1.1.1n (you are not the only team which is having challenges because of the OpenSSL 3.0 change).
FWIW, the OpenSSL 3.0 change is mandated for several distributions (Ubuntu 22 for example) and causes problems for others. It's a bit of a mess (one example: Apps using the OpenSSL 1.1.1n shared library fail on Ubuntu 22 without manually installing OpenSSL 1.1.1n, apps using OpenSSL 3.0 shared library fail on Ubuntu 20).
Finally a problem that can be solved by waiting 😉 My expectation is that in a year or so most software is updated to use OpenSSL 3. For me the release of debian bookworm is the crucial requirement. I'll leave this issue open if you would like to comment after a decision about the SSL 1.1.1 overlay has been made - otherwise I guess everything has been said, so feel free to just close it.
FWIW, the OpenSSL 1.1.1 overlay port is live now:.