[Pkg-openssl-devel] Bug#926315: Bug#926315: openssl: wget https://google.com fails in d-i

Kurt Roeckx kurt at roeckx.be
Wed Apr 3 21:26:02 BST 2019


On Wed, Apr 03, 2019 at 10:03:13PM +0200, Sebastian Andrzej Siewior wrote:
> On 2019-04-03 11:14:54 [+0100], Dimitri John Ledkov wrote:
> > $ wget https://google.com
> > 
> > fails in Buster alpha installer, when used from a booted netinst iso
> > in a tty. It also means that fetch-url fails, and thus one cannot use
> > https preseeding.
> > 
> > A fix/workaround, is $ touch /usr/lib/ssl/openssl.cnf it appears that
> > openssl requires for that file to be present, and it cannot be a
> > dangling symlink. However, in udeb environment such file does not
> > exists. I guess that maybe libssl1.1-udeb should ship an empty
> > openssl.cnf there, or ship the regular deb's /etc/ssl/openssl.cnf in
> > /usr/lib/ssl/openssl.cnf in the udeb.
> 
> interresting.
> Kurt: should we provide the openssl.cnf and move it from openssl to
> libssl1.1 as well or should we rather treat the missing openssl.cnf as
> okay?

I think shipping it in the libssl1.1 .deb is going to complicate
upgrades, so I rather not do that. I don't see a problem doing it
in the .udeb.

I'm not sure why not having the config file causes problems. I
think it should be possible to run without config file, so I would
at least like to know first why it fails.


Kurt



More information about the Pkg-openssl-devel mailing list