On Sun, Jun 05, 2022 at 08:44:22PM +0200, Sebastian Andrzej Siewior wrote: > On 2022-06-05 19:42:43 [+0200], Sebastian Ramacher wrote: > > Hi Sebastian > Hi Sebastian, > > > > Otherwise I'd fear that the only other options are openssl breaking > > > libssl1.1 or renaming /etc/ssl/openssl.cnf to have a version specific > > > name. Given the high number reverse dependencies involved in this > > > transition (and also those depending on bin:openssl), I'd prefer to > > > avoid a Breaks that could have the potential to force the libssl1.1 -> > > > libssl3 upgrade to be more of a lockstep transition than needed. > > > > I see that there was another openssl upload. Any reason a fix for this > > issue wasn't included in the upload of 3.0.3-6? > > I wasn't aware that this is something that we want do. Kurt pointed me > to the testsuite problem which was the primary motivation for the > upload. > Regarding dovecot, Kurt wanted to make some time for it. The patch in > ubuntu is working but is a giant duct tape which is not something I > would wan to upload… > Anyway, regarding the openssl.cnf. Do we want to use openssl-3.cnf for > libssl3? We can't make opnenssl-1.1.cnf happen. The modification > openssl.cnf already happend so people need to make changes manually… > Is this the request here?
The suggestion was to make an openssl.cnf that's compatible with 1.1.1, and so remove or comment out everything related to providers. Kurt
