Re: OpenSSL 1.1.0
On Friday, 18 November 2016 22:22:59 CET Moritz Mühlenhoff wrote:
> Adrian Bunk <bunk@stusta.de> schrieb:
> > And/or get sponsorship from companies for supporting ChaCha20-patched
> > 1.0.2
>
> It's not a matter of whipping up some patch; anything less than an
> official backport of chacha20 into a 1.0.2x release is not going
> to be supportable.
I am sure Redhat will be interested in that as well. So release now with 1.0.2
without ChaCha20 and upgrade openssl in a point release when/if 1.0.2 supports
ChaCha20.
That or delay the release by a few months.
BTW, just because an openssl-using app/lib does not export an interface that
allows access of openssl-related internals does not mean that no other lib or
plugin messes with those internals. For example, for apache2 there is gridsite
which uses mod_ssl private interfaces and a private copy of a header from the
apache2 sources to get access to the SSL context. Finding all such issues in
all packages will take time.
Cheers,
Stefan
Reply to: