On 3/26/20 9:10 PM, Tim Hudson wrote:
> We don't guarantee constant time.
>
#11411 does, I don't see why we hurry so much for 1.1.1f
we got into this situation because everything moves so quickly,
why does everyone here think we should move even faster now?
What is the reason for this?
Bernd.
> Tim.
>
> On Fri, 27 Mar 2020, 5:41 am Bernd Edlinger, <bernd.edlin...@hotmail.de>
> wrote:
>
>> So I disagree, it is a bug when it is not constant time.
>>
>>
>> On 3/26/20 8:26 PM, Tim Hudson wrote:
>>> +1 for a release - and soon - and without bundling any more changes. The
>>> circumstances justify getting this fix out. But I also think we need to
>>> keep improvements that aren't bug fixes out of stable branches.
>>>
>>> Tim.
>>>
>>> On Fri, 27 Mar 2020, 3:12 am Matt Caswell, <m...@openssl.org> wrote:
>>>
>>>> On 26/03/2020 15:14, Short, Todd wrote:
>>>>> This type of API-braking change should be reserved for something like
>>>>> 3.0, not a patch release.
>>>>>
>>>>> Despite it being a "incorrect", it is expected behavior.
>>>>>
>>>>
>>>> Right - but the question now is not whether we should revert it (it has
>>>> been reverted) - but whether this should trigger a 1.1.1f release soon?
>>>>
>>>> Matt
>>>>
>>>>> --
>>>>> -Todd Short
>>>>> // tsh...@akamai.com <mailto:tsh...@akamai.com>
>>>>> // “One if by land, two if by sea, three if by the Internet."
>>>>>
>>>>>> On Mar 26, 2020, at 11:03 AM, Dr. Matthias St. Pierre
>>>>>> <matthias.st.pie...@ncp-e.com <mailto:matthias.st.pie...@ncp-e.com>>
>>>>>> wrote:
>>>>>>
>>>>>> I agree, go ahead.
>>>>>>
>>>>>> Please also consider reverting the change for the 3.0 alpha release as
>>>>>> well, see Daniel Stenbergs comment
>>>>>>
>> https://github.com/openssl/openssl/issues/11378#issuecomment-603730581
>>>>>> <
>>>>
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_openssl_openssl_issues_11378-23issuecomment-2D603730581&d=DwMGaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=QBEcQsqoUDdk1Q26CzlzNPPUkKYWIh1LYsiHAwmtRik&m=87AtfQDFl1z9cdRP12QeRUizmgnW6ejbufNT40Gip4Q&s=djWoIIXyggxwOfbwrmYGrSJdR5tWm06IdzY9x9tDxkA&e=
>>>>>
>>>>>>
>>>>>> Matthias
>>>>>>
>>>>>>
>>>>>> *From**:* openssl-project <openssl-project-boun...@openssl.org
>>>>>> <mailto:openssl-project-boun...@openssl.org>> *On Behalf Of *Dmitry
>>>>>> Belyavsky
>>>>>> *Sent:* Thursday, March 26, 2020 3:48 PM
>>>>>> *To:* Matt Caswell <m...@openssl.org <mailto:m...@openssl.org>>
>>>>>> *Cc:* openssl-project@openssl.org <mailto:openssl-project@openssl.org
>>>
>>>>>> *Subject:* Re: 1.1.1f
>>>>>>
>>>>>>
>>>>>> On Thu, Mar 26, 2020 at 5:14 PM Matt Caswell <m...@openssl.org
>>>>>> <mailto:m...@openssl.org>> wrote:
>>>>>>
>>>>>> The EOF issue (https://github.com/openssl/openssl/issues/11378
>>>>>> <
>>>>
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_openssl_openssl_issues_11378&d=DwMGaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=QBEcQsqoUDdk1Q26CzlzNPPUkKYWIh1LYsiHAwmtRik&m=87AtfQDFl1z9cdRP12QeRUizmgnW6ejbufNT40Gip4Q&s=MAiLjfGJWaKvnBvqnM4fcyvGVfUyj9CDANO_vh4wfco&e=
>>>>> )
>>>>>> has
>>>>>> resulted in us reverting the original EOF change in the 1.1.1
>> branch
>>>>>> (https://github.com/openssl/openssl/pull/11400
>>>>>> <
>>>>
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_openssl_openssl_pull_11400&d=DwMGaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=QBEcQsqoUDdk1Q26CzlzNPPUkKYWIh1LYsiHAwmtRik&m=87AtfQDFl1z9cdRP12QeRUizmgnW6ejbufNT40Gip4Q&s=3hBU2pt84DQlrY1dCnSn9x1ah1gSzH6NEO_bNRH-6DE&e=
>>>>> ).
>>>>>>
>>>>>> Given that this seems to have broken quite a bit of stuff, I
>> propose
>>>>>> that we do a 1.1.1f soon (possibly next Tuesday - 31st March).
>>>>>>
>>>>>> Thoughts?
>>>>>>
>>>>>>
>>>>>> I strongly support this idea.
>>>>>>
>>>>>> --
>>>>>> SY, Dmitry Belyavsky
>>>>>
>>>>
>>>
>>
>
