Sebastian Andrzej Siewior: > On 2017-01-22 07:37:00 [+0000], Niels Thykier wrote: >> [...] >>> I would suggest to drop the the libssl1.0-dev dep in libsnmp-dev and add >>> a guard cert_util.h to ensure openssl's version is less than 1.1.0 in >>> case someone tries to use this on its own. >> >> The header file is used internally by snmp, so this change implies >> upgrading snmp to ssl1.1. All in all, we need to: >> >> * Apply the patch in #828449 > Haven't look at it yet but if the patch was already blessed then maybe I > don't have to :) >
The guard, you proposed, is using 1.0.2, so this patch will be unnecessary (guess I misunderstood your original intention). But the end result should be the same. :) >> * Remove "libssl1.0-dev | libssl-dev (<< 1.1)" from Depends and add a >> "libssl-dev" to Suggests in the the "-dev" package? >> >> * Add an "#if"-guard rejecting ssl1.0 in the cert_util.h file. >> (Can you provide me with an example/patch for the guard?) > > I attached a debdiff I did for testing against 1.0.2. It contains the > guard and the removal of -lcrypto from part of its exported cflags. > [...] > Thanks for the extensive testing! :) > Waiting for further instructions. > >[...] I will do an NMU tonight with these changes and the -pie ones from the other bug. Thanks, ~Niels