On Friday, 18 November 2016 01:09:53 CET Adrian Bunk wrote: > On Thu, Nov 17, 2016 at 11:18:57PM +0100, Stefan Fritsch wrote: > > On Thursday, 17 November 2016 21:39:19 CET Kurt Roeckx wrote: > > > > That header was created for mod_ssl_ct which provides support for > > > > certificate transparency. It's quite new and likely that nothing else > > > > uses the header. It would probably be acceptable to remove the > > > > dependency > > > > in apache2-dev on libssl-dev and add a caveat to the README.Debian. I > > > > could also not install the header, or put it into a separate new > > > > package > > > > that depends on libssl-dev. > > > > > > So can you confirm that the only reason for the libssl-dev > > > depedency is that file? > > > > Yes. > > What does create the dependency in > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828330#16 > ?
By including its own copy of ssl_private.h from the apache source (not installed in apache2-dev). Urgh. /* * After 2.0.49, Apache mod_ssl has most of the mod_ssl structures defined * in ssl_private.h, which is not installed along with httpd-devel (eg in * the FC2 RPM.) This include file provides SIMPLIFIED structures for use * by mod_gridsite: for example, pointers to unused structures are replaced * by void * and some of the structures are truncated when only the early * members are used. * * CLEARLY, THIS WILL BREAK IF THERE ARE MAJOR CHANGES TO ssl_private.h!!! */ That's very ugly. So, not installing mod_ssl_openssl.h or a caveat in README.Debian would not help. But putting it into a separate apache2-mod_ssl-dev package with the proper mod_ssl dependency would still work. gridsite would then need to build-dep on that package and (AFAICS) php does not do the same ugly tricks and would be unaffected by the dependency on libssl1.0-dev.