[3.14] gh-135261: bring back CI job for testing OpenSSL 1.1.1w (GH-135262) (#138109)

gh-135261: bring back CI job for testing OpenSSL 1.1.1w (GH-135262) This partially reverts commit d83e30cadd by bringing back the CI job for testing OpenSSL 1.1.1w. Despite this version being upstream EOL, the rationale for keeping it as follows: - It most resembles other 1.1.1-work-a-like ssl APIs supported by important vendors. - Python officially requires OpenSSL 1.1.1 or later, although OpenSSL 3.0 or later is recommended for cryptographic modules. Since changing the build requirements requires a transition period, we need to keep testing the allowed versions. - The code base still contains calls to OpenSSL functions that are deprecated since OpenSSL 3.0 as well as `ifdef` blocks constrained to OpenSSL 1.1.1. (cherry picked from commit 96b7a2eba4) Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
2025-12-23 09:19:18 +00:00 · 2025-08-26 07:45:08 +02:00 · 2025-08-26 07:45:08 +02:00 · 01afaccce6
commit 01afaccce6
parent 8b3f9ae2ca
1 changed files with 4 additions and 1 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -317,7 +317,10 @@ jobs:
      fail-fast: false
      matrix:
        os: [ubuntu-24.04]
-        openssl_ver: [3.0.17, 3.2.5, 3.3.4, 3.4.2, 3.5.2]
+        # Keep 1.1.1w in our list despite it being upstream EOL and otherwise
+        # unsupported as it most resembles other 1.1.1-work-a-like ssl APIs
+        # supported by important vendors such as AWS-LC.
+        openssl_ver: [1.1.1w, 3.0.17, 3.2.5, 3.3.4, 3.4.2, 3.5.2]
        # See Tools/ssl/make_ssl_data.py for notes on adding a new version
    env:
      OPENSSL_VER: ${{ matrix.openssl_ver }}