On Fri, Jan 13, 2017 at 07:31:03PM +0100, Bernhard Schmidt wrote: > Hi, > > > Your package is failing to build with openss 1.1: > > checking for OpenSSL library... no > > yes > > checking for using OpenSSL for hash functions... no > > [...] > > checking for OpenSSL library... using OpenSSL from /usr/lib and /usr/include > > checking whether linking with OpenSSL works... yes > > [...] > > configure: error: OpenSSL has unsupported dynamic loading > > no > > [...] > > BIND 9 is being built without cryptography support. This means it will > > not have DNSSEC support. Use --with-openssl, or --with-pkcs11 and > > --enable-native-pkcs11 to enable cryptography. > > src:bind9 still fails to rebuild in unstable. I understand that you > would not want to import a large patch for this, so please switch > build-deps to libssl1.0-dev for stretch.
Upstream has actually added a patch for this already in the stable branch as far as I know, so I expect this to actually have been fixed in 9.10.4-P5. That being set, it's not using libssl, so either solution is fine for me. Kurt