s2n-tls icon indicating copy to clipboard operation
s2n-tls copied to clipboard

Published 20 hours ago verified publisher icon aws

Support an Openssl 3.0 build

Open raycoll opened this issue 4 years ago • 3 comments

Problem:

Per https://www.openssl.org/source/ , there is an alpha release available for Openssl 3.0. s2n supports builds with Openssl 1.1.1 and Openssl 1.0.2 which are supported until 2023 and 2019 respectively.

One notable improvement in Openssl 3.0 is FIPS becomes a runtime setting https://wiki.openssl.org/index.php/OpenSSL_3.0#Programmatically_loading_the_FIPS_module_.28default_library_context.29 .

Proposed Solution:

Add a new codebuild dimension that uses Openssl 3.0. We should not transition a majority of our tests to use 3.0 before 3.0 is ready for wide adoption.

raycoll avatar Apr 23 '20 19:04 raycoll

Opening this now, but I don't think it's a high priority yet.

raycoll avatar Apr 23 '20 19:04 raycoll

Openssl 3.0 has been released: https://www.openssl.org/blog/blog/2021/09/07/OpenSSL3.Final/

alexw91 avatar Sep 07 '21 16:09 alexw91

With 3.0 released, we're starting to track specific failures, e.g.: #3082

dougch avatar Oct 25 '21 18:10 dougch

ossl3 support has been added: https://github.com/aws/s2n-tls/issues/3442

toidiu avatar Sep 12 '22 16:09 toidiu