On 2025-01-21, Peter Pentchev wrote: > > * portability and standards compliance fixes. > > Thanks for the fix for the OpenSSL 3.x deprecated functions! > I kept meaning to drop you a note about that (there was a Debian patch that > defined OPENSSL_SUPPRESS_DEPRECATED), and I kept putting it off...
I've wondered about using OPENSSL_SUPPRESS_DEPRECATED, but I'm not convinced that it's intended to be public. That #define is not in NEWS.md; it's mentioned in CHANGES.md, but in the context of configuration headers and "internal hacks". Our current method is: - try to compile with AES_encrypt() - if that fails, add -Wno-deprecated to CFLAGS and try again; if the modified attempt succeeds, add it to the CFLAGS for the relevant files. I'm not certain this is the best method, but I think it's slightly safer than OPENSSL_SUPPRESS_DEPRECATED. Cheers, - Graham
