[openssl-project] Next release is beta1

Benjamin Kaduk kaduk at mit.edu
Mon Mar 5 01:35:24 UTC 2018


On Sun, Mar 04, 2018 at 05:30:32PM +0100, Kurt Roeckx wrote:
> On Sun, Mar 04, 2018 at 02:44:01PM +0000, Salz, Rich wrote:
> > I also intend to merge the config file .include PR (5351), and I want us to decide about 4848.
> 
> I have to agree that I want to resolv 4848 (reading config file to
> select things like supported ciphers.)

So far my personal opinion on this one is that I'd rather wait until
1.2 and actually change the SSL_CTX_new() behavior, as opposed to
having to add a new API that not much software would be using.  (To
be clear, I think that changing SSL_CTX_new() to read a systemwide
config file is inconsistent with our API stability policy for dot
releases.)  This is perhaps complicated by the interplay with #2397,
which also wants to extend SSL_CTX_new() for sharing session caches
between SSL_CTXes.  (This behavior inherently requires a new API.)

-Ben


More information about the openssl-project mailing list