[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#995636: transition: openssl

Hi

On 2022-05-27 15:36:53 +0200, Kurt Roeckx wrote:
> On Thu, May 26, 2022 at 06:26:57PM +0200, Sebastian Ramacher wrote:
> > 
> > That leaves #1011051. What's your view on that bug?
> 
> So my understanding is that 1.1.1 doesn't understand the new
> configuration file and tries to load an engine (instead of a
> provider).
> 
> We could ship a file that's comptabile with 1.1.1. That would make it
> a little bit harder to load some providers by default, but maybe that's
> something you want to do per application anyway.

If that works, let's do that.

Otherwise I'd fear that the only other options are openssl breaking
libssl1.1 or renaming /etc/ssl/openssl.cnf to have a version specific
name. Given the high number reverse dependencies involved in this
transition (and also those depending on bin:openssl), I'd prefer to
avoid a Breaks that could have the potential to force the libssl1.1 ->
libssl3 upgrade to be more of a lockstep transition than needed.

Best
Sebastian
-- 
Sebastian Ramacher
Reply to: