OpenSSL 3.0

[nibanks]

WIP. Migrates to OpenSSL 3.0. Fixes #2039.

[nibanks]

@thhous-msft looks like it doesn't build on Linux.

[ThadHouse]

It looks like on Linux they changed the output layout of the build directory... Only on Linux though.

[thhous-msft]

Fixed. Documented change we just had to override.

[nibanks]

Looks like everything related to resumption and 0-RTT failed.

[anrossi]

Were there recent changes to this branch? Or are you saying the test run 7 months ago failed 0-RTT and Resumption?

[nibanks]

Were there recent changes to this branch? Or are you saying the test run 7 months ago failed 0-RTT and Resumption?

Not sure. I don't remember seeing them fail before, but I might not have been paying attention.

[nibanks]

@tmshort are there any known issues with quictls/openssl resumption/0-RTT changes when upgrading from v1.1.1 to v3.0? All our tests in these areas fail if we try to use v3.0.

[tmshort]

@tmshort are there any known issues with quictls/openssl resumption/0-RTT changes when upgrading from v1.1.1 to v3.0? All our tests in these areas fail if we try to use v3.0.

AFAIK, Akamai is still using 1.1.1, so, we haven't had experience with 3.0 yet. I would avoid 3.0.6+quic, since upstream withdrew 3.0.6 and 1.1.1r.

[nibanks]

@tmshort are there any known issues with quictls/openssl resumption/0-RTT changes when upgrading from v1.1.1 to v3.0? All our tests in these areas fail if we try to use v3.0.

AFAIK, Akamai is still using 1.1.1, so, we haven't had experience with 3.0 yet. I would avoid 3.0.6+quic, since upstream withdrew 3.0.6 and 1.1.1r.

We failed on the 3.0.5, so it's not specific to the latest.

[nibanks]

Some (especially HPS) perf is still bad (some good). https://dev.azure.com/ms/msquic/_build/results?buildId=384283&view=results

Windows

Running Test ThroughputUp_Windows_x64_openssl_Default
Test Run Took 00:00:13.7595507
Run 1: 6134887 kbps
Test Run Took 00:00:13.6793726
Run 2: 6110682 kbps
Test Run Took 00:00:13.6593184
Run 3: 6117120 kbps
Test Run Took 00:00:13.6997394
Run 4: 6224793 kbps
Test Run Took 00:00:13.6792827
Run 5: 6221608 kbps
Median: 6134887 kbps (-20.56%)
Remote: 7722431.4 kbps

Running Test HPS_Windows_x64_openssl_Default
Test Run Took 00:00:10.8929498
Run 1: 1460 HPS
Test Run Took 00:00:10.8183108
Run 2: 1484 HPS
Test Run Took 00:00:10.8307725
Run 3: 1446 HPS
Test Run Took 00:00:10.8113952
Run 4: 1595 HPS
Test Run Took 00:00:10.8670791
Run 5: 1496 HPS
Median: 1484 HPS (-66.41%)
Remote: 4418.2 HPS

Linux

Running Test HPS_linux_x64_openssl_Default
Test Run Took 00:00:11.3684896
Run 1: 1924 HPS
Test Run Took 00:00:11.5982844
Run 2: 1954 HPS
Test Run Took 00:00:11.6490310
Run 3: 1885 HPS
Test Run Took 00:00:11.5490164
Run 4: 1843 HPS
Test Run Took 00:00:11.6666582
Run 5: 1884 HPS
Median: 1885 HPS (-84.5%)
Remote: 12162 HPS

[jarnovanderlinden]

Consider adding the "-no-legacy" flag to OPENSSL_CONFIG_FLAGS. I don't think msquic needs the legacy support. Without the flag I'm getting some LNK4006 linker warnings on Visual Studio when using it with static linking (due to some functions being duplicated in the legacy and non-legacy code).

[nibanks]

@tmshort it seems like there might be issues with sending session tickets (with quictls v3.0.*):

[1]14C0.04D8::2022/11/04-11:10:50.254068500 [Microsoft-Quic][conn][0x23E06066710] Encoded 30 bytes for QUIC TP
[1]14C0.04D8::2022/11/04-11:10:50.254072500 [Microsoft-Quic][conn][0x23E06066710] Sending ticket data, 48 bytes
[1]14C0.04D8::2022/11/04-11:10:50.254195500 [Microsoft-Quic][conn][0x23E06066710] Send alert = 80 (Level = 3)
[1]14C0.04D8::2022/11/04-11:10:50.254201200 [Microsoft-Quic][ tls][0x23E06066710] ERROR, 1, SSL_do_handshake failed.

[nibanks]

Closing in favor of #3387.