Wednesday, 13 December 2017

Re: Road to new openssl

On 12 December 2017 at 23:15, Marc Deslauriers
<[email protected]> wrote:
> On 2017-12-12 10:59 AM, Dimitri John Ledkov wrote:
>> openssl has changed api/abi. Currently Ubuntu ships 1.0.2 LTS series
>> openssl. Newer api/abi is available as a non-lts 1.1.0 series. Both
>> 1.0.2 and 1.1.0 series will go end of life upstream over the lifetime
>> of bionic.
>>
>> TLS 1.3 is currently undergoing standardisation
>> (https://github.com/tlswg/tls13-spec) But it seems like it is still
>> being actively iterated on.
>>
>> The next openssl series is expected to be 1.1.1 and it should be
>> binary compatible with 1.1.0 series. And 1.1.1 series are expected to
>> be released with TLS 1.3 support, after it is finalised and published.
>>
>> In Ubuntu, we would want to avoid shipping two openssl series
>> simultaneously. Or at least avoid having two series in main.
>
> When we did the switch from 0.9.8 to 1.0.0, we kept 0.9.8 in universe, and that
> was a big mistake. Third party applications and a whole slew of commonly-used
> software from universe were using a version of ssl that didn't get any security
> fixes. It was such a problem that we had to half-maintain it anyway until we
> were no longer able to.
>

openssh needs libcrypto only, I do wonder if we can bastardise 1.0.2
packaging to provide libcrypto only, despite shipping sources to build
everything.
I have not made assesment on how many things need libcrypto alone
without libssl1.0.

> I do not wish to repeat that experience if possible, especially for an LTS
> version of Ubuntu we'll need to support for 5 years. If we do switch to 1.1, I
> would prefer 1.0.2 get removed from universe.
>

As far as I understand the current openssl master is positioned to be
released as a 1.1.1 series, api/abi non-breaking w.r.t. to the current
stable 1.1.0 series.
At one point master did have abi breaks and marked as 1.2, but that
was reverted / fixed up.
But obviously this can change, as it has not been released.
Based on the upstream timings I think they are free to announce next
LTS release and/or change maintenance windows late 2018 or in 2019.

Apart from TLS 1.3, we are missing hw acceleration work that got added
in 1.1.0+ on multiple server architectures.

> Have you done a test rebuild of universe packages?
>

No, but I can do one locally and sync build logs.

>>
>> I have rebuild openssl 1.1.0 package from debian, with modifications
>> to force provide all -dev packages pointint at 1.1.0 series, to
>> validate how many outstanding packages in main still do not support
>> 1.1.0 series api/abi in bionic in main.
>>
>> The failed build logs for main can be seen here:
>> https://launchpad.net/~xnox/+archive/ubuntu/openssl/+packages?field.name_filter=&field.status_filter=published&field.series_filter=bionic
>>
>> These are:
>> bind9
>> freerdp
>> linux
>> nagios-nrpe
>> net-snmp
>> openhpi
>> openssh
>> pam-p11
>> ppp
>> qtbase-opensource-src
>> ruby2.3
>> wpa
>> wvstreams
>> xchat-gnome
>>
>> Thus there are 14 packages to fix.
>>
>> Of which
>> - ruby2.5 supports the new abi, and it is expected there will be 2.5
>> transition in Debian/Ubuntu soon
>> - Qt 5.10 has new abi support, and there is backport branch/patch that
>> applies to 5.9 series
>> - openssh is being worked on and is complex, I am hoping for this
>> solution to work out
>> https://github.com/openssh/openssh-portable/pull/48
>> - linux is an unidentified failure, maybe a generic FTBFS
>>
>> Meaning 10 packages are in the unknown state of progress. I'm not sure
>> if it is feasible to switch to 1.1.0 openssl without all of the above
>> packages fixed to work with the new API.
>>
>> Feel free to use openssl from the above PPA for test builds only, as
>> it is entirely unsupported PPA and may go away at any point.
>> It is not compatible with neither Ubuntu or Debian nor ever will be,
>> due to overriding of the meta-package to point at 1.1.0 series openssl
>> unconditionally.
>>
>> Timeline:
>>
>> * I hope that TLS WG can standartise TLS 1.3 soon
>>
>> * I hope that OpenSSL team can release 1.1.1 series with TLS 1.3. soon
>> and declare it LTS series
>>
>> * Or at least I hope that OpenSSL team could consider extending 1.1.0
>> series security support timeframe
>
> This is the big issue. If upstream don't declare the 1.1 series to be their next
> LTS series, we'll be shipping an interim release which could possibly be
> different enough to both 1.0.2 and a future 1.2 that would prevent us from being
> able to maintain it properly. Unless we get assurance from upstream that 1.1
> will be the next LTS, I'd much rather we stay on 1.0.2 which will be supported
> for a longer period.
>

Note that 1.1.1 and 1.1.0 are binary compatible, yet are treated as
separate series and can have different support time lines.

>>
>> .... so I wish all that for Christmas or a unicorn. I fear, I may end
>> up with a unicorn.
>>
>
> Can we task the unicorn with backporting openssl fixes? :)
>

But seriously, can we estimate how much contracting such a unicorn
would cost? And if we can justify it?

Also note, I do not know the status of 1.1.0/1.1.1 series FIPS patches
progress which may be a one more spanner in the works.

Regards,

Dimitri.

--
ubuntu-devel mailing list
[email protected]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel