>
> Hi all,
>
> As some of you might have surmised, we're planning to move to OpenSSL
> 3.0 [0] for 22.04. This new major release brings of course some new
> things, but also breaks API and ABI.
If/when we get to 3.0, please do let upstream systemd know, as Ubuntu
is the last blocker holding up the transition from gcrypt over to
openssl in systemd.
https://github.com/systemd/systemd/pull/14743#issuecomment-748078464
>
> We intend to update the openssl package to 3.0.0 as soon as possible in
> the 22.04 cycle, provided that all the build-rdepends of libssl-dev in
> main are ready for the transition. You'll find at [1] the latest test
> rebuild, where you'll find that around 35 rdeps from main, and ~180
> packages from universe fail to build. This test build has been done in
> the PPA schopin/openssl-3.0.0 [2], which you can use to test your
> packages against.
>
> If you'd like to help out (please do ;-)), I've started filing bugs
> against the various packages that fail, using the tag
> 'transition-openssl3-jj' [3] to track it all. Please use this tag when
> working on this issue. You'll find resources to migrate codebases from
> 1.1 in the OpenSSL man pages[4].
>
> As stated, the transition should only take place if main is ready for
> it. As far as universe is concerned, in an ideal world all the 180
> packages above would be fixed in time for the release. However, if not
> so, we'll either remove the package from the release or, if *really*
> necessary, would introduce a compatibility openssl-1.1 package. The
> latter option is of course highly undesirable.
>
> When we'll upload the new version of openssl to the archive, existing
> packages should still be installable as the binaries for libssl1.1 will
> be kept around as long as they're depended on. However, the autopkgtests
> of packages lagging in the transition, or even of their rdeps, might
> start to fail if they build the tests during the autopkgtests. If that's
> the case, you might want to get the package rebuilt against OpenSSL3 and
> rerun the tests with all-proposed=1.
>
> Cheers,
> Simon Chopin
>
> [0]: https://www.openssl.org/blog/blog/2021/09/07/OpenSSL3.Final/
> [1]: https://people.canonical.com/~schopin/rebuilds/openssl-3.0.0-impish.html
> [2]: https://launchpad.net/~schopin/+archive/ubuntu/openssl-3.0.0
> [3]: https://bugs.launchpad.net/ubuntu/+bugs?field.tag=transition-openssl3-jj
> [4]: https://www.openssl.org/docs/manmaster/man7/migration_guide.html
>
> --
> ubuntu-devel mailing list
> ubuntu-devel@lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
