[DRE-maint] Proposed (lib)curl switch to openssl 1.1
Chris Hofstaedtler
zeha at debian.org
Sun Nov 26 17:57:52 UTC 2017
Hey,
I've had a quick look at ruby-curb's rdepends, and while it does
appear expose CURLOPT_SSL_CTX_* (see #1), opennebula does not
appear to use that.
I'm also unsure on how providing a ruby function in there would even
work.
* Ian Jackson <ijackson at chiark.greenend.org.uk> [171125 10:30]:
[..]
> We really need to migrate libcurl to openssl 1.1. This is #858398,
> which has not seen activity from any libcurl maintainers.
[..]
> 1. libcurl exposes parts of the openssl ABI, via
> CURLOPT_SSL_CTX_FUNCTION, and this would be an implicit ABI break
> without libcurl soname change. This is not good, but it seems like
> the alternative would be to diverge our soname from everyone else's
> for the same libcurl.
>
> 2. For the reason just mentioned, it might be a good idea to put in a
> Breaks against old versions of packages using
> CURLOPT_SSL_CTX_FUNCTION. However, (a) I am not sure if this is
> actually necessary (b) in any case I don't have a good list of all
> the appropriate versions (c) maybe this would need coordination.
I don't think any of that makes sense for ruby-curb.
In a later stage of the release cycle there will be a ruby
transition anyway, which will also include a rebuild of ruby-curb.
Thanks for the heads up.
Chris
More information about the Pkg-ruby-extras-maintainers
mailing list