Bug#844160: openssl 1.1 and apache2

[Russ Allbery]

Stefan Fritsch <sf at debian.org> writes:

> I must admit that I did not think of php when doing that change, sorry. 

> On the other hand, shibboleth-sp2 also build-depends on apache2-dev and there 
> have been some indications that shibboleth won't be switching to openssl 1.1 
> for stretch. See https://lists.debian.org/debian-release/2016/11/msg00024.html

It turns out that Shibboleth will be okay if Apache goes to 1.1.  The
Shibboleth code that goes into Apache is isolated from the OpenSSL use
inside Shibboleth, so we can keep building Shibboleth against 1.0 and
Apache can go to 1.1 and all the pieces are happy.  (The OpenSSL work is
done in a separate daemon, shibd, that the Apache module talks to.)

(Not that this solves all the problems, but just FYI.)

-- 
Russ Allbery (rra at debian.org)               <http://www.eyrie.org/~eagle/>