https://github.com/openssl/openssl/releases/tag/openssl-4.0.0
Article
-
OpenSSL 4.0.0 released with breaking API/ABI changes and removal of deprecated ‘Engines’
-
Adds Encrypted Client Hello (ECH) support; drops legacy provider interfaces
-
OPENSSL_cleanup() now runs in a global destructor instead of via atexit()
Discussion
-
Fedora maintainer noted transition smoother than 3.x; Engine removal was the main friction
-
Concern raised about
atexit() removal potentially introducing cleanup race conditions
-
Distro packagers dreading ABI break; memories of painful 2.x→3.x migration linger
-
LibreSSL mentioned as alternative; some asked what’s worth upgrading from 3.x for
Discuss on HN