a follow up: * Retiring OpenSSL 1.0 will take place here: https://archlinux.org/todo/openssl-10-retirement/ This wont affect the 1.1 -> 3.0 transition though. * I have placed an openssl-1.1 package into [staging] that should make it easier to migrate as it provides the 1.1 version of libcrypto.so and libssl.so * The idea was to have openssl-3.0 depend on that at first to make the transition more seamless. I still need to solve the bootstrap issue though.
As this is going to be a massive rebuild we should plan a time frame when to do this and avoid any other rebuilds. ATM there are more than 700 packages in our staging repos. - Pierre On Mon, Dec 6, 2021 at 6:41 PM Pierre Schmitz <pie...@archlinux.de> wrote: > > just a small update: This is going to be a little more complicated and > I suggest we tackle this at the beginning of next year. I got some > very helpful feedback from our community (Thanks a lot loqs). > * We might be able to drop version 1.0 (which is no longer maintained > by upstream anyway). packages that only work with 1.0 should be > dropped imho. > * We are going to need to provide 1.1 for a couple of packages > (hopefully not for long) > * We are going to have to solve the bootstrap issue with pacman. I > guess by either linking it statically, make it depend on the 1.1 > package at first > > Greetings, > > Pierre > > On Sat, Nov 6, 2021 at 10:32 AM Pierre Schmitz <pie...@archlinux.de> wrote: > > > > Hi Jelle, (also forwarding to dev-public) > > > > definitely yes, OpenSSL 3.0 is on my wish list! :-) > > > > I did not want to jump on it at day one though. Even the last minor > > updates were quite painful and we still have packages requiring > > version 1.0 and are still not compatible with 1.1. > > > > While they claim that most packages should work with a recompile, it > > would be nice to actually know which packages are not compatible. This > > should help whether we need another compatibility package are would be > > able to just replace openssl 1.1 with version 3. > > > > I know about foutrelis' awesome rebuilder script, but I wonder if we > > have something similar that I just could run for half a day to get an > > idea which package would break and which wont? Like a dry run that > > wont commit anything. If no such thing exists yet, I might have a look > > myself. > > > > Greetings, > > > > Pierre > > > > On Wed, Nov 3, 2021 at 9:14 PM Jelle van der Waa <je...@vdwaa.nl> wrote: > > > > > > Hi Pierre, > > > > > > Shall we start an openssl 3.0 rebuild soon? Fedora/Debian/Alpine seens > > > to have already started. > > > > > > https://fedoraproject.org/wiki/Changes/OpenSSL3.0 > > > > > > Greetings, > > > > > > Jelle > > > > > > > > -- > > Pierre Schmitz, https://pierre-schmitz.com > > > > -- > Pierre Schmitz, https://pierre-schmitz.com -- Pierre Schmitz, https://pierre-schmitz.com
