On 2017-02-22 00:46:56 [+0100], Emilio Pozuelo Monfort wrote: > > There are 78 packages in the unkown state. The first few I looked could > > actually have their libssl-dev dependency dropped. khtml is the first > > one which looked wrong. I will open a bug about that later. I didn't get > > any further yet. > > Thanks. Investigating the rest would be good. I guess most of those are just > for > build-depends, but if there are any with bad depends (e.g. some -dev package > unnecessarily depending on libssl*-dev) it'd be good to fix that for stretch, > because of the conflicting libssl dev packages.
We shouldn't have any of those FTBFS in archive so I guess you mean something outside of the archive. Anyway, if I find something I will act. > Sounds like things are under control now. The concern of -dev packages not > being > co-installable is a valid one, but I guess we'll have to live with that. Both openssl versions provide .pc files. So we could keep 1.1 as-is and force the libssl1.0-dev users to use what the .pc file(s) says which would include a different lib to link (say -lssl-1.0) and a different spot for the header files. We have 148 1.0 packages and 437 using 1.1 right now. That means we would have to touch 148 packages for that (and most packages I touched did not use the .pc file). I'm not sure it is worth it. Also having them not co-installable minimizes the risk that someone tries to pass openssl's struct from one package to the other. > Thanks, > Emilio Sebastian
