Re: OpenSSL 1.1.0

To: debian-devel@lists.debian.org
Subject: Re: OpenSSL 1.1.0
From: Adrian Bunk <bunk@stusta.de>
Date: Tue, 15 Nov 2016 00:16:14 +0200
Message-id: <[🔎] 20161114221614.s7unwm7v7axkhwc4@bunk.spdns.de>
In-reply-to: <[🔎] e31aa628-9885-2403-bded-d9823f517df6@thykier.net>
References: <20160611123036.GA8321@roeckx.be> <[🔎] 08f61c5c-f711-67c9-fc56-c06a5df09868@bzed.de> <[🔎] 1479126404.3441753.787032041.59FC5B5E@webmail.messagingengine.com> <[🔎] 9305320.iY2l6Dq22s@tonks> <[🔎] 20161114155104.kq35t2doyuspqj4z@bongo.bofh.it> <[🔎] e31aa628-9885-2403-bded-d9823f517df6@thykier.net>

On Mon, Nov 14, 2016 at 07:10:00PM +0000, Niels Thykier wrote:
> Marco d'Itri:
> > On Nov 14, Lisandro Damián Nicanor Pérez Meyer <perezmeyer@gmail.com> wrote:
> > 
> >> And yes, I would step back and switch libssl-dev to provide libssl1.0-dev and 
> >> have libssl1.1-dev around for anyone who can really do the switch.
> > I would not: OpenSSL 1.0 does not support ChaCha20 so it would be a very 
> > bad default for next year's release.
> > Bad enough that I would have to use a different distribution for some 
> > web servers.
> 
> At the moment, the maintainers of apache2 are picking the openssl 1.0
> route.
>...

For libcurl3 the OpenSSL version is part of the ABI due to SSL_CTX.
If packages linked with libcurl3 use a different OpenSSL version than
libcurl3, that can break badly.

Apache seems to have similar problems.

Such packages do not even have a choice of going to 1.1 since that would
make it impossible for their rdeps to use 1.0.2

> The alternative for ChaCha20 would be to adopt Cloudflare's patches[1],
> but that sort of assumes that you are only interested in openssl 1.1 for
> ChaCha20 (and not the other changes).

Trying to mix OpenSSL 1.0.2 and 1.1 is the expected mess.

And since 80% of all OpenSSL-using packages in unstable are still
using libssl1.0.2 (binNMUs have not yet happened), all runtime
issues observed so far are only the tip of the iceberg.
Bugs like "With Kurt's patch, apache2 crashes on startup with an invalid free." 
or #843988 will be a common sight on the list of RC bugs for several
months in any scenario with OpenSSL 1.1 as default.

For Apache, the choices available are:
1. no ChaCha20 in Apache in stretch
2. move the stretch release schedule by 6-12 months to have
   only OpenSSL 1.1 in stretch
3. apply ChaCha20 patches to OpenSSL 1.0.2

You have the same choices for any other OpenSSL 1.1 features you
consider important.

Any explicit or implicit claims that you could just switch a package
like Apache to OpenSSL 1.1 within the current stretch release schedule
are just resulting in a lot of people wasting a lot of time.

> Thanks,
> ~Niels
>...

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

Reply to:

Follow-Ups:
- Re: OpenSSL 1.1.0
  - From: Scott Leggett <scott@sl.id.au>
- Re: OpenSSL 1.1.0
  - From: Jonas Smedegaard <jonas@jones.dk>
- Re: OpenSSL 1.1.0
  - From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

References:
- Re: OpenSSL 1.1.0
  - From: Bernd Zeimetz <bernd@bzed.de>
- Re: OpenSSL 1.1.0
  - From: Ondřej Surý <ondrej@sury.org>
- Re: OpenSSL 1.1.0
  - From: Lisandro Damián Nicanor Pérez Meyer <perezmeyer@gmail.com>
- Re: OpenSSL 1.1.0
  - From: md@Linux.IT (Marco d'Itri)
- Re: OpenSSL 1.1.0
  - From: Niels Thykier <niels@thykier.net>

Prev by Date: Processed: Re: Bug#844315: tzdata version breaks dist-upgrade leaving version from oldstable security installed
Next by Date: Bug#838282: ITP: gssproxy -- A privilege separation daemon for GSSAPI
Previous by thread: Re: OpenSSL 1.1.0
Next by thread: Re: OpenSSL 1.1.0
Index(es):
- Date
- Thread