Re: OpenSSL 1.1.0

To: debian-devel@lists.debian.org
Subject: Re: OpenSSL 1.1.0
From: Stefan Fritsch <sf@sfritsch.de>
Date: Sat, 19 Nov 2016 11:18:54 +0100
Message-id: <[🔎] 5804906.2QG5MBc5Mv@k>
In-reply-to: <[🔎] slrno2us9j.sfl.jmm@inutil.org>
References: <20160611123036.GA8321@roeckx.be> <[🔎] 20161117230225.syjmiux7yi7ajveu@bunk.spdns.de> <[🔎] slrno2us9j.sfl.jmm@inutil.org>

On Friday, 18 November 2016 22:22:59 CET Moritz Mühlenhoff wrote:
> Adrian Bunk <bunk@stusta.de> schrieb:
> > And/or get sponsorship from companies for supporting ChaCha20-patched
> > 1.0.2
> 
> It's not a matter of whipping up some patch; anything less than an
> official backport of chacha20 into a 1.0.2x release is not going
> to be supportable.

I am sure Redhat will be interested in that as well. So release now with 1.0.2 
without ChaCha20 and upgrade openssl in a point release when/if 1.0.2 supports 
ChaCha20.

That or delay the release by a few months.

BTW, just because an openssl-using app/lib does not export an interface that 
allows access of openssl-related internals does not mean that no other lib or 
plugin messes with those internals. For example, for apache2 there is gridsite 
which uses mod_ssl private interfaces and a private copy of a header from the 
apache2 sources to get access to the SSL context. Finding all such issues in 
all packages will take time.

Cheers,
Stefan

Reply to:

Follow-Ups:
- Re: OpenSSL 1.1.0
  - From: md@Linux.IT (Marco d'Itri)
- Re: OpenSSL 1.1.0
  - From: Moritz Mühlenhoff <jmm@inutil.org>

References:
- Re: OpenSSL 1.1.0
  - From: Adrian Bunk <bunk@stusta.de>
- Re: OpenSSL 1.1.0
  - From: Moritz Mühlenhoff <jmm@inutil.org>

Prev by Date: Bug#844996: ITP: rambo-k -- Read Assignment Method Based On K-mers
Next by Date: Bug#845013: ITP: node-grunt-replace -- Replace text patterns with applause
Previous by thread: Re: OpenSSL 1.1.0
Next by thread: Re: OpenSSL 1.1.0
Index(es):
- Date
- Thread