[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discussion] Limit the scope of 2.4.x patches until 2.4.next is released?

Like my beg for getting us to the 2.4.35 release tag, I'd like to propose we keep patches to branches/2.4.x/ generally within the scope of straightening out the remaining quirks related to the OpenSSL 1.1.1 API and library behavior changes (and similar corrections for any alternate library implementations such as LibreSSL or BoringSSL.)

This isn't a vote per se... just an ask whether we collectively want to defer all potentially disruptive changes for a release following 2.4.next. We can certainly resume with that next release on an expedited basis, within a month or few (as opposed to waiting 6 months as has been typical.)

It appears that dropping in OpenSSL 1.1.1 into a previously working httpd built against 1.1.0 is not the "plug and play" replacement that the OpenSSL team originally envisioned, and deliberately building any previous release of httpd against 1.1.1 is similarly broken.

Thoughts? Other concerns?