Hi all, I have prepared a openssl-3.0 and 1.1 packages with the bootstrapped dependencies. In addition to this there is a hopefully complete todo list: https://archlinux.org/todo/openssl-30/ containing about 500 packages.
Next steps: 1) Let's agree on a time window where no other rebuild can take place within our staging repos. How about at least the first two weeks in February? 2) I guess we have to at least build the core and toolchain packages manually. (*) Hopefully we may automate everything else. If you like to take a look: [openssl] Server = https://repo.pierre-schmitz.com/$repo/os/$arch Important: Only use this to check building packages within a chroot. Installing this on a system will break it. *) libarchive already fails \o/; but hopefully this unit test can be ignored: https://github.com/libarchive/libarchive/issues/1596 On Sat, Jan 8, 2022 at 10:24 PM Pierre Schmitz <pie...@archlinux.de> wrote: > > a follow up: > > * Retiring OpenSSL 1.0 will take place here: > https://archlinux.org/todo/openssl-10-retirement/ This wont affect the > 1.1 -> 3.0 transition though. > * I have placed an openssl-1.1 package into [staging] that should make > it easier to migrate as it provides the 1.1 version of libcrypto.so > and libssl.so > * The idea was to have openssl-3.0 depend on that at first to make the > transition more seamless. I still need to solve the bootstrap issue > though. > > As this is going to be a massive rebuild we should plan a time frame > when to do this and avoid any other rebuilds. ATM there are more than > 700 packages in our staging repos. > > - Pierre > > On Mon, Dec 6, 2021 at 6:41 PM Pierre Schmitz <pie...@archlinux.de> wrote: > > > > just a small update: This is going to be a little more complicated and > > I suggest we tackle this at the beginning of next year. I got some > > very helpful feedback from our community (Thanks a lot loqs). > > * We might be able to drop version 1.0 (which is no longer maintained > > by upstream anyway). packages that only work with 1.0 should be > > dropped imho. > > * We are going to need to provide 1.1 for a couple of packages > > (hopefully not for long) > > * We are going to have to solve the bootstrap issue with pacman. I > > guess by either linking it statically, make it depend on the 1.1 > > package at first > > > > Greetings, > > > > Pierre > > > > On Sat, Nov 6, 2021 at 10:32 AM Pierre Schmitz <pie...@archlinux.de> wrote: > > > > > > Hi Jelle, (also forwarding to dev-public) > > > > > > definitely yes, OpenSSL 3.0 is on my wish list! :-) > > > > > > I did not want to jump on it at day one though. Even the last minor > > > updates were quite painful and we still have packages requiring > > > version 1.0 and are still not compatible with 1.1. > > > > > > While they claim that most packages should work with a recompile, it > > > would be nice to actually know which packages are not compatible. This > > > should help whether we need another compatibility package are would be > > > able to just replace openssl 1.1 with version 3. > > > > > > I know about foutrelis' awesome rebuilder script, but I wonder if we > > > have something similar that I just could run for half a day to get an > > > idea which package would break and which wont? Like a dry run that > > > wont commit anything. If no such thing exists yet, I might have a look > > > myself. > > > > > > Greetings, > > > > > > Pierre > > > > > > On Wed, Nov 3, 2021 at 9:14 PM Jelle van der Waa <je...@vdwaa.nl> wrote: > > > > > > > > Hi Pierre, > > > > > > > > Shall we start an openssl 3.0 rebuild soon? Fedora/Debian/Alpine seens > > > > to have already started. > > > > > > > > https://fedoraproject.org/wiki/Changes/OpenSSL3.0 > > > > > > > > Greetings, > > > > > > > > Jelle > > > > > > > > > > > > -- > > > Pierre Schmitz, https://pierre-schmitz.com > > > > > > > > -- > > Pierre Schmitz, https://pierre-schmitz.com > > > > -- > Pierre Schmitz, https://pierre-schmitz.com -- Pierre Schmitz, https://pierre-schmitz.com
