[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OpenSSL 1.1.0

On sábado, 11 de junio de 2016 2:30:37 P. M. ART Kurt Roeckx wrote:
> Hi,
> The release of OpenSSL 1.1.0 is getting nearer.  Some packages
> will no longer build with the new version without changes.  Most
> of those changes should be trivial, like you can't allocate some
> structures on the stack anymore and need to use the correct _new()
> and _free() function.

>    qt4-x11 (U)
>    qtbase-opensource-src (U)

I'm afraid this are not good news from the Qt side.

= Qt 4

Qt 4 is dead upstream, so we have two choices:

- Someone to come up with a patch.
- Remove libSSL usage, causing a nightmare for many Qt4-based apps that are 
still in the archive.

I have learned the Qt does a heavy usage of libSSL, so porting might not be 
trivial. For whatever of the two possible choices above I would not mind going 
ahead with them for Buster, but for Stretch I think it's too late. Even if we 
had a patch I would really want some time to let users check everything works 
as expected, and we are currently have less than 6 months already :-/

= Qt 5

The Qt 5 situation is similar, except releasing Qt5 without ssl support is, 
I'm afraid, a non-go. The Qt upstream in charge of the ssl code said he 
*might* probably have libssl 1.1.0 support ready for 5.8 [note] which will 
happen too [late] for releasing Stretch. Having a non-official patch might be 
doable, but we still need someone to code it and time to test it. Again, with 
the current Stretch time frame, I don't think that's doable.

[note] It's worth to note that he is not working on simply adapting the new 
code but a complete rewrite of the SSL usage in Qt, so even if we had a patch 
I don't think we could have him reviewing it in the short time.

[late] End of year as early.

Thanks to Sune Vuorela for asking upstream about this :)

Evite los parámetros estáticos. Si son inevitables, haga que el emisor
y el receptor negocien un valor.
  Andrew S. Tanenbaum, de su libro "Computer Networks"

Lisandro Damián Nicanor Pérez Meyer

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: