On Tue, Sep 4, 2018 at 6:49 PM, Khem Raj <raj.k...@gmail.com> wrote: > On Tue, Sep 4, 2018 at 3:58 PM <richard.pur...@linuxfoundation.org> wrote: >> >> On Tue, 2018-09-04 at 13:43 -0700, Khem Raj wrote: >> > I pointed this earlier before merge as well >> > meta-openembedded has 40 odd recipes failing due to openssl 1.1 >> > upgrade >> >> Sorry, I think I missed something somewhere as I thought the >> indications were the bigger problems like qt5 were working now :/. >> >> > http://errors.yoctoproject.org/Errors/Build/67457/?page=2&limit=50 >> > >> > so obvious fix was to keep them pinned to openssl10 and i created >> > couple of fixes >> > to start >> > >> > https://patchwork.openembedded.org/patch/154517/ >> > https://patchwork.openembedded.org/patch/154516/ >> > >> > and the effects are showing up where sysroot task now starts to fail >> > for dependent >> > recipes here >> > >> > http://errors.yoctoproject.org/Errors/Details/190427/ >> > http://errors.yoctoproject.org/Errors/Details/190433/ >> > >> > in meta-oe certain recipes can be upgraded and we can get openssl 1.1 >> > support >> > but others like the two examples I cited above do not have openSSL >> > 1.1 port. >> > so I think we can not live without openSSL 1.0 and OpenSSL 2.0 being >> > able to >> > co-exist. >> >> The latter link is php 7.2 which should have openssl 1.1 support >> (https://bugs.php.net/bug.php?id=72360). >> >> For the former, libgdata doesn't have an openssl depends so I guessed >> at liboauth pulling it in which does have an openssl 1.1 patch at: >> https://github.com/x42/liboauth/issues/9 >> > > Thanks for pointers and they do help. However IMO the problem that > Martin decribed > is going to be a real blocker. Unless we can provide a solution to let > both openssl versions > coexist, this change is going to be problematic since we maintain > several old recipes which > would have to be fixed for openssl 1.1 and this can take time, right > now we are only seeing > meta-openembedded layers, we don't even know all other layers which > might get into similar > issues.
To be clear, the issue is ( foo depends on openssl 1.1 and bar ) and ( bar depends on openssl 1.0 ), right? Anyway, just for reference, it looks like Debian is packaging both openssl 1.0 and 1.1: https://packages.debian.org/source/sid/openssl1.0 https://packages.debian.org/source/sid/openssl In the case of liboauth, they avoid to need to patch by configuring liboauth to build with nss instead of openssl. -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
