On So, 2016-09-24 at 00:52 +0100, David Woodhouse wrote:
> On Tue, 2016-09-20 at 11:37 +0200, Tomas Mraz wrote:
> >
> > Well... we certainly need to port it sooner or later although I
> > understand that effort will be quite non-trivial.
> You mean port libp11? That's already working against OpenSSL 1.1,
> isn't
> it? We just need to ensure we can ship a version of libp11 — or at
> least the engine — for both OpenSSL 1.1 and OpenSSL 1.0.2, if we're
> going to ship them both in parallel.
Ah, that's a good news. I did not get to try to rebuild it against
OpenSSL1.1 yet.
My current plan is to not ship such engine-pkcs11 package. We should
try to move everything to OpenSSL 1.1 and ship the 1.0.2 only as a
compat package for third party binaries without -devel and any extra
bells and whistles. It would be also temporarily used in Rawhide so it
is installable but for that I think we can live with temporarily
breaking PKCS#11 uri support.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though.)
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
