Re: Status of OpenSSL 1.1 support

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Tue, Oct 17, 2017 at 12:45:26PM +0200, Jakub Jelen wrote:
> On Mon, 2017-10-16 at 17:18 +0200, Ingo Schwarze wrote:
> > > Fedora has the same policy, and so far has opted to ship a ~3600-
> > > line
> > > patch to OpenSSH to use the 1.1 API.
> > 
> > Frankly, i would feel uncomfortable using OpenSSH on Fedora.
> 
> Thank you for the support. Do you have any real reason to say so?
> 
> Yes, we opted to improve existing patch, implement missing parts, test
> it and contribute it back to OpenSSH upstream in spite of moving
> forward with OpenSSL upstream.
> 
> It takes some effort to do so, but we do not have to think about
> bundling LibreSSL nor depend on soon-to-by-outdated OpenSSL.
> 
> As these threads appear all over and over again on this list, Fedora is
> not the only distro that had this problem and would like to see it
> resolved in a sensible way, but it is stalled in this point for over a
> year.
>

OPenSSH is based on OPenBSD developemnt.

The best solution is if (LIBRESSL) || (OPENSSL < 1010...)

Else

Whatever.

Is that too much work?

> Regards,
> -- 
> Jakub Jelen
> Software Engineer
> Security Technologies
> Red Hat, Inc.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@xxxxxxxxxxx
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
https://www.empire.kred/ROOTNK?t=94a1f39b  Look at Psalms 14 and 53 on Atheism
Talk Sense to a fool and he calls you foolish - Euripides
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux