Freeze
I've frozen the repository for the final OpenSSL 3.0 release on Tuesday. Regards, -- Tomáš Mráz No matter how far down the wrong road you've gone, turn back. Turkish proverb [You'll know whether the road is wrong if you carefully listen to your conscience.]
Re: Freeze?
On Thu, Sep 24, 2020 at 12:33:56PM +1000, Dr Paul Dale wrote: > I’m seeing quite a bit of activity going on which isn’t related to the > 3.0beta1 milestone. > We’re well past the cutoff date announced for new features in the code. > > Should we be limiting the “new” stuff going in? > > I’m fine with bug fixes, they make sense. I’m fine with the list of beta1 > pull requests continuing. > It’s the rest that is more concerning. I think we should stop accepting any new changes that are not clearly related to fixing issues that have been introduced during the development of 3.0. Of course, bugs can always be fixed. We've previously announced the deadline for beta 1 to be the 8th of September. Clearly not everything needed is ready. But at some point we will have to make the beta 1 release. Kurt
Re: Freeze?
As a sponsor of this release, we are concerned about further slippages in the schedule. I understand open source and “scratch your itch” and all that, but the project made a commitment and several companies have contributed money and/or engineering time. Some of those groups are making plans based on discussed schedules and yes, I am sure that those people are not naïve about it. I’d like the project to make a statement saying that, unless it’s a regression or breakage, the only PR’s that will be merged for the near future are those directly related to the agreed-upon FIPS work.
Re: Freeze?
On Sat, Sep 26, 2020 at 2:17 AM Benjamin Kaduk wrote: > On Thu, Sep 24, 2020 at 12:33:56PM +1000, Dr Paul Dale wrote: > > I’m seeing quite a bit of activity going on which isn’t related to the > 3.0beta1 milestone. > > We’re well past the cutoff date announced for new features in the code. > > > > Should we be limiting the “new” stuff going in? > > > > I’m fine with bug fixes, they make sense. I’m fine with the list of > beta1 pull requests continuing. > > It’s the rest that is more concerning. > > > > Does anyone else have a similar view? > > I think we should probably avoid putting in large or potentially > destabilizing changes, but don't see much reason to put a total freeze in > place (even with your listed exceptions). > I agree with Ben. -- SY, Dmitry Belyavsky
Re: Freeze?
I think this best describes the issue: https://www.youtube.com/watch?v=zsKOYQ7z9CE <https://www.youtube.com/watch?v=zsKOYQ7z9CE> > On 26 Sep 2020, at 9:17 am, Benjamin Kaduk wrote: > > On Thu, Sep 24, 2020 at 12:33:56PM +1000, Dr Paul Dale wrote: >> I’m seeing quite a bit of activity going on which isn’t related to the >> 3.0beta1 milestone. >> We’re well past the cutoff date announced for new features in the code. >> >> Should we be limiting the “new” stuff going in? >> >> I’m fine with bug fixes, they make sense. I’m fine with the list of beta1 >> pull requests continuing. >> It’s the rest that is more concerning. >> >> Does anyone else have a similar view? > > I think we should probably avoid putting in large or potentially > destabilizing changes, but don't see much reason to put a total freeze in > place (even with your listed exceptions). > > -Ben
Re: Freeze?
On Thu, Sep 24, 2020 at 12:33:56PM +1000, Dr Paul Dale wrote: > I’m seeing quite a bit of activity going on which isn’t related to the > 3.0beta1 milestone. > We’re well past the cutoff date announced for new features in the code. > > Should we be limiting the “new” stuff going in? > > I’m fine with bug fixes, they make sense. I’m fine with the list of beta1 > pull requests continuing. > It’s the rest that is more concerning. > > Does anyone else have a similar view? I think we should probably avoid putting in large or potentially destabilizing changes, but don't see much reason to put a total freeze in place (even with your listed exceptions). -Ben
Freeze?
I’m seeing quite a bit of activity going on which isn’t related to the 3.0beta1 milestone. We’re well past the cutoff date announced for new features in the code. Should we be limiting the “new” stuff going in? I’m fine with bug fixes, they make sense. I’m fine with the list of beta1 pull requests continuing. It’s the rest that is more concerning. Does anyone else have a similar view? Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia
Re: [openssl-project] Please freeze the repo
In message <22962ad7-6232-dcd7-4ec4-11544360f...@openssl.org> on Sun, 9 Sep 2018 11:34:18 +0100, Matt Caswell said: > Please can someone freeze the repo: > > ssh openssl-...@git.openssl.org freeze openssl matt Done -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
[openssl-project] Please freeze the repo
Please can someone freeze the repo: ssh openssl-...@git.openssl.org freeze openssl matt Thanks Matt ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
Re: [openssl-project] Please freeze the repo
The repository is now unfrozen and the release is complete. Thanks to Tim for all the help. Matt On 20/08/18 18:00, Bernd Edlinger wrote: > Hi Matt, > > The repo should be frozen now. > > Bernd. > > On 08/20/18 18:01, Matt Caswell wrote: >> Please could someone freeze the repo for me for tomorrow's release: >> >> ssh openssl-...@git.openssl.org freeze openssl matt >> >> Thanks >> >> Matt >> ___ >> openssl-project mailing list >> openssl-project@openssl.org >> https://mta.openssl.org/mailman/listinfo/openssl-project >> > ___ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project > ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
[openssl-project] Please freeze the repo
Please could someone freeze the repo for me for tomorrow's release: ssh openssl-...@git.openssl.org freeze openssl matt Thanks Matt ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
Re: [openssl-project] Please freeze the repo
Release is done and the repo is unfrozen. Thanks again to Richard for all the help. Matt On 13/08/18 17:15, Mark J Cox wrote: > done. > > On Mon, Aug 13, 2018 at 5:11 PM, Matt Caswell wrote: >> Please could someone freeze the repo for me? >> >> $ ssh openssl-...@git.openssl.org freeze openssl matt >> >> Thanks >> >> Matt >> ___ >> openssl-project mailing list >> openssl-project@openssl.org >> https://mta.openssl.org/mailman/listinfo/openssl-project > ___ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project > ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
Re: [openssl-project] Please freeze the repo
On 13/08/18 17:49, Andy Polyakov wrote: > It would be appropriate to merge > https://github.com/openssl/openssl/pull/6916 (1.0.2, commit message > would need adjustment for merged from) and This one appears to be not quite as ready as first thought. > https://github.com/openssl/openssl/pull/6596 (1.1.0, was marked "pending > for 2nd" but it's apparently ready). I merged this one. Matt > ___ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project > ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
Re: [openssl-project] Please freeze the repo
It would be appropriate to merge https://github.com/openssl/openssl/pull/6916 (1.0.2, commit message would need adjustment for merged from) and https://github.com/openssl/openssl/pull/6596 (1.1.0, was marked "pending for 2nd" but it's apparently ready). ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
Re: [openssl-project] Please freeze the repo
done. On Mon, Aug 13, 2018 at 5:11 PM, Matt Caswell wrote: > Please could someone freeze the repo for me? > > $ ssh openssl-...@git.openssl.org freeze openssl matt > > Thanks > > Matt > ___ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
[openssl-project] Please freeze the repo
Please could someone freeze the repo for me? $ ssh openssl-...@git.openssl.org freeze openssl matt Thanks Matt ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
Re: [openssl-project] Accept PR 5702 after the feature-freeze?
To increase transparency, you could also add a clause which ensures that every exceptional merge needs to be announced on openssl-project: A pull request that introduces a new feature can be merged regardless of the feature freeze, if it is related to TLS 1.3 and approved by at least 3 OMC members without veto. The intention to merge the pull request has to be announced at least 24 hours in advance on openssl-project. Just an idea. Matthias Am 21.03.2018 um 21:48 schrieb Salz, Rich: > Yes, that is a good idea! > > On 3/21/18, 4:29 PM, "Matt Caswell" <m...@openssl.org> wrote: > > > > On 21/03/18 20:23, Dr. Matthias St. Pierre wrote: > > Not that it's my business, but IMHO it might be sensible to loosen the > > freeze for TLS 1.3 related changes in general, since that hasn't been > > finalized yet. So instead of starting a vote for every pull request in > > question, you could also vote about an exceptional rule like the > following: > > > > A pull request that introduces a new feature can be merged regardless of > > the feature freeze, if it is related to TLS 1.3, and approved by at > > least 3 OMC members (without veto, of course) > > I think that's not a bad idea. See also: > > https://github.com/openssl/openssl/pull/5227 > > Matt > > > > > Matthias > > > > Am 21.03.2018 um 13:54 schrieb Salz, Rich: > >> > >> https://github.com/openssl/openssl/pull/5702 > >> > >> > >> > >> It is after our declared feature-freeze. I think we should allow this > >> PR. From the description: > >> > >> NSS 3.34 and boringssl have support for > "EXPORTER_SECRET" > >> > >> (https://bugzilla.mozilla.org/show_bug.cgi?id=1287711) > >> which is needed > >> > >> for QUIC 1-RTT decryption support in Wireshark. > >> > >> > >> > >> I don’t think there’s much need to discuss this. Other TLS stacks > >> have it, the most important debugging tool really wants it, and it’s > >> useful for debugging a very important protocol. I will start a vote > >> on Monday. > >> > >> > >> > > > > > > ___ > > openssl-project mailing list > > openssl-project@openssl.org > > https://mta.openssl.org/mailman/listinfo/openssl-project > > > ___ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project > > > ___ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
Re: [openssl-project] Accept PR 5702 after the feature-freeze?
Yes, that is a good idea! On 3/21/18, 4:29 PM, "Matt Caswell" <m...@openssl.org> wrote: On 21/03/18 20:23, Dr. Matthias St. Pierre wrote: > Not that it's my business, but IMHO it might be sensible to loosen the > freeze for TLS 1.3 related changes in general, since that hasn't been > finalized yet. So instead of starting a vote for every pull request in > question, you could also vote about an exceptional rule like the following: > > A pull request that introduces a new feature can be merged regardless of > the feature freeze, if it is related to TLS 1.3, and approved by at > least 3 OMC members (without veto, of course) I think that's not a bad idea. See also: https://github.com/openssl/openssl/pull/5227 Matt > > Matthias > > Am 21.03.2018 um 13:54 schrieb Salz, Rich: >> >> https://github.com/openssl/openssl/pull/5702 >> >> >> >> It is after our declared feature-freeze. I think we should allow this >> PR. From the description: >> >> NSS 3.34 and boringssl have support for "EXPORTER_SECRET" >> >> (https://bugzilla.mozilla.org/show_bug.cgi?id=1287711) >> which is needed >> >> for QUIC 1-RTT decryption support in Wireshark. >> >> >> >> I don’t think there’s much need to discuss this. Other TLS stacks >> have it, the most important debugging tool really wants it, and it’s >> useful for debugging a very important protocol. I will start a vote >> on Monday. >> >> >> > > > ___ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project > ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
[openssl-project] Accept PR 5702 after the feature-freeze?
https://github.com/openssl/openssl/pull/5702 It is after our declared feature-freeze. I think we should allow this PR. From the description: NSS 3.34 and boringssl have support for "EXPORTER_SECRET" (https://bugzilla.mozilla.org/show_bug.cgi?id=1287711) which is needed for QUIC 1-RTT decryption support in Wireshark. I don’t think there’s much need to discuss this. Other TLS stacks have it, the most important debugging tool really wants it, and it’s useful for debugging a very important protocol. I will start a vote on Monday. ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
Re: [openssl-project] Anything else to go in before I call the freeze?
OK, I freezed the repository for you. On 03/19/18 19:25, Matt Caswell wrote: > Please can someone freeze the repo for me: > > $ ssh openssl-...@git.openssl.org freeze openssl matt > > I will still take #5677 "Fix no-sm3 (and no-sm2)" after the freeze. Also > if anyone can come up with a fix for the failing master in Travis that > would be good. > > Matt > > > On 19/03/18 16:48, Matt Caswell wrote: >> BTW please review #5673. I'd like a clean run from run-checker for the >> release tomorrow. >> >> Matt >> >> On 19/03/18 16:33, Matt Caswell wrote: >>> Let me know asap... >>> >>> >>> Matt >>> ___ >>> openssl-project mailing list >>> openssl-project@openssl.org >>> https://mta.openssl.org/mailman/listinfo/openssl-project >>> > ___ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project > ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
Re: [openssl-project] Anything else to go in before I call the freeze?
Please can someone freeze the repo for me: $ ssh openssl-...@git.openssl.org freeze openssl matt I will still take #5677 "Fix no-sm3 (and no-sm2)" after the freeze. Also if anyone can come up with a fix for the failing master in Travis that would be good. Matt On 19/03/18 16:48, Matt Caswell wrote: > BTW please review #5673. I'd like a clean run from run-checker for the > release tomorrow. > > Matt > > On 19/03/18 16:33, Matt Caswell wrote: >> Let me know asap... >> >> >> Matt >> ___ >> openssl-project mailing list >> openssl-project@openssl.org >> https://mta.openssl.org/mailman/listinfo/openssl-project >> ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
Re: [openssl-project] Anything else to go in before I call the freeze?
In message <1ab966c8-02d4-cf1f-504a-a54999a7c...@openssl.org> on Mon, 19 Mar 2018 16:33:57 +, Matt Caswellsaid: matt> Let me know asap... #5662 #5663 -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
Re: [openssl-project] Anything else to go in before I call the freeze?
BTW please review #5673. I'd like a clean run from run-checker for the release tomorrow. Matt On 19/03/18 16:33, Matt Caswell wrote: > Let me know asap... > > > Matt > ___ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project > ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
[openssl-project] Anything else to go in before I call the freeze?
Let me know asap... Matt ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
[openssl-project] Code freeze later today
Just a reminder that beta1 is scheduled for release tomorrow so, in preparation for that, I will be freezing the repo later today. Of course this really means feature freeze as well since this will be your last opportunity to push features before the beta release. So if there is anything still outstanding, please get it pushed asap! Matt ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
[openssl-project] Code Freeze!!!
Please could someone freeze the repo for me? The tools don't let me do it for my own benefit: ssh openssl-...@git.openssl.org freeze openssl matt Thanks Matt ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
[openssl-project] Feature freeze for 1.1.1
I have now updated the release strategy page with the agreed plan for the 1.1.1 release: https://www.openssl.org/policies/releasestrat.html I'd like to draw everyone's attention to the key date of 13th March 2018. Which is when we do the feature freeze. In practice we typically freeze the repo 24 hours before a release - so this really means you have until sometime on 12th March to get your features in. From that point on we will create the OpenSSL_1_1_1-stable branch and will only allow bug fixes onto it. I'd also like to point out that our first alpha release will be *next Tuesday*! Matt ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project