Bug#828608: xmltooling: FTBFS with openssl 1.1.0

Cantor, Scott cantor.2 at osu.edu
Wed Nov 9 22:19:35 UTC 2016


On 11/9/16, 4:51 PM, "Kurt Roeckx" <kurt at roeckx.be> wrote:

>  This is curl_header_hook(). It's not related to any of the that has to do with SSL,
>  and just uses it to print some debug info.

Yes, that's true, but the only OpenSSL function called there was still a public API, AFAIK. I don't recall us having to change that code as part of the initial porting work, but I haven't been intimately involved in it.

>    Have you looked at what needs to be done for supporting openssl 1.1.0?
>    Would it be useful to that I send a patch for it?

We have preliminary patches for all our code and for Santuario, which is just as impacted by this, if not moreso. Finishing the testing and getting all of it into place would be 2017 at the earliest, and based on the 1.0.1 EOL timeline, it could be 2018. We have very limited resources, and this is not a priority for the project. We wanted to get the work done as much as possible to limit the time crunch later when we really have to make their deadline.

Red Hat shipping 1.1 exclusively at some point probably would change my timeline.

Ferenc has all the patches, but the problem is he needs me (the only committer left to maintain xml-security-c) to get all that work done and released , and that is not time I have to spend right now. Too many moving pieces, too much change, and not enough people to do the work.

-- Scott




More information about the Pkg-shibboleth-devel mailing list