The minimal required OpenSSL version is 1.1.1 but we recommend to use OpenSSL 3.x and later for hashlib and ssl. However, we still have many code paths that are conditioned to OpenSSL versions and those are not eagerly tested. I suggest adding an SSL CI job for OpenSSL 1.1.1.

Ideally, I'd like to backport such job up to 3.9, but I'm not sure if I'm allowed to do this as it's not really a security issue.

Linked PRs

• gh-135261: add CI job for testing OpenSSL 1.1.1w #135262

FWIW, testing of 1.1.1 was deliberately removed in #123700 nine months ago.

I'll forward the comment I wrote on the PR here as well:

I do want it because we have code that is conditioned to OpenSSL version. And the (official) build requirements are still 1.1.1w so it makes sense to test this. Otherwise I don't know when we test those paths.

See https://docs.python.org/3/using/configure.html#build-requirements as well.

To be clear, the code paths that need to be tested are those in _hashlib, for instance:

	#ifdef Py_HAS_OPENSSL3_SUPPORT
	#define PY_EVP_MD EVP_MD
	#define PY_EVP_MD_fetch(algorithm, properties) EVP_MD_fetch(NULL, algorithm, properties)
	#define PY_EVP_MD_up_ref(md) EVP_MD_up_ref(md)
	#define PY_EVP_MD_free(md) EVP_MD_free(md)
	#else
	#define PY_EVP_MD const EVP_MD
	#define PY_EVP_MD_fetch(algorithm, properties) EVP_get_digestbyname(algorithm)
	#define PY_EVP_MD_up_ref(md) do {} while(0)
	#define PY_EVP_MD_free(md) do {} while(0)
	#endif

	#ifdef Py_HAS_OPENSSL3_SUPPORT
	return EVP_default_properties_is_fips_enabled(NULL);
	#else
	ERR_clear_error();
	int result = FIPS_mode();
	if (result == 0) {
	// "If the library was built without support of the FIPS Object Module,
	// then the function will return 0 with an error code of
	// CRYPTO_R_FIPS_MODE_NOT_SUPPORTED (0x0f06d065)."
	// But 0 is also a valid result value.
	unsigned long errcode = ERR_peek_last_error();
	if (errcode) {
	notify_ssl_error_occurred();
	return -1;
	}
	}
	return result;
	#endif

Also, some constructions are deprecated in OpenSSL 3.0 but are still used (the HMAC_* interface is deprecated, and we should use EVP_MAC instead; this is #134531).

Considering that the OpenSSL project officially ended unpaid support for 1.1.1 in 2023, I think we should consider updating our build requirements docs to exclude 1.1.1 rather than reintroduce 1.1.1 support in testing. At the moment the OpenSSL project offers at considerable expense extended support contracts for 1.1.1 . There are also vendors who provide paid extended support contract for various versions of Python. We could leave that support to them for users who need it.

See also recent discussion in #131423.

One relevant comment was #131423 (comment). And I actually agreed with dropping 1.1.1 requirements. It's just that my system-wide installation is 1.1.1. It's not an issue for me to upgrade it.

The advantage of dropping 1.1.1 is that it simplifies a lot the code, both in _hashopenssl.c and in _ssl.c. We can also drop the mnemonics from 1.1.1 that would be dead code. But I don't know about LibreSSL/BoringSSL that could be 1.1.1-ish. It's not officially supported, but it also doesn't cost much to keep it maintained for 1.1.1.

However, whatever we choose, if we keep it some code path that only works for OpenSSL 1.1.1, we should somehow test it (because now, we don't test it at all)

@WillChilds-Klein may be able to provide CI or buildbot setup to help us maintain AWS-LC shaped support (per the discuss thread).