Mailing List Archive

[matt@openssl.org: Re: [openssl-users] openssl 1.0.2 and TLS 1.3]
----- Forwarded message from Matt Caswell <matt@openssl.org> -----

Date: Tue, 11 Sep 2018 15:01:38 +0100
From: Matt Caswell <matt@openssl.org>
To: openssl-users@openssl.org
Subject: Re: [openssl-users] openssl 1.0.2 and TLS 1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
Thunderbird/52.9.1



On 11/09/18 14:58, The Doctor wrote:
> On Tue, Sep 11, 2018 at 09:31:23AM +0100, Matt Caswell wrote:
>>
>>
>> On 11/09/18 09:05, Dr. Matthias St. Pierre wrote:
>>>> Von: openssl-users <openssl-users-bounces@openssl.org> Im Auftrag von The Doctor
>>>> Gesendet: Dienstag, 11. September 2018 08:49
>>>> An: openssl-users@openssl.org; openssl-dev@openssl.org
>>>> Betreff: [openssl-users] openssl 1.0.2 and TLS 1.3
>>>>
>>>> Will that combination occur?
>>>
>>> Support for TLS 1.3 is a new feature in OpenSSL 1.1.1 which will be released today.
>>> OpenSSL 1.0.2 is an LTS release which will only receive security updates and no new
>>> features.
>>
>> Strictly speaking 1.0.2 will receive bug fixes and security fixes until
>> the end of this year. From the end of this year until the end of 2019 it
>> will receive security fixes only. In any case it will receive no new
>> features (including TLSv1.3).
>>
>> >From the release of 1.1.1 (today), 1.1.0 will receive security fixes
>> only for one year.
>>
>> Matt
>>
>>
>
> Got you.
>
> So Openssh, NTPd, MOd_pagespeed have to adopt OPEnssl 1.1X API
> in order to use TLS 1.3 .

Yes. I would encourage *all* applications still on the 1.0.x API to move
to 1.1.1 asap. By the end of next year there will be no supported
OpenSSL version that has the old API.


Matt

>
>>
>>>
>>> HTH,
>>> Matthias
>>>
>>> See also
>>> https://wiki.openssl.org/index.php/TLS1.3
>>> https://www.openssl.org/policies/releasestrat.html
>>>
>>>
>>>
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

----- End forwarded message -----

TLS 1.3 is out and please read above!

--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism
NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018!

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [matt@openssl.org: Re: [openssl-users] openssl 1.0.2 and TLS 1.3] [ In reply to ]
One wonders if there exists a succinct definition of what the difference
in the API is. The FAQ section on the openssl.org site doesn't have
one.

They may well find that applications just refuse to change.
--
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [matt@openssl.org: Re: [openssl-users] openssl 1.0.2 and TLS 1.3] [ In reply to ]
On Tue, Sep 11, 2018 at 03:37:12PM +0100, Jeremy Harris via Exim-users wrote:

> One wonders if there exists a succinct definition of what the difference
> in the API is. The FAQ section on the openssl.org site doesn't have
> one.

The CHANGES file describes the changes between 1.0.2 and 1.1.0 The
main change is that many structures became opaque, and one now needs
to use accessors. A handful of functions got renamed. For
Postfix, all that needed to be done to make the code work with both
OpenSSL 1.0.x, and OpenSSL 1.1.x was a few macros in a header file:

/* Backwards compatibility with OpenSSL < 1.1.0 */
#if OPENSSL_VERSION_NUMBER < 0x10100000L
#define OpenSSL_version_num SSLeay
#define OpenSSL_version SSLeay_version
#define OPENSSL_VERSION SSLEAY_VERSION
#define X509_up_ref(x) \
CRYPTO_add(&((x)->references), 1, CRYPTO_LOCK_X509)
#define EVP_PKEY_up_ref(k) \
CRYPTO_add(&((k)->references), 1, CRYPTO_LOCK_EVP_PKEY)
#define X509_STORE_CTX_get0_cert(ctx) ((ctx)->cert)
#define X509_STORE_CTX_get0_untrusted(ctx) ((ctx)->untrusted)
#define X509_STORE_CTX_set0_untrusted X509_STORE_CTX_set_chain
#define X509_STORE_CTX_set0_trusted_stack X509_STORE_CTX_trusted_stack
#define ASN1_STRING_get0_data ASN1_STRING_data
#define X509_getm_notBefore X509_get_notBefore
#define X509_getm_notAfter X509_get_notAfter
#define TLS_method SSLv23_method
#define TLS_client_method SSLv23_client_method
#define TLS_server_method SSLv23_server_method
#endif

which then get used instead of bare structure member access or the
obsolete function names. Exim will likely need fewer of these,
since the "danessl" code is already ported to 1.1.0.

> They may well find that applications just refuse to change.

Debian Stretch ships with 1.1.0, applications are moving along.

--
Viktor.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [matt@openssl.org: Re: [openssl-users] openssl 1.0.2 and TLS 1.3] [ In reply to ]
On 2018-09-11 at 11:05 -0400, Viktor Dukhovni via Exim-users wrote:
> On Tue, Sep 11, 2018 at 03:37:12PM +0100, Jeremy Harris via Exim-users wrote:
> > They may well find that applications just refuse to change.
>
> Debian Stretch ships with 1.1.0, applications are moving along.

My proposal to change the OpenSSL API we use ran into the need to
basically recreate the framework, because of LibreSSL declining to
implement that new API.

It will be interesting to watch to see what LibreSSL does about TLS 1.3
and that is likely to influence the course of action for Exim.

-Phil

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [matt@openssl.org: Re: [openssl-users] openssl 1.0.2 and TLS 1.3] [ In reply to ]
> On Sep 11, 2018, at 5:35 PM, Phil Pennock <pdp@exim.org> wrote:
>
> My proposal to change the OpenSSL API we use ran into the need to
> basically recreate the framework, because of LibreSSL declining to
> implement that new API.

LibreSSL is basically OpenSSL 1.0.2, you don't have to wait for
LibreSSL to implement the new API. Rather, just treat OpenSSL 1.0.2
and LibreSSL interchangeably, and define the accessor macros to
in either case.

> It will be interesting to watch to see what LibreSSL does about TLS 1.3
> and that is likely to influence the course of action for Exim.

I don't think that waiting makes sense, just move on. The port should
be trivial. If you continue to support both OpenSSL and LibreSSL (I
would drop the latter...), then the main downside is that you need
to retain the legacy DANE code, and just drop it if favour of the
DANE support in OpenSSL 1.1.x. Between GnuTLS and OpenSSL you
probably have enough supported TLS versions, and OpenBSD have
their own MTA they're working on...

--
Viktor.


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [matt@openssl.org: Re: [openssl-users] openssl 1.0.2 and TLS 1.3] [ In reply to ]
> On Sep 11, 2018, at 5:35 PM, Phil Pennock <pdp@exim.org> wrote:
>
> My proposal to change the OpenSSL API we use ran into the need to
> basically recreate the framework, because of LibreSSL declining to
> implement that new API.

I just compiled Exim master against OpenSSL 1.1.0 (in /usr/local)
on my FreeBSD 11.1 system, and it built with no issues or warnings:

$ nm build-FreeBSD-amd64/exim | grep SSL_CTX_new
U SSL_CTX_new@@OPENSSL_1_1_0

So it does not look like any porting is needed.

--
Viktor.


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/