Bug#844160: marked as done (apache2-dev should depend on libssl1.0-dev)

To: Ondřej Surý <ondrej@sury.org>
Cc: Debian Bug Tracking System <844160@bugs.debian.org>, Stefan Fritsch <sf@debian.org>, openssl@packages.debian.org, Kurt Roeckx <kurt@roeckx.be>, 828236@bugs.debian.org
Subject: Bug#844160: marked as done (apache2-dev should depend on libssl1.0-dev)
From: Adrian Bunk <bunk@stusta.de>
Date: Mon, 14 Nov 2016 09:21:05 +0200
Message-id: <[🔎] 20161114072105.mb5eltv4der4oz4x@bunk.spdns.de>
Reply-to: Adrian Bunk <bunk@stusta.de>, 844160@bugs.debian.org
In-reply-to: <[🔎] 1479096225.3601693.786659417.43F3A054@webmail.messagingengine.com>
References: <E1c5tz1-000GfB-AE@fasolo.debian.org> <[🔎] 147898422154.436485.10072070525323460127.reportbug@localhost> <[🔎] handler.844160.D844160.14790404481711.ackdone@bugs.debian.org> <[🔎] 1479096225.3601693.786659417.43F3A054@webmail.messagingengine.com>

On Mon, Nov 14, 2016 at 05:03:45AM +0100, Ondřej Surý wrote:
> > Looking at mod_ssl_openssl.h and the comment in #828330,
> > I'd suggest the change below to add a dependency on libssl1.0-dev
> > to apache2-dev.
> 
> And that exactly happens meaning that PHP 7.0 can no longer be built
> unless all it's build-depends (including PHP 7.0) and rdepends move to
> libssl1.0-dev as well.
> 
> So a nice deadlock, right? To be honest I would rather have a slightly
> less tested apache2 with OpenSSL 1.1.0 and iron out the bugs as we go
> than revert all the work I have done.
> 
> I reviewed the patch Kurt has provided and I don't see any strong reason
> why anything should break.
>...

Can you guarantee that rdeps of Apache can use 1.0.2 in stretch when 
Apache itself uses 1.1?

That is the most important question here.

This is what my "mod_ssl_openssl.h and the comment in #828330"
was referring to.

The dual 1.0.2/1.1 setup for stretch can only work when any set of 
packages in the archive that needs the same OpenSSL version stays
at 1.0.2 unless *all* packages in this set are compiling and working
fine with 1.1

And since the OpenSSL version used is part of the libcurl3 ABI
(see #844018 for details), using 1.1 in stretch is anyway not
really an option for Apache/PHP in stretch.

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

Reply to:

Follow-Ups:
- Bug#828236: Bug#844160: marked as done (apache2-dev should depend on libssl1.0-dev)
  - From: Ondřej Surý <ondrej@sury.org>

References:
- Bug#844160: apache2-dev should depend on libssl1.0-dev
  - From: Adrian Bunk <bunk@stusta.de>
- Bug#844160: marked as done (apache2-dev should depend on libssl1.0-dev)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#828236: Bug#844160: marked as done (apache2-dev should depend on libssl1.0-dev)
  - From: Ondřej Surý <ondrej@sury.org>

Prev by Date: Bug#828236: Bug#844160: marked as done (apache2-dev should depend on libssl1.0-dev)
Next by Date: Bug#828236: Bug#844160: marked as done (apache2-dev should depend on libssl1.0-dev)
Previous by thread: Bug#828236: Bug#844160: marked as done (apache2-dev should depend on libssl1.0-dev)
Next by thread: Bug#828236: Bug#844160: marked as done (apache2-dev should depend on libssl1.0-dev)
Index(es):
- Date
- Thread