Re: [openssl-project] Milestones and the 1.1.1 release

2018-07-02 Thread Salz, Rich
Thanks for finishing this off.


https://github.com/openssl/openssl/issues?q=is%3Aopen+is%3Aissue+milestone%3A1.1.1

Are 6512 and 6396 the same, and closed because we made things more secure?

Is 6342 a python bug, they'll need to upgrade?

Is 6228 a foolscap issue?

I think we can close 6221 soon.

I will make a PR for 5037.



___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project


Re: [openssl-project] Milestones and the 1.1.1 release

2018-07-02 Thread Matt Caswell


On 27/06/18 16:10, Matt Caswell wrote:
> Well, no one has objected so far. I'm not around tomorrow and Friday to
> action this but, unless anyone shouts between now and then, I'll start
> doing this on Monday.

All issues have been reviewed and their milestones updated accordingly.
I also reviewed all issues that had no milestone assigned. That leaves
us with 18 open issues against the 1.1.1 milestone:

https://github.com/openssl/openssl/issues?q=is%3Aopen+is%3Aissue+milestone%3A1.1.1

IMO, getting these closed (or otherwise moved out of the 1.1.1
milestone) should be our priority focus area in the coming weeks.

Matt


> 
> Matt
> 
> 
> On 26/06/18 21:15, Matt Caswell wrote:
>>
>>
>> On 26/06/18 20:43, Salz, Rich wrote:
>>> That's interesting.  Would we put a bugfix in 1.1.0, not put the fix in 
>>> 1.1.1 until our first "a" release?
>>>
>>> Or are you saying that if it's in 1.1.0, then we don't have to fix it until 
>>> after 1.1.1 comes out?  That seems justifiable to me.
>>
>> The latter.
>>
>> I mean it doesn't *prevent* us from fixing something that's in both
>> 1.1.0 and 1.1.1 - but our focus should be on fixing issues that are
>> newly introduced in 1.1.1.
>>
>> Matt
>>
>>>
>>> ´╗┐On 6/26/18, 3:32 PM, "Matt Caswell"  wrote:
>>>
>>> 
>>> 
>>> On 26/06/18 18:18, Salz, Rich wrote:
>>> > So are you saying look at the 73 open issues at 
>>> https://github.com/openssl/openssl/milestone/9 and re-evaluate them?
>>> 
>>> Exactly. My guess is that a significant proportion of them also apply to
>>> 1.1.0 and therefore should not hold up the 1.1.1 release. At the moment
>>> though it is impossible to tell which are the high priority issues we
>>> should be focussing on.
>>> 
>>> Matt
>>> 
>>> 
>>> > 
>>> > 
>>> > 
>>> > On 6/26/18, 11:56 AM, "Matt Caswell"  wrote:
>>> > 
>>> > I'm thinking that we should maybe re-asses the current milestones 
>>> in github.
>>> > 
>>> > We currently use the following milestones:
>>> > 
>>> > Assessed - Anything against this milestone isn't relevant to the 
>>> 1.1.1
>>> > release (e.g. 1.0.2 specific issue)
>>> > 
>>> > 1.1.1 - This is relevant to the 1.1.1 release but may not be 
>>> specific to
>>> > it (e.g. an issue that affects both 1.1.1 and 1.1.0)
>>> > 
>>> > Post 1.1.1 - Feature request to be looked at once 1.1.1 is 
>>> released
>>> > 
>>> > 
>>> > I think we should re-asses everything currently against the 1.1.1
>>> > milestone so that anything which isn't specific to that release 
>>> gets
>>> > moved to the "Assessed" milestone.
>>> > 
>>> > At the moment its difficult to see the "wood for the trees" 
>>> between
>>> > issues which are newly introduced and those that are long 
>>> standing. In
>>> > terms of getting the 1.1.1 release out the door we should focus 
>>> on the
>>> > former.
>>> > 
>>> > Thoughts?
>>> > 
>>> > Matt
>>> > 
>>> > ___
>>> > openssl-project mailing list
>>> > openssl-project@openssl.org
>>> > https://mta.openssl.org/mailman/listinfo/openssl-project
>>> > 
>>> > 
>>> > ___
>>> > openssl-project mailing list
>>> > openssl-project@openssl.org
>>> > https://mta.openssl.org/mailman/listinfo/openssl-project
>>> > 
>>> ___
>>> openssl-project mailing list
>>> openssl-project@openssl.org
>>> https://mta.openssl.org/mailman/listinfo/openssl-project
>>>
>>> ___
>>> openssl-project mailing list
>>> openssl-project@openssl.org
>>> https://mta.openssl.org/mailman/listinfo/openssl-project
>>>
>> ___
>> openssl-project mailing list
>> openssl-project@openssl.org
>> https://mta.openssl.org/mailman/listinfo/openssl-project
>>
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project

[openssl-project] thread-unsafety in SNI handling with SSL_SESSION

2018-07-02 Thread Benjamin Kaduk
Hi folks,

https://github.com/openssl/openssl/pull/4519 introduced some thread-unsafe
behavior, and we had some discussion on that (closed) PR back in May, which
led to the creation of https://github.com/openssl/openssl/pull/6378 .  The
latter one has languished for a while, partly because I was slow in making
some needed fixups.  But it may be worth revisiting now, if anyone has some
time to spare.

Thanks,

Bne
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project