OpenSSL version 1.1.1f published

2020-03-31 Thread OpenSSL
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL version 1.1.1f released === OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 1.1.1f of our open

Re: 1.1.1f

2020-03-29 Thread Bernd Edlinger
I don't see why we hurry so much for 1.1.1f > > we got into this situation because everything moves so quickly, > why does everyone here think we should move even faster now? > > What is the reason for this? > > Bernd. > >> Tim. >> >> On Fri, 27 Mar 2020,

Re: 1.1.1f

2020-03-27 Thread Matt Caswell
There seems to be broad support for a 1.1.1f release. Unless I hear an OMC objection I will formally announce this tomorrow. Matt On 27/03/2020 00:10, Viktor Dukhovni wrote: > On Thu, Mar 26, 2020 at 11:33:40PM +, Matt Caswell wrote: > >> On 26/03/2020 23:15, Viktor Du

Re: 1.1.1f

2020-03-26 Thread Viktor Dukhovni
On Thu, Mar 26, 2020 at 11:33:40PM +, Matt Caswell wrote: > On 26/03/2020 23:15, Viktor Dukhovni wrote: > > On Thu, Mar 26, 2020 at 09:13:32PM +0100, Bernd Edlinger wrote: > > > >> we got into this situation because everything moves so quickly, > >> why does everyone here think we should

Re: 1.1.1f

2020-03-26 Thread Matt Caswell
On 26/03/2020 23:15, Viktor Dukhovni wrote: > On Thu, Mar 26, 2020 at 09:13:32PM +0100, Bernd Edlinger wrote: > >> we got into this situation because everything moves so quickly, >> why does everyone here think we should move even faster now? >> >> What is the reason for this? > > We've

Re: 1.1.1f

2020-03-26 Thread Matt Caswell
On 26/03/2020 20:13, Bernd Edlinger wrote: > > > On 3/26/20 9:10 PM, Tim Hudson wrote: >> We don't guarantee constant time. >> > > #11411 does, I don't see why we hurry so much for 1.1.1f > > we got into this situation because everything moves so quickl

Re: 1.1.1f

2020-03-26 Thread Viktor Dukhovni
On Thu, Mar 26, 2020 at 09:13:32PM +0100, Bernd Edlinger wrote: > we got into this situation because everything moves so quickly, > why does everyone here think we should move even faster now? > > What is the reason for this? We've published a bug-fix release (1.1.1e) that's liable to cause

Re: 1.1.1f

2020-03-26 Thread Bernd Edlinger
On 3/26/20 9:10 PM, Tim Hudson wrote: > We don't guarantee constant time. > #11411 does, I don't see why we hurry so much for 1.1.1f we got into this situation because everything moves so quickly, why does everyone here think we should move even faster now? What is the

Re: 1.1.1f

2020-03-26 Thread Tim Hudson
Todd wrote: > >>> This type of API-braking change should be reserved for something like > >>> 3.0, not a patch release. > >>> > >>> Despite it being a "incorrect", it is expected behavior. > >>> > >> > >> Right

Re: 1.1.1f

2020-03-26 Thread Bernd Edlinger
t;>> Despite it being a "incorrect", it is expected behavior. >>> >> >> Right - but the question now is not whether we should revert it (it has >> been reverted) - but whether this should trigger a 1.1.1f release soon? >> >> Matt >>

Re: 1.1.1f

2020-03-26 Thread Tim Hudson
revert it (it has > been reverted) - but whether this should trigger a 1.1.1f release soon? > > Matt > > > -- > > -Todd Short > > // tsh...@akamai.com <mailto:tsh...@akamai.com> > > // “One if by land, two if by sea, three if by the Internet." > &g

Re: 1.1.1f

2020-03-26 Thread Matt Caswell
it (it has been reverted) - but whether this should trigger a 1.1.1f release soon? Matt > -- > -Todd Short > // tsh...@akamai.com <mailto:tsh...@akamai.com> > // “One if by land, two if by sea, three if by the Internet." > >> On Mar 26, 2020, at 11:03 AM, Dr. M

Re: 1.1.1f

2020-03-26 Thread Short, Todd
gt; > > From: openssl-project On Behalf Of > Dmitry Belyavsky > Sent: Thursday, March 26, 2020 3:48 PM > To: Matt Caswell > Cc: openssl-project@openssl.org > Subject: Re: 1.1.1f > > > On Thu, Mar 26, 2020 at 5:14 PM Matt Caswell <mailto:m...@opens

Re: 1.1.1f

2020-03-26 Thread Bernd Edlinger
bit of stuff, I propose > that we do a 1.1.1f soon (possibly next Tuesday - 31st March). > > Thoughts? > How about adding #11411 constant time AES no-asm support then? that should be safe, as it is something that is not enabled by default. > Matt >

RE: 1.1.1f

2020-03-26 Thread Dr. Matthias St. Pierre
> Please also consider reverting the change for the 3.0 alpha release as well, > see Daniel Stenbergs comment > https://github.com/openssl/openssl/issues/11378#issuecomment-603730581 Never mind my last comment. I noticed a lot of discussion has been going on in issue #11378 and I was not quite

RE: 1.1.1f

2020-03-26 Thread Dr. Matthias St. Pierre
:48 PM To: Matt Caswell Cc: openssl-project@openssl.org Subject: Re: 1.1.1f On Thu, Mar 26, 2020 at 5:14 PM Matt Caswell mailto:m...@openssl.org>> wrote: The EOF issue (https://github.com/openssl/openssl/issues/11378) has resulted in us reverting the original EOF change in the 1.1.1 branch

Re: 1.1.1f

2020-03-26 Thread Dmitry Belyavsky
ken quite a bit of stuff, I propose > that we do a 1.1.1f soon (possibly next Tuesday - 31st March). > > Thoughts? > I strongly support this idea. -- SY, Dmitry Belyavsky

Re: 1.1.1f

2020-03-26 Thread Tomas Mraz
ve broken quite a bit of stuff, I propose > that we do a 1.1.1f soon (possibly next Tuesday - 31st March). > > Thoughts? I think my opinion is clear from the discussions in GitHub. But for the record: Yes, I agree with it, unless we know of anything major just ahead. -- Tomáš Mráz No matte

Re: 1.1.1f

2020-03-26 Thread Bernd Edlinger
a bit of stuff, I propose > that we do a 1.1.1f soon (possibly next Tuesday - 31st March). > > Thoughts? > slow down? > Matt >

1.1.1f

2020-03-26 Thread Matt Caswell
The EOF issue (https://github.com/openssl/openssl/issues/11378) has resulted in us reverting the original EOF change in the 1.1.1 branch (https://github.com/openssl/openssl/pull/11400). Given that this seems to have broken quite a bit of stuff, I propose that we do a 1.1.1f soon (possibly next