On Tue, Aug 3, 2021 at 4:50 PM Ben Cotton <bcotton@redhat.com> wrote:
Okay, let's take a step back for a moment.

Sahana, do you still intend to land OpenSSL 3.0 in F35 or should we
defer it to F36?
 
Hi Ben, others

I would like to defer it to F36. OpenSSL 3.0 Beta2 (or Beta 3, if available) will land
into rawhide right after branching. This will give fellow maintainers time to properly plan
porting activities and ensure smooth transition.
 
If you do plan on including it in F35, what help from
the rest of the community (if any) do you need? 

 Like Simo mentioned, we haven't had any request/interest for OpenSSL 3.0 to be introduced
into F35 immediately. However, if it would be very beneficial, then I'd say we could try the following -
(Only if the package maintainers are willing to add patches / merge their WIP OpenSSL 3.0 branches before 8/24)

1.  Do a targeted rebuild of packages that depend on OpenSSL on the side-tag f35-build-side-44202.
     I have built OpenSSL 3.0 Beta2 [1] and openssl1.1 compat [2] packages in this side-tag.
     The compat package is rebased to 1.1.1k. It includes the devel subpackage.
     Note that it intentionally conflicts with openssl-devel.
     Neal, or others willing to volunteer, could help me out here to get the list of packages that fail.
     (If it was done in the past, there could be some automated scripts we could run overnight to get results quickly.)
     We had ~60 packages that FTBFS when OpenSSL 3.0 landed in c9s.
     (Most of them are already ported to 3.0 now, so we would gain from them)

2.   We can report FTBTS bugs to these failing packages.

3.   If the failure rate of packages is within permissible limits and can all be fixed before 8/24, then good.

I wanted to do these steps myself, but not for F35, and not immediately. I'm sure trying step1 will
not be a waste of time and we would only gain from it even if we defer to F36.

Package maintainers who want to test building their package with OpenSSL 3.0 Beta2 version
can do so using this copr repo [3] and add builds. Kindly let me know if you need any help in testing/building
your package with OpenSSL 3.0. Code is available here [4]

Neal, as far as communication is concerned, I might not have communicated on this list directly,
but I have definitely discussed it on multiple occasions in different channels on how best to bring
OpenSSL 3.0 into rawhide. Other than regressions and instability being the technical reasons,
there was no other reason to stall communication.
I am learning everyday, and I will definitely work on improving my communication in the future.
I apologize for any inconvenience caused.


[1] https://koji.fedoraproject.org/koji/taskinfo?taskID=73215212
[2] https://koji.fedoraproject.org/koji/taskinfo?taskID=73219610
[3] https://copr.fedorainfracloud.org/coprs/saprasad/openssl-3.0/builds/
[4] https://src.fedoraproject.org/fork/saprasad/rpms/openssl/tree/rawhide

Looking forward to working together.

Thank you,
Regards,
Sahana Prasad

 

Anything that's not a direct answer to the above questions should sit
in the drafts folder for a bit while we all take some deep breaths.


Thanks,
BC

--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis