X-Original-To: alpine-devel@lists.alpinelinux.org
Received: from mail-io0-f179.google.com (mail-io0-f179.google.com [209.85.223.179])
	by lists.alpinelinux.org (Postfix) with ESMTP id 75E205C0543
	for <alpine-devel@lists.alpinelinux.org>; Sat, 10 Feb 2018 11:32:30 +0000 (GMT)
Received: by mail-io0-f179.google.com with SMTP id 72so12559325iom.10
        for <alpine-devel@lists.alpinelinux.org>; Sat, 10 Feb 2018 03:32:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=Pf6VgU+z2W6MCxrCDCUab6zm9iwHXKNy58RGDlN8LJg=;
        b=ECbkd6oVNiVb8MC764EGS1Qm1rDb/TmlCVz5TJtxpRQEfV/UwgdN6RGjYwgD5HNPwd
         VT3JnXRMP+/QMuS6MwB9PmFquZDp5aBt0Y50EpYHwIzl+9QHiVF6FTQJyixnNhaJ7UMQ
         31mBIzGk00qgbgt9MAEPg/R/D1QLs0/l2G3MHpZefRnbjFtYw1IDtTLaS/icOAd9Pw8o
         8MjzYhp/+VQ8n9U+j2ga3tLVRc5EfiSOXODatsXM3BiltGs/yt4+ksdD5RSrlN3LedQY
         DOVzkpsi3iolfcCeKf6WREYaZWxQ8rnVCJcKna/kIKuPNGjvWTgOq9l7KrwZGuRbc+0b
         E3+w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=Pf6VgU+z2W6MCxrCDCUab6zm9iwHXKNy58RGDlN8LJg=;
        b=tlmkwjfqaU6QnnsN87e+ql1+CSrobUSbx+LR3uqvBLVJNXBQfniT8327lCL2m7eAW8
         jUjpwoIu0AmW21/oNCpSpujpni4SzRE2t6IUfnzi2tO15TSzPlg83I5ukzqarQ/Bn3QA
         KdhjEX0CnkOyWpM/nb0v67+GURssObF4dFzTWQJs5+E4uLnSz6eVxQENt2rzooefWTQX
         g+gk1ANrlbPCYpTfnvwL6Y3QUTV7zhTN1qKRp6iCzonLELRbjYRgljg7DV/+SWoKpqit
         drM9xFF4vfD0Ml7pZWbMnR8DIIYp/WpAIlDiEIeEsPEOGYonyOodHjdzF/pzl7tCl3vp
         iWyg==
X-Gm-Message-State: APf1xPDbHwowNX4+e/Dos4f71nDz7ZXt1XI1MWWC/yBVZtOTB9z/Q4yn
	EFP9h/gcQ3hUPGqqSmEEdVlf9C1heuH2watDnv8=
X-Google-Smtp-Source: AH8x224ezRN2wpEMNj0Lr+/fabntqkhyTB/fcrlyntT6RAxksaHGmEMVEa1Sclq32Wcab0iuTs9dL4q4/QsGltgNPo8=
X-Received: by 10.107.78.17 with SMTP id c17mr6635792iob.18.1518262349678;
 Sat, 10 Feb 2018 03:32:29 -0800 (PST)
X-Mailinglist: alpine-devel
Precedence: list
List-Id: Alpine Development <alpine-devel.lists.alpinelinux.org>
List-Unsubscribe: 
	<mailto:alpine-devel+unsubscribe@lists.alpinelinux.org?subject=unsubscribe>
List-Post: <mailto:alpine-devel@lists.alpinelinux.org>
List-Help: <mailto:alpine-devel+help@lists.alpinelinux.org?subject=help>
List-Subscribe: 
	<mailto:alpine-devel+subscribe@lists.alpinelinux.org?subject=subscribe>
MIME-Version: 1.0
Received: by 10.79.160.197 with HTTP; Sat, 10 Feb 2018 03:32:29 -0800 (PST)
In-Reply-To: <20180210111715.144a571e@mechanicum.chadwicks.me.uk>
References: <CA+T2pCGFeh30aEi43hAvJ3yoHBijABy_U62wfjhVmf3FmbNUUg@mail.gmail.com>
 <20180209211237.19ab8fda@ncopa-macbook.copa.dup.pw> <CA+T2pCGVM0jRKnh_2e=bi525uWdVpvUAK1U3Am0MipTYCCJmvQ@mail.gmail.com>
 <eaccb1de-0bfa-769f-34c6-f26a90bbb804@adelielinux.org> <20180210111715.144a571e@mechanicum.chadwicks.me.uk>
From: Alba Pompeo <albapompeo@gmail.com>
Date: Sat, 10 Feb 2018 09:32:29 -0200
Message-ID: <CAJDAfTDGS8yfe4+0FMHCA9_wLpfVcmwWUbQ=w=ffYaQUnBhYYA@mail.gmail.com>
Subject: Re: [alpine-devel] Proposed change: openssl 1.1 as default system
 openssl implementation
To: Kevin Chadwick <m8il1ists@gmail.com>
Cc: alpine-dev <alpine-devel@lists.alpinelinux.org>
Content-Type: text/plain; charset="UTF-8"

>switching from 64-bit TAIN date calculations to time_t
Is there a specific upstream commit that did that?
Couldn't in theory Alpine just revert the commit and keep it as local patch?
Just throwing the idea out there...

On Sat, Feb 10, 2018 at 9:17 AM, Kevin Chadwick <m8il1ists@gmail.com> wrote:
> This is my last cross post as I am in danger or have already abused
> your list likely atleast in some peoples eyes.
>
> It seems like a strong argument to make upstreams reconsider to me. I
> know security is an intangible asset and they likely won't care.
> Though I think that lesson is becoming more widely understood, so maybe.
>
>
> Theo posted this
> ________________________________________________________________________
>
>> It isn't just this.  Qt 5.10 introduces new dependency on OpenSSL 1.1
>> APIs for improved security, and LibreSSL does not implement those APIs
>> at all.
>
> The 1.1 API does not improve security.
>
> If anything, the new API requires to you repeat the same or similar
> arguments to many functions, and in many ways the API is much more
> fragile.  Also, more memory allocation and free is required, and as a
> result quite a few software upgrades to 1.1 API have had memory leaks,
> as well as use-after-free and double-free bugs.
>
> A very large patch for converting openssh to 1.1 was provided by folk
> who very much know the API, and it had several stupid and quite
> dangerous mistakes of that sort.
>
> Don't believe all the promises you hear.
>
>
> ---
> Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
> Help:         alpine-devel+help@lists.alpinelinux.org
> ---
>


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---