Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-12-06 Thread Ferenc Wágner
Sam Hartman writes: > can we (Debian) support SSL 1.1 with Shibboleth? > That is, are the patches something you're comfortable integrating as > Debian? I haven't seen the latest iteration of the Santuario compatibility patches yet. Judging by the earlier glimpses, they are

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-12-05 Thread Sam Hartman
So, can we (Debian) support SSL 1.1 with Shibboleth? That is, are the patches something you're comfortable integrating as Debian?

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-12-04 Thread Cantor, Scott
On 12/4/16, 4:00 PM, "Ferenc Wagner,,, on behalf of Ferenc Wágner" wrote: > Sure you did, and nobody blames you (I hope my mail didn't come through > like that). No, it didn't. Didn't Debian at one time support simultaneous installation of libcurl built on both NSS and

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-12-04 Thread Ferenc Wágner
"Cantor, Scott" writes: > Didn't Debian at one time support simultaneous installation of libcurl > built on both NSS and OpenSSL? It still does. > Can't they just provide a libcurl for both OpenSSL versions, with > appropriate naming changes? I think that would be possible,

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-12-04 Thread Ferenc Wágner
"Cantor, Scott" writes: > On 12/4/16, 11:09 AM, wf...@niif.hu wrote: > >> I can't see any conclusion in the OpenSSL 1.1 thread on debian-devel, >> but we're running out of time. We can't keep XMLTooling at OpenSSL >> 1.0, because libcurl uses 1.1, but we can't switch to 1.1

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-12-04 Thread Cantor, Scott
On 12/4/16, 11:09 AM, "Pkg-shibboleth-devel on behalf of Ferenc Wágner" wrote: > I can't see any conclusion in the OpenSSL 1.1 thread on debian-devel, >but we're running out of time. We can't

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-12-04 Thread Ferenc Wágner
Russ Allbery writes: > wf...@niif.hu (Ferenc Wágner) writes: > >> Just adding that Shibboleth itself is also problematic, because >> XMLTooling, which is incompatible with OpenSSL 1.1, uses libcurl, >> which already switched to OpenSSL 1.1. So switching xml-security-c >> to

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-11-15 Thread Bernd Zeimetz
hi, so as it seems either my mirror was lagging or my cowbuilder failed on the update - but with the recent upload of libxml-security-c-dev using 1.0 I can build open-vm-tools. which will work for now - as long as no other dependency hell will arise. best regards, bernd -- Bernd Zeimetz

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-11-14 Thread Cantor, Scott
> It's worth noting that Apache also requires OpenSSL 1.0, which may also > affect what the Shibboleth stack can link against. No, that code is isolated into shibd, mod_shib doesn't link to it. That was deliberate of course, for exactly this reason. There are edge cases. If you link Xerces to

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-11-14 Thread Russ Allbery
wf...@niif.hu (Ferenc Wágner) writes: > Just adding that Shibboleth itself is also problematic, because > XMLTooling, which is incompatible with OpenSSL 1.1, uses libcurl, which > already switched to OpenSSL 1.1. So switching xml-security-c to OpenSSL > 1.0 did not actually solve the problem for

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-11-14 Thread Ferenc Wágner
Russ Allbery writes: > Bernd Zeimetz writes: > >> unfortunately your decision to depend on libssl1.0-dev breaks the build >> open-vm-tools as most other build-dependencies decided to migrate to >> the new openssl version. > >> I know that shibboleth is the

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-11-13 Thread Russ Allbery
Bernd Zeimetz writes: > unfortunately your decision to depend on libssl1.0-dev breaks the build > open-vm-tools as most other build-dependencies decided to migrate to > the new openssl version. > I know that shibboleth is the issue, but the current situation breaks >

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

2016-11-13 Thread Bernd Zeimetz
Package: libxml-security-c-dev Version: 1.7.3-4 Severity: serious Hi, unfortunately your decision to depend on libssl1.0-dev breaks the build open-vm-tools as most other build-dependencies decided to migrate to the new openssl version. I know that shibboleth is the issue, but the current