From cyrus-sasl  Mon Dec 11 11:15:24 2023
From: Howard Chu <hyc () symas ! com>
Date: Mon, 11 Dec 2023 11:15:24 +0000
To: cyrus-sasl
Subject: Re: Inquiry Regarding OpenSSL 3.0 Support for Cyrus Sasl - 2.1.28
Message-Id: <b67250b6-b30f-1a1b-71f7-36e646a39c40 () symas ! com>
X-MARC-Message: https://marc.info/?l=cyrus-sasl&m=170229335530661

madhu.krishna.gundelli via SASL wrote:
> Hi Jered,
>=20
> Thank you for your prompt response and the valuable information provided.=
 I have thoroughly examined the suggested source repository and the specifi=
c commit you
> mentioned:
> https://src.fedoraproject.org/rpms/cyrus-sasl/c/84a6dfd794269883983287d5c=
7c764175a10b76f?branch=3Drawhide
> =C2=A0
>=20
> Upon closer inspection, I observed that the OpenSSL 3.0 code changes are =
primarily concentrated in the following files:
>=20
>  1. plugins/digestmd5.c
>  2. configure.ac
>  3. cyrus-sasl.spec
>=20
> Additionally, in the course of my investigation, I identified deprecated =
APIs in the following files:
>=20
>  1. ./plugins/srp.c
>       * HMAC_CTX_free
>       * HMAC_CTX_new
>       * HMAC_Init_ex
>       * HMAC_Update
>       * HMAC_Final

The above was fixed in eb77d5baf156e7609c9add92834864b37d3c7fb4 in git mast=
er.

>  2. ./plugins/passdss.c
>       * DSA_new
>       * DSA_free
>       * DH_size
>       * DH_compute_key
>       * DSA_do_verify
>       * HMAC_Init_ex
>       * HMAC_Update
>       * HMAC_Final
>       * DH_new
>       * DH_generate_key
>       * DSA_generate_key
>       * DSA_do_sign

Looks like none of the above has been addressed yet. You're welcome to subm=
it a patch to fix it.

>  3. ./plugins/ntlm.c
>       * HMAC_CTX_new
>       * HMAC_CTX_reset
>       * HMAC_Init_ex
>       * HMAC_Update
>       * HMAC_Final
>       * HMAC_CTX_free
>       * DES_set_odd_parity
>       * DES_set_key
>       * DES_ecb_encrypt

NTLM is obsolete and should not be used any more. It has already been delet=
ed from git master. Patches to update the code to support OpenSSL 3 will be=
 ignored.
>=20
> Moreover, during the integration process for the above files, I encounter=
ed an error related to an undefined symbol. This issue arises because these=
 APIs are
> deprecated in OpenSSL 3.0.
>=20
> =C2=A0
>=20
> Given these findings, I would like to seek your guidance on the next step=
s. Specifically, do you have any insights or recommendations regarding the =
resolution
> of the undefined symbol issue?
> =C2=A0
>=20
> I appreciate your continued assistance and look forward to your insights.
>=20
> =C2=A0
>=20
> Regards,
>=20
> Madhu Krishna
>=20
>=20
> *Cyrus <https://cyrus.topicbox.com/latest>* / SASL / see discussions <htt=
ps://cyrus.topicbox.com/groups/sasl> + participants
> <https://cyrus.topicbox.com/groups/sasl/members> + delivery=C2=A0options =
<https://cyrus.topicbox.com/groups/sasl/subscription> Permalink
> <https://cyrus.topicbox.com/groups/sasl/Tad69cbe9ba6e179a-M322274f0334854=
0d9597c814>


--=20
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

------------------------------------------
Cyrus: SASL
Permalink: https://cyrus.topicbox.com/groups/sasl/Tad69cbe9ba6e179a-M257fbe=
bffa6a17c07967d069
Delivery options: https://cyrus.topicbox.com/groups/sasl/subscription