On Sun, 26 Jun 2016, Axel Beckert wrote:
> Hi Mikulas, > > I think that's something which needs to be looked at upstream anyway. > So if you come up with a patch, I'll happily test it. > > ----- Forwarded message from Kurt Roeckx <k...@roeckx.be> ----- > Date: Sun, 26 Jun 2016 12:22:53 +0200 > From: Kurt Roeckx <k...@roeckx.be> > To: sub...@bugs.debian.org > Subject: Bug#828422: links2: FTBFS with openssl 1.1.0 > Reply-To: Kurt Roeckx <k...@roeckx.be>, 828...@bugs.debian.org > > Source: links2 > Version: 2.12-2 > Severity: important > Control: block 827061 by -1 > > Hi, > > OpenSSL 1.1.0 is about to released. During a rebuild of all packages using > OpenSSL this package fail to build. A log of that build can be found at: > https://breakpoint.cc/openssl-1.1-rebuild-2016-05-29/Attempted/links2_2.12-2_amd64-20160529-1446 > > On https://wiki.openssl.org/index.php/1.1_API_Changes you can see various of > the > reasons why it might fail. There are also updated man pages at > https://www.openssl.org/docs/manmaster/ that should contain useful > information. > > There is a libssl-dev package available in experimental that contains a recent > snapshot, I suggest you try building against that to see if everything works. > > If you have problems making things work, feel free to contact us. > > > Kurt > ----- End forwarded message ----- > > Regards, Axel > -- > ,''`. | Axel Beckert <a...@debian.org>, http://people.debian.org/~abe/ > : :' : | Debian Developer, ftp.ch.debian.org Admin > `. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 > `- | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE Hi I will release Links 2.13 soon, that will fix this problem. If you need a quick fix, simply delete these lines from the file https.c: if (SSL_get_ssl_method(ssl) == SSLv2_client_method()) return S_INSECURE_CIPHER; BTW. links verifies ssl certificates (since version 2.11), so it should depend on the "ca-certificates" package. You can add it to the "Recommends" field, or maybe as a mandatory dependency. OpenSSL 1.0.2h in Debian Sid is compiled with SSLv2_client_method enabled and SSLv3_client_method disabled. Is it a configuration error? Why would anyone want to enable SSL2 and disable SSL3? I suppose that the older protocols should be disabled and newer protocols enabled. Mikulas