Bug#828236: [Pkg-openssl-devel] Bug#844160: openssl 1.1 and apache2
On Wed, Nov 16, 2016 at 08:36:49PM +0100, Kurt Roeckx wrote:
> On Mon, Nov 14, 2016 at 03:06:44PM -0800, Russ Allbery wrote:
> > Stefan Fritsch <email@example.com> writes:
> > > I must admit that I did not think of php when doing that change, sorry.
> > > On the other hand, shibboleth-sp2 also build-depends on apache2-dev and there
> > > have been some indications that shibboleth won't be switching to openssl 1.1
> > > for stretch. See https://lists.debian.org/debian-release/2016/11/msg00024.html
> > It turns out that Shibboleth will be okay if Apache goes to 1.1. The
> > Shibboleth code that goes into Apache is isolated from the OpenSSL use
> > inside Shibboleth, so we can keep building Shibboleth against 1.0 and
> > Apache can go to 1.1 and all the pieces are happy. (The OpenSSL work is
> > done in a separate daemon, shibd, that the Apache module talks to.)
> So I looked at apache2-dev to see why it depends on libssl-dev.
> The only thing I can find is that mod_ssl_openssl.h provides some
> hooks, and you actually get SSL_CTX * and SSL * in there. But
> nothing in Debian seems to include that file.
Where is that dependency on the same OpenSSL version coming from?
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed