[Upgrade] Use OpenSSL v3
hyperxpro opened this issue · comments
OpenSSL v3 is available and now achieved FIPS 140-2 Validation. This is useful for use cases that need FIPS 140-2 out of the box.
hi @normanmaurer, I'm happy to put in the work to do this - is it as simple as updating the hashes in the file like c2b5d1a ?
I tried doing that locally (updating to 3.0.2) and it worked fine for me in my application, so I wanted to see if it was possible to have the version here upgraded
Well, is it just updating hashes and pointing to a new URL? No API change?
@hyperxpro it worked fine in my application, but I'm not sure of how to run the full suite of tests for netty-tcnative and ensure everything works just fine. Happy to put up a PR and have that launch CI jobs if that's acceptable.
Sure please do.
Also, can you show Netty logs when you loaded 3.0.0 OpenSSL?
@hyperxpro here's what I saw:
18:08:03.378 [ScalaTest-run] DEBUG io.netty.handler.ssl.OpenSsl - Initialize netty-tcnative using engine: 'default'
18:08:03.380 [ScalaTest-run] DEBUG io.netty.handler.ssl.OpenSsl - netty-tcnative using native library: OpenSSL 3.0.2 15 Mar 2022
Will try to put up a PR in a bit (need to double check my corporate policies)
Closed by PR #802