Well, one could also do a
openssl-compat package which includes 1.0 versions and symlink. Like every distro on earth has done for several packages ever since the libc5->libc6 thing.
No it’s not pretty and especially with openssl you probably don’t want to depend on an old library, but it’s the “cleaner” solution IMO.
I have actually tried to package https://github.com/sailfishos/openssl for 3.4, and partially succeeded (results hidden in my home on OBS), - from these attempts I fully understand why upstream doesn’t want to deal with OpenSSL 1.0 any more.