[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#828236: [Pkg-openssl-devel] Bug#844160: openssl 1.1 and apache2

On Wed, Nov 16, 2016 at 08:36:49PM +0100, Kurt Roeckx wrote:
> On Mon, Nov 14, 2016 at 03:06:44PM -0800, Russ Allbery wrote:
> > Stefan Fritsch <sf@debian.org> writes:
> > 
> > > I must admit that I did not think of php when doing that change, sorry. 
> > 
> > > On the other hand, shibboleth-sp2 also build-depends on apache2-dev and there 
> > > have been some indications that shibboleth won't be switching to openssl 1.1 
> > > for stretch. See https://lists.debian.org/debian-release/2016/11/msg00024.html
> > 
> > It turns out that Shibboleth will be okay if Apache goes to 1.1.  The
> > Shibboleth code that goes into Apache is isolated from the OpenSSL use
> > inside Shibboleth, so we can keep building Shibboleth against 1.0 and
> > Apache can go to 1.1 and all the pieces are happy.  (The OpenSSL work is
> > done in a separate daemon, shibd, that the Apache module talks to.)
> So I looked at apache2-dev to see why it depends on libssl-dev.
> The only thing I can find is that mod_ssl_openssl.h provides some
> hooks, and you actually get SSL_CTX * and SSL * in there. But
> nothing in Debian seems to include that file.


Where is that dependency on the same OpenSSL version coming from?

> Kurt



       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

Reply to: