[OE-core] openssl: OpenSSL 1.1.x update

[Alexander Kanavin]

On 10/06/2016 06:39 PM, Mark Hatle wrote:
>>> The OpenSSL community itself is looking at 1.1.0 as a transition to newer and
>>> better design/api/etc... which is why it is not marked as a LTS release.
>>
>> api changes can be a bothersome point from integration POV, do we know if there
>> are some forwarded porting incompatibilities in APIs already?
>
> I have not investigated it, as my focus has been on the LTS version at this point.

I've quickly put together a openssl 1.1 recipe to test what builds and 
what fails in oe-core, and this is the list of failures (any 
dependencies of these aren't even attempted of course, i.e. webkit):

rpm
apr-util
ruby
openssh
bind
socat
mailx (I believe debian provides a rewrite of this one which we need to 
package)
cryptodev-tests
u-boot-mkimage

Openssl does not seem to be designed for parallel installation of 
several major versions at the same time (headers and pkg-config files 
clash), so (unless someone has a better idea), we need to either wait 
until the above listed upstreams fix their code, or do custom patching.

Mark, when can we expect rpm updates from Wind River? It's been a while 
(actually, 10 months) since anything substantial arrived. I'd like to 
have both a working CVS recipe (for dnf oe-core integration work), and 
an update to the stable release with openssl 1.1 support in it - so that 
oe-core can provide openssl 1.1. I simply do not have the bandwidth or 
the expertise to do this work myself - far too many patches to rebase, 
and a code base that I don't even begin to understand.

Alex