Well, it looks like curl 8.18.0 needs openssl v3:
checking for OpenSSL >= v3... configure: error: OpenSSL 3.0.0 or upper required.
make[1]: *** [GNUmakefile:861: curl.config] Error 1
and I see that in their changelog.
Per @badger (see curl/curl#18330 (comment)):
is there a way to make easy local changes for those who prefer to stay with latest 1.1.1w? Any particular reason 1.1.1w misses something that's needed after this pr?
We deliberately took away support for all OpenSSL versions before version 3 because OpenSSL themselves don't provide updates for those versions anymore, unless you are a paying customer of theirs.
If you are using the free OpenSSL version, version 1.x.x is now a security risk.
If you are paying OpenSSL for support for version 1 and thus not vulnerable, then I am happy to offer you a version of curl with support for OpenSSL 1.x - available with a support contract.
So, to get OpenSSL 1.x support:
get a support contract
revert the curl/curl@69c89bf commit and fix the fallout (there might be a little more to it as well, but that's the major part)
stay on 8.17.0 and backport all (current and future) security patches to that version
Now, do I want to revert? Of course not, but I we need to for now. It looks like Discover has OpenSSL 3 (maybe?):
> rpm -qa | grep ssl
libopenssl-3-devel-3.0.8-150400.4.42.1.x86_64
libopenssl3-3.0.8-150400.4.42.1.x86_64
as does TOSS5 at NAS:
openssl-devel-3.5.1-4.el9_7.x86_64
openssl-3.5.1-4.el9_7.x86_64
But NAS TOSS4 and our internal dev servers are running RHEL 8 and moving RHEL 8 to OpenSSL3 is apparently "a thing" (see https://www.redhat.com/en/blog/experience-bringing-openssl-30-rhel-and-fedora and https://computingforgeeks.com/installing-openssl-3-x-on-rocky-alma-centos-rhel-8/)
I'm sure I could probably work with our folks to get RHEL 9 on our dev server. But moving a supercomputer...oof. But I'll ask if they have OpenSSL3 around somewhere.
Well, it looks like curl 8.18.0 needs openssl v3:
and I see that in their changelog.
Per @badger (see curl/curl#18330 (comment)):
Now, do I want to revert? Of course not, but I we need to for now. It looks like Discover has OpenSSL 3 (maybe?):
as does TOSS5 at NAS:
But NAS TOSS4 and our internal dev servers are running RHEL 8 and moving RHEL 8 to OpenSSL3 is apparently "a thing" (see https://www.redhat.com/en/blog/experience-bringing-openssl-30-rhel-and-fedora and https://computingforgeeks.com/installing-openssl-3-x-on-rocky-alma-centos-rhel-8/)
I'm sure I could probably work with our folks to get RHEL 9 on our dev server. But moving a supercomputer...oof. But I'll ask if they have OpenSSL3 around somewhere.