On Tue, Sep 4, 2018 at 1:35 PM Richard Purdie <richard.pur...@linuxfoundation.org> wrote: > > On Tue, 2018-09-04 at 21:12 +0200, Martin Jansa wrote: > > On Tue, Aug 28, 2018 at 12:23 PM Alexander Kanavin <alex.kanavin@gmai > > l.com> wrote: > > > From: Alexander Kanavin <alexander.kana...@linux.intel.com> > > > > > > I believe the time has come to do this: openssl 1.0 upstream > > > support stops at the end > > > of 2019, and we do not want a situation where a supported YP > > > release contains an > > > unsupported version of a critical security component. > > > > > > Openssl 1.0 can still be utilized by depending on 'openssl10' > > > recipe. > > > > This still isn't true for most recipes, as long as there is something > > depending on openssl in the dependency tree, it will > > cause do_prepare_recipe_sysroot failures like last time > > > > ERROR: The file /usr/lib/libssl.so is installed by both openssl10 and > > openssl, aborting > > DEBUG: Python function extend_recipe_sysroot finished > > DEBUG: Python function do_prepare_recipe_sysroot finished > > ERROR: Function failed: extend_recipe_sysroot > > > > From 15 failures caused by openssl-1.1 detected in my builds, just > > changing DEPENDS from openssl to openssl10 didn't help in any case. > > That isn't good news. Do you have an idea of which components are in > the dependency chains and if any of them are common? It'd also be > useful to understand which ones are breaking... >
I pointed this earlier before merge as well meta-openembedded has 40 odd recipes failing due to openssl 1.1 upgrade http://errors.yoctoproject.org/Errors/Build/67457/?page=2&limit=50 so obvious fix was to keep them pinned to openssl10 and i created couple of fixes to start https://patchwork.openembedded.org/patch/154517/ https://patchwork.openembedded.org/patch/154516/ and the effects are showing up where sysroot task now starts to fail for dependent recipes here http://errors.yoctoproject.org/Errors/Details/190427/ http://errors.yoctoproject.org/Errors/Details/190433/ in meta-oe certain recipes can be upgraded and we can get openssl 1.1 support but others like the two examples I cited above do not have openSSL 1.1 port. so I think we can not live without openSSL 1.0 and OpenSSL 2.0 being able to co-exist. -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
