Re: Request to stop hobbling crypto libraries

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Neal,

Thanks for raising this here. I saw some of the thread on devel, but when thread get long, it's sometimes hard to know what the specific ask is.

To that end, could you provide a bit of a description as to what is currently being done in terms of "hobbling" OpenSSL? Just a high-level description would be helpful for context and a reminder as to the current state.

Also, am I correct to assume that by "use pristine OpenSSL sources" - the desired outcome it to be able to package OpenSSL for Fedora straight from the upstream project without needing to remove something or otherwise modify the upstream source in order to package it for Fedora?

Keep in mind, while Richard and I have been trying to provide more timely responses to all the various license requests, etc. as of lately, this is not a question either of us can answer directly, so it may take a bit longer.

Thanks,
Jilayne

On 9/29/22 11:37 AM, Neal Gompa wrote:
Hey all,

As part of the discussion going on about Mesa on devel@, the situation
around OpenSSL was brought up, and Adam Williamson brought up that we
might not need to hobble OpenSSL anymore[1]. A quick check seems to
indicate we no longer do it for GnuTLS either, and haven't for many
years[2].

Could we just drop all this stuff and use pristine OpenSSL sources?
All the crypto algorithm usability stuff is controlled through
crypto-policies, so I don't think it makes sense to do this anymore
for OpenSSL since all the patents indicated in the script have expired
for a couple of years now[3].

Dropping this will eliminate a chunk of cruft that nobody needs around
anymore and simplify OpenSSL maintenance.

[1]: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/message/UKRRX2N5UWJFBUZIMP5OSE52AYYE5NG4/
[2]: https://src.fedoraproject.org/rpms/gnutls/c/46d865d8451be0f4576dcc56841175a9faa06d1a
[3]: https://src.fedoraproject.org/rpms/openssl//blob/rawhide/f/hobble-openssl


_______________________________________________
legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Gnome Users]     [KDE Users]

  Powered by Linux