[RFC] Remove OpenSSL 1.x support

[juimonen]

Remove OpenSSL 1.x support as it is reaching end-of-life in many distros.

[marc-hb]

This definitely requires a TEST PR in SOF before merge.

[marc-hb]

https://github.com/thesofproject/sof/pull/7444 fails because (among others?) https://github.com/zephyrproject-rtos/docker-image/pkgs/container/zephyr-build v0.24 was still based on Ubuntu 20.04

[marc-hb]

The latest ghcr.io/zephyrproject-rtos/zephyr-build:v0.26.1 is based on Ubuntu 22.04, which has openssl3. Yeah!

However it also has /opt/toolchains/zephyr-sdk-0.16.0, which will mismatch with zephyr-sdk-0.15.2_windows-x86_64.zip (df1ba222306d)

@aborisovich could you please upgrade zephyr-sdk-0.15.2_windows-x86_64.zip to zephyr-sdk-0.16.0_windows-x86_64.zip in sof/.github/workflows/zephyr.yml?

Then this will be enough on the Linux side (TESTED!)

EDIT: this has already been merged, not needed anymore.

--- a/zephyr/docker-run.sh
+++ b/zephyr/docker-run.sh
@@ -54,7 +54,7 @@ main()

 run_command()
 {
-    # zephyr-build:v0.24.13 has /opt/toolchains/zephyr-sdk-0.15.2
+    # zephyr-build:v0.26.1 has /opt/toolchains/zephyr-sdk-0.16.0
     # https://hub.docker.com/r/zephyrprojectrtos/zephyr-build/tags
     #
     # Keep this SDK version identical to the one in
@@ -63,7 +63,7 @@ run_command()
            --workdir /zep_workspace \
            $SOF_DOCKER_RUN \
            --env REAL_CC --env http_proxy --env https_proxy \
-           ghcr.io/zephyrproject-rtos/zephyr-build:v0.24.13 \
+           ghcr.io/zephyrproject-rtos/zephyr-build:v0.26.1 \
            ./sof/scripts/sudo-cwd.sh "$@"
 }

[juimonen]

@lgirdwood not sure how we should test this.... @marc-hb any ideas? how could I use temporarily "test updated" build container, so to get all images signed with ssl3 and CI tested...

[marc-hb]

@juimonen you can test this with my zephyr/docker-run.sh patch above. This will make the build different from Windows which will temporarily break the Linux versus Windows check but for temporary testing that's OK.

EDIT: this will NOT test everything because some systems may not use that script. But it will provide some testing and feedback.

[marc-hb]

Linux build is OK but https://github.com/thesofproject/sof/actions/runs/4830399599/jobs/8606585483?pr=7444 looks like the Windows build misses OpenSSL3? @aborisovich can you help?

[marc-hb]

Zephyr main branch is upgrading to Zephyr SDK 0.16.1

• https://github.com/zephyrproject-rtos/zephyr/pull/57840
• thesofproject/sof#7614

[marc-hb]

Great news: the Zephyr container has been upgraded to Ubuntu 22 by https://github.com/thesofproject/sof/pull/7645 and we had some Windows updates too.

@juimonen can you give this another try?

[lgirdwood]

@juimonen ping.

[lgirdwood]

@juimonen ping

[juimonen]

@lgirdwood @marc-hb @aborisovich still not compiling for windows... not sure can it be somehow updated for ssl3? test PR here https://github.com/thesofproject/sof/pull/7444

[lgirdwood]

@mwasko @abonislawski @aborisovich SDL requires SSL3, need to update Windows.

[juimonen]

@marc-hb @fredoh9 @aiChaoSONG (put here everyone who might know about CI)... I tried this locally with both sof docker image and zephyr docker image, and it compiles in both -> means they have ssl3 support. However there is some errors still in some CI compilation (even outside windows builds)... Can someone take a look at thesofproject/sof#7444 results, so do we need to do still some CI update, so that we don't have any ssl1 things left?

[marc-hb]

Can someone take a look at https://github.com/thesofproject/sof/pull/7444 results, so do we need to do still some CI update, so that we don't have any ssl1 things left?

Yes, both the Jenkins nodes and Github Action for windows need some updates.

[lgirdwood]

@wszypelt @mwasko fyi - needs Windows update to use sssl3. Thanks!

[wszypelt]

@lgirdwood @mwasko @juimonen I will issue the appropriate ticket

[lgirdwood]

@alex-cri fyi.

[marc-hb]

To easily move these commits to the main sof repo, see:

• https://github.com/thesofproject/sof/pull/8297#issuecomment-1758566134

[marc-hb]

Filed new issue:

• https://github.com/thesofproject/sof/issues/9440