Received: (at 46602) by debbugs.gnu.org; 25 Feb 2021 19:01:42 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu Feb 25 14:01:41 2021 Received: from localhost ([127.0.0.1]:39347 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lFLtN-000163-Gd for submit <at> debbugs.gnu.org; Thu, 25 Feb 2021 14:01:41 -0500 Received: from mail-qt1-f176.google.com ([209.85.160.176]:37068) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <zimon.toutoune@HIDDEN>) id 1lFLtL-0000zm-Mt for 46602 <at> debbugs.gnu.org; Thu, 25 Feb 2021 14:01:40 -0500 Received: by mail-qt1-f176.google.com with SMTP id v3so4921321qtw.4 for <46602 <at> debbugs.gnu.org>; Thu, 25 Feb 2021 11:01:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=a7UzCQdVMb05Tg/DoE3al4yXI1ERxPM7AisVAkIC+RU=; b=BEt7UCyhtfuvBe02UluAPfsSQk2bMl0ctl4Fat1yY/eaolbgzyT03y1fn7n9F/FXcM zoo/WFLA7LFqi8NmrwTwInF90RLocDhMnZmZpgieRlLQl8Q/FAAPQDXiip78FbOWVqyR nQTY9gngudZ8Mm2zM1wrsbIDJ0G38txL8M6Wb775RaynDen2GPOaDeDTtLfeZCkvsM9G mgcm77zzw+az7bMQ0P8exYhRdRy3OCLCl6gW6wDXEfUkJEEaSJaLtImtuoAgh+U/ALK6 8GPZ4WtmLBtj+oSti8X0H/jR7+peGnd8yafeVC0stYqp5JPwRy4FPhtkp9VG+wo1X2Wq U2QA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=a7UzCQdVMb05Tg/DoE3al4yXI1ERxPM7AisVAkIC+RU=; b=kBQ/ofSwLXImTVFqq15KQNj7xEonOJ2atFDdTBFSzOPWLtexOdKt51RYHRNIMP6WH3 3kziOrt8TrJRxwFk8wZ8pWr9ccYAF1vorVwWXl0g9J8c+p7IsYFGRfp9lYorPWHtzPTA hkSzte1FHC5Oshf+mQvdxInIcEIz/0PEJWjE4dxZtqFEu2DoRUN4msDC3PxTMF82lnmX 7dXRMYsl+hmmkZw02wwIX8wVFSWBX+ZmnmB/B8uWrLdAvielXBZ5RHLA8SnbnanWKuu4 tL0eFJ7ps/fViO1Vz5allv9boEj5ZsuD8OVQcXAB/uoxdutsgXAmz3YX4cgtJLgSvZF2 WGfQ== X-Gm-Message-State: AOAM532INyyznyGNGaM7Ds/Iy3CVpzLNinywY1yEy4S2IEXYwJQ/LpDJ zdFp6nHU7/cEOsb/xC0vzacYyhSqNh0DAbk9kx/gyZTMsrk= X-Google-Smtp-Source: ABdhPJzGmFTGk//SuYEATFB9CT0ZlXaHwO6Wuv/jJoQ69Um0mMB7NRT4G3QmJQQxPp2vHsrlBJ3aFc6u2yI0sRyOt6w= X-Received: by 2002:ac8:57c1:: with SMTP id w1mr3832579qta.313.1614279693914; Thu, 25 Feb 2021 11:01:33 -0800 (PST) MIME-Version: 1.0 References: <YC2KDCevazOXaZxZ@HIDDEN> In-Reply-To: <YC2KDCevazOXaZxZ@HIDDEN> From: zimoun <zimon.toutoune@HIDDEN> Date: Thu, 25 Feb 2021 20:01:22 +0100 Message-ID: <CAJ3okZ0ZcrcXtB0BbcfDh1PxG2k9K455Nd4w=3tPSn-KzcAW6g@HIDDEN> Subject: Re: bug#46602: Removing OpenSSL 1.0 To: Leo Famulari <leo@HIDDEN> Content-Type: text/plain; charset="UTF-8" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 46602 Cc: 46602 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Hi Leo, On Wed, 17 Feb 2021 at 22:43, Leo Famulari <leo@HIDDEN> wrote: > > OpenSSL 1.0 is no longer supported as free software. As research > continues, new bugs are discovered and there are no fixes available. > > We should remove it soon. Since Qt 4 depends on it, we can remove them > at the same time [0]. > > Some packages will probably have to be removed, since they depend on > OpenSSL 1.0 and have not been updated to use more recent versions. > > OpenSSL 1.0 is used in the Rust bootstrap, unfortunately, so we will > have to preserve some package of it, but it will be hidden. Well, it needs some care I guess. $ guix refresh -l openssl@HIDDEN Building the following 1930 packages would ensure 2048 dependent packages are rebuilt On the other hand, grepping for "openssl-1.0" returns: 16 matches 12 files contained matches 1522 files searched File: distributed.scm File: networking.scm File: databases.scm File: rust.scm File: web-browsers.scm File: android.scm File: web.scm File: crypto.scm File: messaging.scm File: ntp.scm File: crates-io.scm File: qt.scm Therefore, a good start seems to try to build all the 16 packages depending on openssl@HIDDEN with openssl@HIDDEN And mark them with a comment if they fail. But I guess that openssl@HIDDEN is a strong requirement for these 16 packages. For instance, the package psyclpc (gnu packages messaging) could be removed since it does not build and use openssl@HIDDEN Cheers, simon
bug-guix@HIDDEN
:bug#46602
; Package guix
.
Full text available.Ludovic Courtès <ludo@HIDDEN>
to control <at> debbugs.gnu.org
.
Full text available.Received: (at submit) by debbugs.gnu.org; 17 Feb 2021 21:26:42 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 17 16:26:42 2021 Received: from localhost ([127.0.0.1]:45267 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lCULK-0007S1-74 for submit <at> debbugs.gnu.org; Wed, 17 Feb 2021 16:26:42 -0500 Received: from lists.gnu.org ([209.51.188.17]:47184) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo@HIDDEN>) id 1lCULI-0007Ru-RI for submit <at> debbugs.gnu.org; Wed, 17 Feb 2021 16:26:41 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48252) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <leo@HIDDEN>) id 1lCULI-0003AR-KO for bug-guix@HIDDEN; Wed, 17 Feb 2021 16:26:40 -0500 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:37997) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <leo@HIDDEN>) id 1lCULG-0007su-Vj for bug-guix@HIDDEN; Wed, 17 Feb 2021 16:26:40 -0500 Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 5872B5C010D; Wed, 17 Feb 2021 16:26:38 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute7.internal (MEProxy); Wed, 17 Feb 2021 16:26:38 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:subject:message-id:mime-version:content-type; s= mesmtp; bh=eG/LcWTyPhBmpdZ4z9X+bxgQdcke5H1iq9JsTWLmgRA=; b=pwiAC LXRLz0Ad8g4IUn2crEww4HcS/clxanGR8fosdDirAZ72JZ4ZC7rSTNGgMdahrWga +3CgTca/ljvuwwHh3wOOMXYcMy1hK5Vjkdgx/1CfL8DHuagekJ+XLnjivApTIgvu AA/CwzqJFGL6bOBz8QAaCPrUb9Azfr+FJU+8eU= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; bh=eG/LcWTyPhBmpdZ4z9X+bxgQdcke5 H1iq9JsTWLmgRA=; b=lkRyCXYSfxXDrw5UMi18qZWnI5+wV0CLvTw3i7L2zo6Hx vkf93t3/RQS43pE95p9X1CTRLujvEgCUJMI8TrJWM2HYU7ynK35qmop60Y7mDZmX yyZoNfEKa4rjwym2gdQCUODcZI6zzOLMDPaLDRfVnx5ppU70eeSCPN362IEHpWCY G+pYseFm7Fw8+AEc1+OxjqEeDwoqmzI0BgzCuwEUGu/Bdd0RWeAbhT6oLzR8kpOh lIqLzmN2+D9jEJ5ikSM463/WLzoHoHXeHVXZ0+6LI5fQ0i7ZsqrArjhifL2lGCpb JAgyAMRR6RqrdXjVHVsPjQtcEfZvE7i+1V1qga+ig== X-ME-Sender: <xms:DYotYG8L7UOr9csmT-noBfnnf04zFV0cwpRxmK31YXZhCJUCo7UfKg> <xme:DYotYGoZ_RijeXbAfrQGib76m-pgDEq1tMPVb7oacUwYX5q61zhYxxYVn9D7dLcxD FI4_pcsMTsxXt3nGw> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrjedvgdduvddvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkgggtugesthdtredttd dtvdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhi rdhnrghmvgeqnecuggftrfgrthhtvghrnhepueeiudeijeduffdvhfejvdegvdehgffgje dvveekfeefleefkeeuieejudevtedunecuffhomhgrihhnpehgnhhurdhorhhgnecukfhp pedutddtrdduuddrudeiledruddukeenucevlhhushhtvghrufhiiigvpedtnecurfgrrh grmhepmhgrihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgv X-ME-Proxy: <xmx:DYotYI4DdgPWLGRUkxUyigDLw_UQ33dLh7dKbasZSiMuuEQguTWGAA> <xmx:DYotYGMEBK0tKi8raK-82BOdUOdMV6bFCgZDTbjUnu8nzQCKqYvJPA> <xmx:DYotYKPZ6Tpu8eD_8jMzQ-lJK5_7Ij3jdcOMfoWEOXPsDlk8G_QXRA> <xmx:DootYFBhlePiXgF7cVjCh0yYWTkvBPSAWxIQTCcOjbknO78OMLTp6A> Received: from localhost (pool-100-11-169-118.phlapa.fios.verizon.net [100.11.169.118]) by mail.messagingengine.com (Postfix) with ESMTPA id DA819240057 for <bug-guix@HIDDEN>; Wed, 17 Feb 2021 16:26:37 -0500 (EST) Date: Wed, 17 Feb 2021 16:26:36 -0500 From: Leo Famulari <leo@HIDDEN> To: bug-guix@HIDDEN Subject: Removing OpenSSL 1.0 Message-ID: <YC2KDCevazOXaZxZ@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Received-SPF: pass client-ip=66.111.4.25; envelope-from=leo@HIDDEN; helo=out1-smtp.messagingengine.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.4 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.4 (--) OpenSSL 1.0 is no longer supported as free software. As research continues, new bugs are discovered and there are no fixes available. We should remove it soon. Since Qt 4 depends on it, we can remove them at the same time [0]. Some packages will probably have to be removed, since they depend on OpenSSL 1.0 and have not been updated to use more recent versions. OpenSSL 1.0 is used in the Rust bootstrap, unfortunately, so we will have to preserve some package of it, but it will be hidden. Any thoughts? [0] https://bugs.gnu.org/45704
Leo Famulari <leo@HIDDEN>
:bug-guix@HIDDEN
.
Full text available.bug-guix@HIDDEN
:bug#46602
; Package guix
.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.