Arch Linux User Repository

If you recently updated your system and are wondering why your AUR helper is pulling this package (and possibly requesting PGP keys to be imported), then you have a package that depends on (or used to depend on) openssl-1.0, which is an old release of the OpenSSL library.

The openssl-1.0 package used to be packaged in the community repo - however, it was recently moved from there to the AUR.

Ensure that you still have packages that depend on openssl-1.0 using pacman:

pacman -Qi openssl-1.0

If you don't, then you may remove this package from your system.

If you have issues with PGP keys being imported, try another keyserver:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys \
  7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C \
  8657ABB260F056B1E5190839D9C4D26D0E604491

@nnns, thanks I've cloned the repo and it's building. This is very painful. I hope I don't need to do this again.

@mk.arch, looks like an issue with your AUR helper. The only officially supported method of installing packages is by cloning the git repository and issuing makepkg -si.

I'm getting this build problem - any idea how to fix it?

Warning: Building packages as dynamic user
Warning: Setting build directory to /var/cache/pamac
Preparing...
Synchronizing package databases...
Refreshing AUR...                                                               
Cloning openssl-1.0 build files...                                              
Running as unit: run-u101.service
fatal: not a git repository (or any parent up to mount point /var/cache/private)
Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set).
Finished with result: exit-code
Main processes terminated with: code=exited/status=128
Service runtime: 9ms
CPU time consumed: 8ms
Running as unit: run-u102.service
Finished with result: success
Main processes terminated with: code=exited/status=0
Service runtime: 53ms
CPU time consumed: 10ms
Running as unit: run-u103.service
Finished with result: success
Main processes terminated with: code=exited/status=0
Service runtime: 1.605s
CPU time consumed: 115ms
Generating openssl-1.0 information...
Running as unit: run-u104.service
Finished with result: success
Main processes terminated with: code=exited/status=0
Service runtime: 1.051s
CPU time consumed: 1.176s
Checking openssl-1.0 dependencies...
The PGP key 8657ABB260F056B1E5190839D9C4D26D0E604491 is needed to verify openssl-1.0 source files.
Trust Matt Caswell <matt@openssl.org> and import the PGP key ? [y/N] y
gpg: key D9C4D26D0E604491: public key "Matt Caswell <matt@openssl.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1

The PGP key 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C is needed to verify openssl-1.0 source files.
Trust Richard Levitte <richard@levitte.org> and import the PGP key ? [y/N] y
gpg: key D5E9E43F7DF9EE8C: 1 duplicate signature removed
gpg: key D5E9E43F7DF9EE8C: public key "Richard Levitte <richard@levitte.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Cloning pip-tools build files...
Running as unit: run-u105.service
fatal: not a git repository (or any parent up to mount point /var/cache/private)
Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set).
Finished with result: exit-code
Main processes terminated with: code=exited/status=128
Service runtime: 12ms
CPU time consumed: 11ms
Running as unit: run-u106.service
Finished with result: success
Main processes terminated with: code=exited/status=0
Service runtime: 11ms
CPU time consumed: 11ms
Running as unit: run-u107.service
Finished with result: success
Main processes terminated with: code=exited/status=0
Service runtime: 623ms
CPU time consumed: 126ms
Generating pip-tools information...
Running as unit: run-u108.service
Finished with result: success
Main processes terminated with: code=exited/status=0
Service runtime: 1.076s
CPU time consumed: 1.208s
Checking pip-tools dependencies...
Resolving dependencies...
Checking inter-conflicts...

To build (2):
  openssl-1.0  1.0.2.u-3  (1.0.2.u-1)  AUR
  pip-tools    6.12.1-1   (6.12.0-1)   AUR


Edit build files : [e] 
Apply transaction ? [e/y/N] y


Building openssl-1.0...
Running as unit: run-u109.service
Press ^] three times within 1s to disconnect TTY.
==> Making package: openssl-1.0 1.0.2.u-3 (Mon 26 Dec 2022 14:08:46 GMT)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Downloading openssl-1.0.2u.tar.gz...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 5229k  100 5229k    0     0  3073k      0  0:00:01  0:00:01 --:--:-- 3072k
  -> Downloading openssl-1.0.2u.tar.gz.asc...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   488  100   488    0     0   1123      0 --:--:-- --:--:-- --:--:--  1127
  -> Found no-rpath.patch
  -> Found ssl3-test-failure.patch
  -> Found openssl-1.0-versioned-symbols.patch
==> Validating source files with sha256sums...
    openssl-1.0.2u.tar.gz ... Passed
    openssl-1.0.2u.tar.gz.asc ... Skipped
    no-rpath.patch ... Passed
    ssl3-test-failure.patch ... Passed
    openssl-1.0-versioned-symbols.patch ... Passed
==> Verifying source file signatures with gpg...
    openssl-1.0.2u.tar.gz ... cat: write error: Broken pipe
FAILED
==> ERROR: One or more PGP signatures could not be verified!
Finished with result: exit-code
Main processes terminated with: code=exited/status=1
Service runtime: 3.246s
CPU time consumed: 1.464s
Error: Failed to build openssl-1.0

I have this problem: openssl-1.0.2u.tar.gz ... FAILED (unknown public key D9C4D26D0E604491)

Me too.

I have this problem: openssl-1.0.2u.tar.gz ... FAILED (unknown public key D9C4D26D0E604491)

I assume openssl-1.0 was moved to the AUR because it's old, deprecated, and no packages in the official repos depend on it - only packages in the AUR. Mind you that this is not the main openssl package - that is still in the official repos. This package is the latest 1.0 release of it, while the one in the repos is 3.X.X (and also one for 1.1 as a separate package).

If you have problems importing the pgp key of Richard Levitte, try another key server:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C

I have this issue at the moment when installing openssl-1.0:

...

:: PGP keys need importing:
 -> 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C, required by: openssl-1.0
:: Import? [Y/n] y
:: Importing keys with gpg...
gpg: key D5E9E43F7DF9EE8C: no user ID
gpg: Total number processed: 1
 -> problem importing keys

I also am concerned about openssl being suddenly on the AUR than the community repo. a complete surprise.

just curious, why was this moved to the AUR?

If you have a gpg issue on this update, the command is:

gpg --recv-keys D9C4D26D0E604491