[openssl-dev] 1.1 release being delayed

Jouni Malinen j at w1.fi
Fri Jun 24 21:28:57 UTC 2016


On Mon, May 23, 2016 at 01:15:45PM +0000, Salz, Rich wrote:
> ... in case you haven't noticed :)  Our announced release date for 1.1 has come and gone.
> 
> We want to close many more bugs before we release it.  In the meantime, please test against master or a daily snapshot or the last beta release.

It has now been a month from this announcement and there does not seem
to be any updates to the release strategy (*) which is still claiming
the "current plan" to be to release 1.1.0 12th May 2016.. While it is
obviously fine to push out the release to get more fixes in, it would be
nice to get some more details on the updated release plan and especially
on whether there is going to be another beta release ("beta 3?") before
the public release.

I'd like to make sure I run my tests against a snapshot that is close to
the release to check for any late regressions. However, I don't want to
be doing this on daily basis until some unknown point in time. Would it
be possible to either make the beta 3 release before the actual 1.1.0
public release or alternatively, provide some kind of early warning
couple of weeks before the public release so that it would be easier to
check for last minute regressions?

And as far as regressions after beta 2 release are concerned, it looks
like there was a change in the API that is not backwards compatible. I
was hoping this would not happen after the "Beta 2 - Opaque work
complete". Did I misunderstand what that note means?

The non-compatible change (this actually broke wpa_supplicant build..)
is this one:

commit fd809cfdbd6e32b6b67b68c59f6d55fbed7a9327
    Constify the parameter getters for RSA, DSA and DH

-void DH_get0_key(const DH *dh, BIGNUM **pub_key, BIGNUM **priv_key)
+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)


Is there a clear point in time after which the OpenSSL 1.1.0 API is
expected to be fully frozen for the release (well, other than the final
public release showing up)?


(*) https://www.openssl.org/policies/releasestrat.html
 
-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the openssl-dev mailing list