[openssl-dev] please make clear on website that 1.1.0e is Development release, not GA / Production release

Tue Mar 21 08:55:30 UTC 2017

In message <CALyZvKy_Y0EwAuPzBWsYRQ2K+onZyfRaN1t8c7UPoX5_0jP8Yg at mail.gmail.com> on Tue, 21 Mar 2017 00:13:57 +0000, Jason Vas Dias <jason.vas.dias at gmail.com> said:

jason.vas.dias> On 20/03/2017, Kurt Roeckx <kurt at roeckx.be> wrote:
jason.vas.dias> > The ed25519 support in openssh doesn't even come from openssl.
jason.vas.dias> >
jason.vas.dias> What happens is OpenSSH's cipher.c calls
jason.vas.dias>        if (EVP_CipherInit(cc->evp, type, NULL, (u_char *)iv,
jason.vas.dias>           (do_encrypt == CIPHER_ENCRYPT)) == 0) {
jason.vas.dias> 		ret = SSH_ERR_LIBCRYPTO_ERROR;
jason.vas.dias> 		goto out;
jason.vas.dias> 	}
jason.vas.dias> which always does 'goto out' for any ED25519 file.

That would happen if ssh_host_ed25519_key is password protected and
the cipher used to encrypt the key isn't recognised in OpenSSL 1.1.0
(and considering the current master of openssh-portable doesn't build
cleanly against OpenSSL 1.1.0e and I therefore suppose you've hacked
around, I can't even begin to say where the fault came in).  It also
depends on your OpenSSL configuration, since you can disable most
algorithms it carries...

jason.vas.dias> >> which mainly
jason.vas.dias> >> involved including the '*_lo?cl.h' & '*_int.h'  headers
jason.vas.dias> >
jason.vas.dias> > Including the internal headers is not a good patch. This will
jason.vas.dias> > break.
jason.vas.dias> >
jason.vas.dias> 
jason.vas.dias> It doesn't break at all - the code remains 100% unchanged  - just different
jason.vas.dias> headers need including - and seems to work fine including the API
jason.vas.dias> hiding headers.

The structures you find in there are made private for a reason, we
need the liberty to make changes in them in future developments
without disturbing the ABI (not just the API).  So some time in the
future, it will break.

jason.vas.dias> And my point is really not to criticize your effort, it is just a plea to make
jason.vas.dias> clear on the web-page that the 1.1.0 branch is a development branch and
jason.vas.dias> does not work yet with most OpenSSL using applications .

It isn't a development branch.  We see it as a stable release, i.e. no
further development apart from bug fixes.  "master" is the development
branch.

jason.vas.dias> OpenSSL in its 1.0.2 incarnation has been hardened by over (10,15,20)? years
jason.vas.dias> of testing , and its API is usable by all OpenSSL using applications,
jason.vas.dias> unlike 1.1.0 .

Jyst to put things in perspective, OpenSSL 1.0.0 was released
2010-Mar-29.  That was the start of the 1.0.x series.  OpenSSL 1.0.2
was released 2015-Jan-22.

OpenSSL 1.1.0 marks the start of the 1.1.x series, which isn't source
compatible with the 1.0.x series.  We have talked about this in
different ways even before the first Alpha release was made (over a
year ago).

Either way, the 1.0.2 branch is supported until the end of 2019.
One could say that's how long other application authors have to rework
their source, although that's not really true since anyone can keep
the 1.0.2 source around as long as they want (hey, even we do).

Maybe you expected all applications to have converted the moment we
declared our 1.1.0 release stable?  That will not happen...  as far as
we've observed, most are hardly even looking before we've made a
stable release (which I agree is unfortunate).

Cheers,
Richard

-- 
Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/