On Sat, Oct 14, 2023 at 10:31:20AM +0200, Claudio Jeker wrote: > On Sat, Oct 14, 2023 at 10:19:45AM +0200, Theo Buehler wrote: > > On Sat, Oct 14, 2023 at 09:56:04AM +0200, Omar Polo wrote: > > > and while here what about switching to using openssl 3.1? it's where > > > we had issues (see the privsep crypto thingy in smtpd-portable.) > > > > The reason we have it is for rpki-client portable testing. I think it is > > fine to switch to 3.1 (3.1 will be better than the others also because > > of BTI/IBT), but please give claudio a chance to comment. > > I'm fine with changing that. If the rpki-client test remains working I'm > ok.
Not sure what you mean by that, but rpki-client portable linked against this works fine here (with #100 applied). The diff to base libtls and older libretls looks sane enough, although I'm not sure I follow what led to the Root CA changes, but shrug. ok tb with 1.1 -> 3.1 in COMMENT and DESCR + major bump.
