Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

[Cantor, Scott]

> It's worth noting that Apache also requires OpenSSL 1.0, which may also
> affect what the Shibboleth stack can link against.

No, that code is isolated into shibd, mod_shib doesn't link to it. That was deliberate of course, for exactly this reason.

There are edge cases. If you link Xerces to libcurl as a netaccessor, that can link in openssl and impact mod_shib. Otherwise, not generally.

-- Scott