On Thu, Jul 29, 2021 at 02:37:10AM +0300, Artem Panfilov wrote:
> 
> On 29.07.2021 01:56, Tom Rini wrote:
> > Part of the question is then, were you enabling the SSL-related parts
> > before this change?  Or did the way the code is now being
> > enabled/disabled trigger this now being enabled when it wasn't before?
> >
> This commit broke the build:
> https://gitlab.com/u-boot/u-boot/-/commit/cb9faa6f98ae56d70d59505dad290dd3d381cb7b

OK.  How?  Or rather, what part of that is causing previously unbuilt
code to now be built?

> Our testing board defconfig:
> https://gitlab.com/u-boot/u-boot/-/blob/master/configs/hsdk_defconfig

OK.

> I also found this patch that was committed 4 months ago.
> It includes OpenSSL compatibility for old versions:
> https://gitlab.com/u-boot/u-boot/-/commit/fbc777429fa35312a9ea5f106692172d3153e659

Yes, true.  And that's two 1-line if/else.  That's a reasonable to me
level of effort to keep supporting older hosts.  Your patch is adding in
60 lines.  I really do want to dig a bit more here.

And honestly, part of my concerns also go around "who is going to
maintain / test this area?".  We don't have these older versions in CI
(or we would have seen the problem before merging).  Are you
volunteering to support the relevant code areas here but on older
openssl/libressl ?

-- 
Tom