Please branch and build botan2 in epel9. Note that RHEL9 has openssl3 while botan2 in rawhide is looking for openssl1.1.
I found that changing "BuildRequires: openssl1.1-devel" to "BuildRequires: openssl-devel" in the spec file allows the package to be built on epel9. Maybe it's time to move botan2 to openssl 3. I don't have any good tests so I don't know if it's working well, or just builds ok.
If you do not wish to maintain botan2 in epel9, or do not think you will be able to do this in a timely manner, I would be happy to be a co-maintainer of the package.
Aloha! > Maybe it's time to move botan2 to openssl 3. Upstream has no intentions to support OpenSSL 3 and will drop the entire OpenSSL provider probably once OpenSSL 4 comes out. https://github.com/randombit/botan/issues/2842 Since OpenSSL 3 produces lots of deprecation warnings, I found it better to explicitly build against the legacy package in Fedora. But it _should_ just work with OpenSSL3 (at least 2.18.1). Open for suggestions. > [..] I would be happy to be a co-maintainer of the package Sure can do. I guess you have more on your plate already :)
I think it wouldn't be good to use OpenSSL 3 for the EPEL9 RPM, but the legacy package in Fedora (because, at least in my feeling, that would invert the normal relationship between Fedora and EPEL when it comes to upstream vs. downstream, or stable vs. recent). Can't we simply live with the deprecation warnings, or silence them with -Wno-deprecated if they bother us?
> I think it wouldn't be good to use OpenSSL 3 for the EPEL9 RPM, but the legacy package in Fedora [..] > Can't we simply live with the deprecation warnings, or silence them with -Wno-deprecated if they bother us? Yup, makes sense. So before we branch off for epel9 we should move rawhide to OpenSSL 3 package. I have a build for 2.19.1 in the pipeline. Let me push that and then try switch Fedora rawhide to OpenSSL 3, test a bit, then we can branch off for epel9. Any objections? Troy, do you want to become a co-maintainer for that branch anyway?
Whatever is easiest. If you don't mind maintaining it in epel9, then I am fine with that. If you would like a break and want me to, I can do that also.
Don't mean to rush you, but botan2 just became the top blocker for KDE in epel9. I could request openssl1.1 for epel9. Do you think that would be a good way forward? That way you wouldn't have to rush the move to openssl 3.
No worries. > I could request openssl1.1 for epel9. Would certainly speed up things on our end here. Not sure what the maintainers of openssl1.1 think about this.
Quick update: pushed an update to rawhide for botan2-2.19.1 still with openssl1.1 There's an compat-openssl11 package in CS9 but no -devel package for it. Asked on IRC: Feb 03 17:53:37<bkircher> is compat-openssl11 package in CS9 basically the same as openssl1.1 package in F35? Feb 03 18:01:14<mroche[m]> bkricher: Fedora 35 is based on `1.1.1l` and Stream 9 on `1.1.1k`, if that matters. Are you trying to build against OpenSSL 1.1 in Stream 9? […] Feb 03 18:52:58<bkircher> mroche[m], yes I would like to but there is no -devel package Feb 03 18:53:24<bkircher> I have a package where upstream doesn't really want to support OpenSSL 3 Feb 03 18:54:05<bkircher> but I can still build against OpenSSL 3 (and turn off warnings) Feb 03 18:54:47<bkircher> was just wondering if it makes sense to request a -devel package for compat-openssl11 Feb 03 18:55:34<bstinson> no, that compat package is your signal that you can't build against openssl1.1 in Stream 9 and later Feb 03 18:55:58<bkircher> yeah, makes sense […] So, I will switch to OpenSSL 3 and try to hurry up to not block anything.
Thank you very much for your work on this. If you want, you can have epel9 be the test of how well botan2 is with openssl3.
https://pagure.io/releng/fedora-scm-requests/issue/41805
FEDORA-EPEL-2022-6413b0bdd7 has been submitted as an update to Fedora EPEL 9. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-6413b0bdd7
FEDORA-EPEL-2022-6413b0bdd7 has been pushed to the Fedora EPEL 9 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-6413b0bdd7 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Thank you for the build on epel9. You might notice that I have tagged this into epel9-override. This has unblocked me and allowed my builds to move forward. I haven't done any "real world" testing, but my builds build. :)
Awesome!
FEDORA-EPEL-2022-6413b0bdd7 has been pushed to the Fedora EPEL 9 stable repository. If problem still persists, please make note of it in this bug report.