'Re: Inquiry Regarding OpenSSL 3.0 Support for Cyrus Sasl - 2.1.28'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       cyrus-sasl
Subject:    Re: Inquiry Regarding OpenSSL 3.0 Support for Cyrus Sasl - 2.1.28
From:       Ken Murchison <murch () fastmail ! com>
Date:       2023-12-14 16:15:45
Message-ID: 5b4fff45-cdd2-b493-029d-90946db26144 () fastmail ! com
[Download RAW message or body]

The PASSDSS plugin can probably just go away.   IIRC, it was based on a 
draft spec, and I doubt it gets any use in the real world.


On 12/14/23 11:13 AM, Jered Floyd wrote:
> On the passdss plugin, it looks like Fedora/RHEL do not build and ship this plugin, \
> so nobody here has yet patched it for OpenSSL 3.  I imagine it won't be a big \
> change if you familiarize yourself with the API changes. 
> --Jered
> 
> ----- On Dec 11, 2023, at 6:15 AM, Howard Chu hyc@symas.com wrote:
> 
> > madhu.krishna.gundelli via SASL wrote:
> > > Hi Jered,
> > > 
> > > Thank you for your prompt response and the valuable information provided. I \
> > > have thoroughly examined the suggested source repository and the specific \
> > > commit you mentioned:
> > > https://src.fedoraproject.org/rpms/cyrus-sasl/c/84a6dfd794269883983287d5c7c764175a10b76f?branch=rawhide
> > >  
> > > 
> > > Upon closer inspection, I observed that the OpenSSL 3.0 code changes are
> > > primarily concentrated in the following files:
> > > 
> > > 1. plugins/digestmd5.c
> > > 2. configure.ac
> > > 3. cyrus-sasl.spec
> > > 
> > > Additionally, in the course of my investigation, I identified deprecated APIs \
> > > in the following files:
> > > 
> > > 1. ./plugins/srp.c
> > > * HMAC_CTX_free
> > > * HMAC_CTX_new
> > > * HMAC_Init_ex
> > > * HMAC_Update
> > > * HMAC_Final
> > The above was fixed in eb77d5baf156e7609c9add92834864b37d3c7fb4 in git master.
> > 
> > > 2. ./plugins/passdss.c
> > > * DSA_new
> > > * DSA_free
> > > * DH_size
> > > * DH_compute_key
> > > * DSA_do_verify
> > > * HMAC_Init_ex
> > > * HMAC_Update
> > > * HMAC_Final
> > > * DH_new
> > > * DH_generate_key
> > > * DSA_generate_key
> > > * DSA_do_sign
> > Looks like none of the above has been addressed yet. You're welcome to submit a
> > patch to fix it.
> > 
> > > 3. ./plugins/ntlm.c
> > > * HMAC_CTX_new
> > > * HMAC_CTX_reset
> > > * HMAC_Init_ex
> > > * HMAC_Update
> > > * HMAC_Final
> > > * HMAC_CTX_free
> > > * DES_set_odd_parity
> > > * DES_set_key
> > > * DES_ecb_encrypt
> > NTLM is obsolete and should not be used any more. It has already been deleted
> > from git master. Patches to update the code to support OpenSSL 3 will be
> > ignored.
> > > Moreover, during the integration process for the above files, I encountered an
> > > error related to an undefined symbol. This issue arises because these APIs are
> > > deprecated in OpenSSL 3.0.
> > > 
> > > 
> > > 
> > > Given these findings, I would like to seek your guidance on the next steps.
> > > Specifically, do you have any insights or recommendations regarding the
> > > resolution
> > > of the undefined symbol issue?
> > > 
> > > 
> > > I appreciate your continued assistance and look forward to your insights.
> > > 
> > > 
> > > 
> > > Regards,
> > > 
> > > Madhu Krishna
> > > 
> > > 
> > > *Cyrus <https://cyrus.topicbox.com/latest>* / SASL / see discussions
> > > <https://cyrus.topicbox.com/groups/sasl> + participants
> > > <https://cyrus.topicbox.com/groups/sasl/members> + delivery  options
> > > <https://cyrus.topicbox.com/groups/sasl/subscription> Permalink
> > > <https://cyrus.topicbox.com/groups/sasl/Tad69cbe9ba6e179a-M322274f03348540d9597c814>
> > > 
> > 
> > --
> > -- Howard Chu
> > CTO, Symas Corp.           http://www.symas.com
> > Director, Highland Sun     http://highlandsun.com/hyc/
> > Chief Architect, OpenLDAP  http://www.openldap.org/project/
> ------------------------------------------
> Cyrus: SASL
> Permalink: https://cyrus.topicbox.com/groups/sasl/Tad69cbe9ba6e179a-M328be2404b02dd771ea2915b
>  Delivery options: https://cyrus.topicbox.com/groups/sasl/subscription

-- 
Kenneth Murchison
Senior Software Developer
Fastmail US LLC


------------------------------------------
Cyrus: SASL
Permalink: https://cyrus.topicbox.com/groups/sasl/Tad69cbe9ba6e179a-Me9f86edb4fbd91a7ff52cf68
 Delivery options: https://cyrus.topicbox.com/groups/sasl/subscription


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic