[3.14] gh-144551: Update CI to use latest OpenSSL versions (GH-144794) (#144799)

[3.14] gh-144551: Update CI to use latest OpenSSL versions

Also update _ssl_data_35.h to include an added symbol from 3.5.5.

(cherry picked from commit b933ef92619db2a103a26c70e69b6d31978eb566)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 428e9d1a658395bbb4dc6783a7290c0ae16c8cdc..b6c28bf7f46263caf528bad9892cbdcc78611209 100644 (file)
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -303,7 +303,7 @@ jobs:
         # Keep 1.1.1w in our list despite it being upstream EOL and otherwise
         # unsupported as it most resembles other 1.1.1-work-a-like ssl APIs
         # supported by important vendors such as AWS-LC.
-        openssl_ver: [1.1.1w, 3.0.18, 3.2.6, 3.3.5, 3.4.3, 3.5.4]
+        openssl_ver: [1.1.1w, 3.0.19, 3.3.6, 3.4.4, 3.5.5, 3.6.1]
         # See Tools/ssl/make_ssl_data.py for notes on adding a new version
     env:
       OPENSSL_VER: ${{ matrix.openssl_ver }}

diff --git a/Modules/_ssl_data_35.h b/Modules/_ssl_data_35.h
index e4919b550e3a890dcb5325423dc4f6d789f3172e..8a9fef87b2aec59a2a72795d2a744d2401635d1f 100644 (file)
--- a/Modules/_ssl_data_35.h
+++ b/Modules/_ssl_data_35.h
@@ -1,6 +1,6 @@
 /* File generated by Tools/ssl/make_ssl_data.py */
-/* Generated on 2025-10-04T17:49:19.148321+00:00 */
-/* Generated from Git commit openssl-3.5.4-0-gc1eeb9406 */
+/* Generated on 2026-02-13T19:18:20.130102+00:00 */
+/* Generated from Git commit openssl-3.5.5-0-g67b5686b4 */
 
 /* generated from args.lib2errnum */
 static struct py_ssl_library_code library_codes[] = {
@@ -1668,6 +1668,11 @@ static struct py_ssl_error_code error_codes[] = {
   #else
     {"CERTIFICATE_VERIFY_ERROR", 46, 100},
   #endif
+  #ifdef CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA
+    {"CIPHER_AEAD_IN_ENVELOPED_DATA", ERR_LIB_CMS, CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA},
+  #else
+    {"CIPHER_AEAD_IN_ENVELOPED_DATA", 46, 200},
+  #endif
   #ifdef CMS_R_CIPHER_AEAD_SET_TAG_ERROR
     {"CIPHER_AEAD_SET_TAG_ERROR", ERR_LIB_CMS, CMS_R_CIPHER_AEAD_SET_TAG_ERROR},
   #else

diff --git a/Tools/ssl/multissltests.py b/Tools/ssl/multissltests.py
index ab9840c1c5252d61e67a1e399d8be23e2ad9ecbf..86baf8a3a74bd4bd84ed0e5932602343b1e524b5 100755 (executable)
--- a/Tools/ssl/multissltests.py
+++ b/Tools/ssl/multissltests.py
@@ -45,14 +45,15 @@ log = logging.getLogger("multissl")
 OPENSSL_OLD_VERSIONS = [
     "1.1.1w",
     "3.1.8",
+    "3.2.6",
 ]
 
 OPENSSL_RECENT_VERSIONS = [
-    "3.0.18",
-    "3.2.6",
-    "3.3.5",
-    "3.4.3",
-    "3.5.4",
+    "3.0.19",
+    "3.3.6",
+    "3.4.4",
+    "3.5.5",
+    "3.6.1",
     # See make_ssl_data.py for notes on adding a new version.
 ]