OTC VOTE: Fixing missing failure exit status is a bug fix

Matt Caswell matt at openssl.org
Tue Dec 1 12:29:15 UTC 2020


On 30/11/2020 12:03, Nicola Tuveri wrote:
> Vote background
> ---------------
> This follows up on a [previous proposal] that was abandoned in favor of
> an OMC vote on the behavior change introduced in [PR#13359].
> Within today's OTC meeting this was further discussed with the attending
> members that also sit in the OMC.
> The suggestion was to improve the separation of the OTC and OMC domains
> here, by having a more generic OTC vote to qualify as bug fixes the
> changes to let any OpenSSL app return an (early) failure exit status
> when a called function fails.
> The idea is that, if we agree on this technical definition, then no OMC
> vote to allow a behavior change in the apps would be required in
> general, unless, on a case-by-case basis, the "OMC hold" process is
> invoked for whatever reason on the specific bug fix, triggering the
> usual OMC decision process.
> [previous proposal]:
> <https://www.mail-archive.com/openssl-project@openssl.org/msg02241.html>
> [PR#13359]: <https://github.com/openssl/openssl/pull/13359>
> Vote text
> ---------
> topic: In the context of the OpenSSL apps, the OTC qualifies as bug
>        fixes the changes to return a failure exit status when a called
>        function fails with an unhandled return value.
>        Even when these bug fixes change the apps behavior triggering
>        early exits (compared to previous versions of the apps), as bug
>        fixes, they do not qualify as behavior changes that require an
>        explicit OMC approval.
> Proposed by Nicola Tuveri
> Public: yes
> opened: 2020-11-30

More information about the openssl-project mailing list