On Tue, Sep 4, 2018 at 9:08 PM Andre McCurdy <armccu...@gmail.com> wrote: > > On Tue, Sep 4, 2018 at 6:49 PM, Khem Raj <raj.k...@gmail.com> wrote: > > On Tue, Sep 4, 2018 at 3:58 PM <richard.pur...@linuxfoundation.org> wrote: > >> > >> On Tue, 2018-09-04 at 13:43 -0700, Khem Raj wrote: > >> > I pointed this earlier before merge as well > >> > meta-openembedded has 40 odd recipes failing due to openssl 1.1 > >> > upgrade > >> > >> Sorry, I think I missed something somewhere as I thought the > >> indications were the bigger problems like qt5 were working now :/. > >> > >> > http://errors.yoctoproject.org/Errors/Build/67457/?page=2&limit=50 > >> > > >> > so obvious fix was to keep them pinned to openssl10 and i created > >> > couple of fixes > >> > to start > >> > > >> > https://patchwork.openembedded.org/patch/154517/ > >> > https://patchwork.openembedded.org/patch/154516/ > >> > > >> > and the effects are showing up where sysroot task now starts to fail > >> > for dependent > >> > recipes here > >> > > >> > http://errors.yoctoproject.org/Errors/Details/190427/ > >> > http://errors.yoctoproject.org/Errors/Details/190433/ > >> > > >> > in meta-oe certain recipes can be upgraded and we can get openssl 1.1 > >> > support > >> > but others like the two examples I cited above do not have openSSL > >> > 1.1 port. > >> > so I think we can not live without openSSL 1.0 and OpenSSL 2.0 being > >> > able to > >> > co-exist. > >> > >> The latter link is php 7.2 which should have openssl 1.1 support > >> (https://bugs.php.net/bug.php?id=72360). > >> > >> For the former, libgdata doesn't have an openssl depends so I guessed > >> at liboauth pulling it in which does have an openssl 1.1 patch at: > >> https://github.com/x42/liboauth/issues/9 > >> > > > > Thanks for pointers and they do help. However IMO the problem that > > Martin decribed > > is going to be a real blocker. Unless we can provide a solution to let > > both openssl versions > > coexist, this change is going to be problematic since we maintain > > several old recipes which > > would have to be fixed for openssl 1.1 and this can take time, right > > now we are only seeing > > meta-openembedded layers, we don't even know all other layers which > > might get into similar > > issues. > > To be clear, the issue is ( foo depends on openssl 1.1 and bar ) and ( > bar depends on openssl 1.0 ), right?
yes. > > Anyway, just for reference, it looks like Debian is packaging both > openssl 1.0 and 1.1: > > https://packages.debian.org/source/sid/openssl1.0 > https://packages.debian.org/source/sid/openssl > > In the case of liboauth, they avoid to need to patch by configuring > liboauth to build with nss instead of openssl. this is already taken care see http://git.openembedded.org/meta-openembedded-contrib/commit/?h=kraj/master&id=b1f87edc4202d6238c469dde358819c534b35751 but thats just one case. -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
