When #292 was posted, upgrading OpenSSL was included as an optional item. At the time, v1.0 was expected to be reached before the EOL date of OpenSSL 1.1.1.
Since then, OpenSSL 1.1.1 has gone out of support, making this a lot more urgent. IMO it now warrants more than an optional status for v1.0.
Unfortunately OpenSSL 3.0 reportedly has severe performance regressions compared to 1.1.1. These are fixed in later (non-LTS) OpenSSL releases; in particular, the latest 3.3 release, while not an LTS, has a support period ending only a few months before that of 3.0. Of course, newer versions introduce increased risk of failing to build with the gcc 4.0.4-based toolchain available when we build OpenSSL.
When #292 was posted, upgrading OpenSSL was included as an optional item. At the time, v1.0 was expected to be reached before the EOL date of OpenSSL 1.1.1.
Since then, OpenSSL 1.1.1 has gone out of support, making this a lot more urgent. IMO it now warrants more than an optional status for v1.0.
Unfortunately OpenSSL 3.0 reportedly has severe performance regressions compared to 1.1.1. These are fixed in later (non-LTS) OpenSSL releases; in particular, the latest 3.3 release, while not an LTS, has a support period ending only a few months before that of 3.0. Of course, newer versions introduce increased risk of failing to build with the gcc 4.0.4-based toolchain available when we build OpenSSL.