On 20/03/2017, Kurt Roeckx <k...@roeckx.be> wrote:
> On Mon, Mar 20, 2017 at 10:41:12PM +0000, Jason Vas Dias wrote:
>> Hi - much thanks for many years of great OpenSSL releases,
>> but this 1.1.0 branch, IMHO, should not be put above the 1.0.2k
>> release on the website as the 'latest / best OpenSSL release' - this just
>> wastes everybody's time . No using software can use this release,
>> such as the latest releases of OpenSSH, ISC BIND (named) / ISC DHCP,
>> ntpd
>> (... the list can go on and on - does the latest httpd compile with it?
>> )
>
> I have send patches for all of those that you just mentioned so
> that they can get build using both 1.0.2 and 1.1.0.
Great, thanks, but they are not being distributed anywhere .
Please could you send the patch sets against bind-9.11.0-P3
& DHCP 9.3.5 to me ?
>
>> I did waste a few hours today getting ISC BIND 9.11.0-P3 & DHCP 4.3.5
>> & ntpd 4.3.93 to use 1.1.0e , (I can generate & send the patches for
>> them to anyone who wants them),
>
> DHCP 4.3.5 seems to work just fine with 1.1.0.
>
Yes, as I said, named & dhcp & wpa_supplicant are working fine with 1.1.0 and
after patching to use the internal 1.1.0 headers. DHCP uses OpenSSL via the
BIND libisc & libdns libraries, anyway , so doesn't really count as an OpenSSL
user in its own right.
None of their latest versions can compile unmodified against 1.1.0 .
That is why I think it is somewhat premature to call 1.1.0 the official
stable OpenSSL release.
> The latest ntp release is 4.2.8p9 which should just work with
> openssl 1.1.0. (I have no idea why they don't list it on their
> download page now, or why the development version is so old.)
>
No, the latest version is 4.3.93 , not 4.2.8p9, and it also needed to include
^ ^
internal 1.1.0 headers to compile.
> bind has applied patches, I'm just not sure in which branches.
>
It may be years yet before they see the light of day in a BIND release.
>> the latest version of OpenSSH (v7.4.P1) to at least compile with it,
>> but that version of OpenSSH is broken in so many ways because of
>> openssl 1.1.0 - it can't even read or write its ED25519
>> /etc/ssh_host_ed25519.key file.
>
> The ed25519 support in openssh doesn't even come from openssl.
>
What happens is OpenSSH's cipher.c calls
if (EVP_CipherInit(cc->evp, type, NULL, (u_char *)iv,
(do_encrypt == CIPHER_ENCRYPT)) == 0) {
ret = SSH_ERR_LIBCRYPTO_ERROR;
goto out;
}
which always does 'goto out' for any ED25519 file.
OpenSSL's EVP_CipherInit calls EVP_CipherInit_ex which fails in this case.
I'm not really an OpenSSL / cryptography expert (but have written a few
SSL / plain transparent I/O modules in C/C++ in my time), but I can
see OpenSSH
is expecting OpenSSL to respond in a certain way to these parameters which
it does not do in 1.1.0, but does in 1.0.2x .
>> which mainly
>> involved including the '*_lo?cl.h' & '*_int.h' headers
>
> Including the internal headers is not a good patch. This will
> break.
>
It doesn't break at all - the code remains 100% unchanged - just different
headers need including - and seems to work fine including the API
hiding headers.
But considering the work necessary to make all OpenSSH using apps include those
headers , it doesn't seem worth it.
My question is really, why ? Why make ALL OpenSSL users
(and there are thousands of them) now jump through new hoops
to use the same API they've been using for years ? What does it get them?
And my point is really not to criticize your effort, it is just a plea to make
clear on the web-page that the 1.1.0 branch is a development branch and
does not work yet with most OpenSSL using applications .
OpenSSL in its 1.0.2 incarnation has been hardened by over (10,15,20)? years
of testing , and its API is usable by all OpenSSL using applications,
unlike 1.1.0 .
Out of these using applications, which have their latest versions switched
to using the 1.1.0 API : bind, OpenSSH, httpd, firefox ?
AFAICS, none.
It is just premature and confusing and a timewaster to claim the latest
stable OpenSSL release is 1.1.0 on the main web page. No using applications
can use it yet. Give them a few years, and they will . But please, make clear
on the web-page that most applications still use the 1.0.2 API .
Friendly Regards,
Jason
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
