[OE-core] openssl: OpenSSL 1.1.x update
Alexander Kanavin
alexander.kanavin at linux.intel.com
Tue Dec 13 16:00:24 UTC 2016
On 10/06/2016 06:39 PM, Mark Hatle wrote:
>>> The OpenSSL community itself is looking at 1.1.0 as a transition to newer and
>>> better design/api/etc... which is why it is not marked as a LTS release.
>>
>> api changes can be a bothersome point from integration POV, do we know if there
>> are some forwarded porting incompatibilities in APIs already?
>
> I have not investigated it, as my focus has been on the LTS version at this point.
I've quickly put together a openssl 1.1 recipe to test what builds and
what fails in oe-core, and this is the list of failures (any
dependencies of these aren't even attempted of course, i.e. webkit):
rpm
apr-util
ruby
openssh
bind
socat
mailx (I believe debian provides a rewrite of this one which we need to
package)
cryptodev-tests
u-boot-mkimage
Openssl does not seem to be designed for parallel installation of
several major versions at the same time (headers and pkg-config files
clash), so (unless someone has a better idea), we need to either wait
until the above listed upstreams fix their code, or do custom patching.
Mark, when can we expect rpm updates from Wind River? It's been a while
(actually, 10 months) since anything substantial arrived. I'd like to
have both a working CVS recipe (for dnf oe-core integration work), and
an update to the stable release with openssl 1.1 support in it - so that
oe-core can provide openssl 1.1. I simply do not have the bandwidth or
the expertise to do this work myself - far too many patches to rebase,
and a code base that I don't even begin to understand.
Alex
More information about the Openembedded-core
mailing list