Re: OpenSSL 1.1.0 support

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Wed, 2 Nov 2016, Stuart Henderson wrote:

> On 2016-11-02, Jakub Jelen <jjelen@xxxxxxxxxx> wrote:
> > The current set of patches are rebased on current upstream is attached 
> > with few more tweaks needed to build, pass testsuite and make it work. 
> > The upstream review and insight would be helpful.
> 
> Since these are going to break things with LibreSSL, I doubt they'll be
> acceptable as-is.

This is the nub of the problem: upstream (OpenBSD) OpenSSH targets
LibreSSL natively (it's also used by Apple for their OS X builds). If we
pick up the 1.1.0 patch, we'd probably have to do it in portable because
there's little point in patching OpenBSD for API that doesn't exist
there. I don't want to have to carry such a major divergence in just the
portable tree.

I don't know what LibreSSL's plans are wrt the 1.1.x API, but convincing
them to adopt it would remove much of the problem.

It's disappointing though that OpenSSL didn't see fit to write their own
set of 1.0.x->1.1.x API shims and ship it alongside 1.0.x releases. It
would have made the transition easier for everyone I think.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux