OTC Vote: Remove the RSA_SSLV23_PADDING and related functions completely

Viktor Dukhovni openssl-users at dukhovni.org
Wed Feb 24 21:59:03 UTC 2021

Is there an open pull request for this?

> On Feb 23, 2021, at 8:21 AM, Tomas Mraz <tomas at openssl.org> wrote:
> topic: The RSA_SSLV23_PADDING and related functions should be
> completely removed from OpenSSL 3.0 code.
> comment: The padding mode and the related functions (which are already
> deprecated in the current master branch) is useless outside of SSLv2
> support. We do not support SSLv2 and we do not expect anybody using
> OpenSSL 3.0 to try to support SSLv2 by calling those functions.

I am inclined to vote yes on general grounds, but my concern is whether
this might then cause some downstream consumers of OpenSSL to fail to
compile (things like Python bindings to OpenSSL, Net::SSLeay, ...)

It may be prudent to leave some stub functions in place that just
return errors, if they're currently exposed in various tools, and
likely unused, but would still cause some pain to the downstream
API maintainers if entirely removed.

Are there any such functions exposed by popular toolkits?


More information about the openssl-project mailing list