Re: OpenSSL 1.1.0
Ondřej Surý <firstname.lastname@example.org> writes:
> And this is happening all over places (apache2 vs php7.0) - I don't
> think we can have a partial transition. It's now all or nothing.
xml-security-c has not yet been ported to OpenSSL 1.1 upstream (which is
non-trivial), and we're now at an impasse in the Shibboleth suite because
cURL is using 1.1, but xml-security-c and Apache both need 1.0.
I agree with Ondřej: the current transition state is not releasable. We
need to figure out something else.
Russ Allbery (email@example.com) <http://www.eyrie.org/~eagle/>