Hi,
(Forwarding here as requested by [email protected]...) I'm involved in the DEfO project [1] that's been developing ECH for OpenSSL. We've now gotten ECH code upstreamed to the openssl master branch so it should be included in the upcoming openssl 4.0 release, which is great news (for us:-). I believe there'll be an alpha release of that about March 10th. I see however, that the openssl master branch now also has some unrelated changes that break our DEfO CI builds [2] for httpd (as well as haproxy, lighttpd and nginx;-) due to some changes in interfaces (some const-ifying, making some previously exposed structs opaque and some deprecations). That all caused our DEfO ECH CI setup [2] to show a bunch of red flags. I assume that this is something your project will address, but in the meantime it may be useful to see the way I hacked our httpd CI build to get it working with the current openssl master branch. The relevant commit is [3]. Note that those aren't proper fixes, as I'm sure you'd do something more thorough that works with various openssl versions, so [3] is just an FYI and not a real patch/PR, but maybe useful nonetheless. There's nothing really that tricky to change here, it's just a bit tedious. Cheers, Stephen. [1] https://defo.ie [2] https://github.com/defo-project[3] https://github.com/defo-project/apache-httpd/commit/aa0aef2734a7b2650c0358323267633bd3ed53a6
OpenPGP_signature.asc
Description: OpenPGP digital signature
