This partially reverts commit d83e30cadd
by bringing back the CI job for testing OpenSSL 1.1.1w. Despite this
version being upstream EOL, the rationale for keeping it as follows:
- It most resembles other 1.1.1-work-a-like ssl APIs supported by important vendors.
- Python officially requires OpenSSL 1.1.1 or later, although OpenSSL 3.0 or later
is recommended for cryptographic modules. Since changing the build requirements
requires a transition period, we need to keep testing the allowed versions.
- The code base still contains calls to OpenSSL functions that are deprecated since
OpenSSL 3.0 as well as `ifdef` blocks constrained to OpenSSL 1.1.1.
* Add OpenSSL 3.5.2 definitions to Modules/_ssl_data_35.h (moved from Modules/_ssl_data_34.h)
* Demote OpenSSL 3.1 to "old", remove it from CI
* Update all OpenSSL versions to latest patchlevel in CI config and multissltests defaults
* Add OpenSSL 3.5.2 to CI configuration and multissltests default list
* Fix a typo in the argument parser description of multissltests.py
The existing link works, but includes the legacy `/all` part of the path
which causes a scary-looking banner about a misconfiguration on the
`Home` page when in reality it's the link that includes a deprecated path.
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
Co-authored-by: Zachary Ware <zach@python.org>
PEP-734 has been accepted (for 3.14).
(FTR, I'm opposed to putting this under the concurrent package, but
doing so is the SC condition under which the module can land in 3.14.)
When inexperienced users create a PR from their default branch, all of the concurrency keys
collide as there is no namespacing. This becomes an issue at events with many new contributors,
where workflow runs are cancelled on other pull requests.
Disambiguate by adding the username of the relevant 'actor' to the concurrency key.
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Co-authored-by: Sviatoslav Sydorenko <sviat@redhat.com>
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
OpenSSL 3.4.1 mnemonics are not compatible with OpenSSL 3.4.0 ones since
they were renumbered [1, 2]. Consequently, `_ssl_data_34.h` is renamed to
`_ssl_data_340.h` and `_ssl_data_34.h` now contains OpenSSL 3.4.1 mnemonics.
We also refine the mnemonics that are selected, discarding those that are
mnemonic-like but should not be used as such. More precisely, we remove
the ERR_LIB_MASK and ERR_LIB_OFFSET entries from OpenSSL 1.1.1 data.
[1]: https://github.com/openssl/openssl/issues/26316
[2]: https://github.com/openssl/openssl/issues/26388
