build: audit openssl configure, update to openssl 3.4.0 #300
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Updates to the latest stable openssl, this series has support past the end of the current LTS, and we have no reason to stay on 3.0. Now autodetects an existing openssl installation and uses it for `--openssldir`. Removes existing `no-*` options that have been default for a long time. Adds `no-pinshared` because we're using a static openssl and don't need it to pin the executable. Replaces `no-unit-test` (a default) with `no-tests` to ensure tests are not compiled. Removes `no-stdio` because `FILE` may be useful, and it allows generating the openssl `apps/*` for debugging. Adds `no-makedepend` because we're running this once and it roughly halves the number of cc calls. Which matters quite a bit on Windows.
squeek502
approved these changes
Dec 19, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updates to the latest stable openssl, this series
has support past the end of the current LTS, and
we have no reason to stay on 3.0.
Now autodetects an existing openssl installation
and uses it for
--openssldir.Removes existing
no-*options that have beendefault for a long time.
Adds
no-pinsharedbecause we're using a staticopenssl and don't need it to pin the executable.
Replaces
no-unit-test(a default) withno-teststo ensure tests are not compiled.
Removes
no-stdiobecauseFILEmay be useful,and it allows generating the openssl
apps/*fordebugging.
Adds
no-makedependbecause we're running thisonce and it roughly halves the number of cc calls.
Which matters quite a bit on Windows.
Additionally passes
-Wno-devto cmake, it gets rid of the cmake policy warnings (that we don't care about) that we cannot enable without bumping our minimum cmake version.