OpenSSL 1.0.0 (was: Re: [VOTE] httpd 2.2.12 tarballs)

[Guenter Knauf <fu...@apache.org>]

> Guenter Knauf schrieb:
>> Hi,
>> Sander Temme schrieb:
>>> On Jul 21, 2009, at 11:59 AM, Peter Sylvester wrote:
>>>
>>>> Are there any plans to make mod_ssl compilable against
>>>> openssl-1.0.0betaX,
>>>> as far as I see, just some STACK things and casts need to be cleaned.
>>> Trunk became aware of OpenSSL trunk a while ago... but I don't recall
>>> putting that up for backport.  I'll do so when I have come cycles.
>> I've yesterday compiled both HEAD and 2.2.x branch with OpenSSL 1.0.0
>> beta 3, and that went fine - although I have a very picky compiler for
>> NetWare which normally breaks for every type mismatch ...
> whoops - I mixed up the include paths; Peter is right - seems that we
> need to backport these:
> http://svn.apache.org/viewvc?view=rev&revision=748396
> http://svn.apache.org/viewvc?view=rev&revision=749466
based on the above HEAD patches here's a 2.2.x branch patch:
http://people.apache.org/~fuankg/diffs/openssl-1.x-2.2.x.diff
please check and test if I catched all - I've tested on NetWare with
OpenSSL 0.9.7m, 0.9.8k and 1.0.0 beta3, and that went fine.
If nobody objects I'll propose this for backport.

Gün.

Re: OpenSSL 1.0.0

[Guenter Knauf <fu...@apache.org>]

Hi Bill,
William A. Rowe, Jr. schrieb:
> Since 2.2.12 just shipped, I'd say apply it.  It will be easier for
> everyone to validate from svn, no?
sure; you're the director - I hear ya! :)

> So +1 for committing and I'll commit to helping review-after-commit.
done:
http://svn.apache.org/viewvc?rev=798359&view=rev
will tomorrow look at testing it on Linux to see probably remaining
warnings (hopefully not).

thanks, Gün.

Re: OpenSSL 1.0.0

[Nick Kew <ni...@webthing.com>]

On 28 Jul 2009, at 22:15, William A. Rowe, Jr. wrote:

> Totally in support of STATUS for backports; this code differs  
> enough that
> it's no longer a backport.  The toolkit wrappers alone were  
> significantly
> re-factored between these branches.

There are other proposals that are not backports.  STATUS is about
review, regardless of whether a proposal is a simple backport or
bears little or no relationship with /trunk/.

I'm not objecting to the patch, I'm objecting to bypassing the
*process* that flags it up for my attention!  Now it's in STATUS,
if it reaches +3 and gets backported, that''s just fine, whether
or not I've reviewed it myself by then.

-- 
Nick Kew

Re: OpenSSL 1.0.0

["William A. Rowe, Jr." <wr...@rowe-clan.net>]

Jim Jagielski wrote:
> 
> What's wrong with a pointer to the patch in STATUS and a vote there?

Nothing.  I found it overkill for what is being accomplished here, and just
suggested the best way to get me to spend my cycles reviewing the effort.

Since now three people object to this, I'm sure Guenter will find three
reviewers anxiously awaiting his revert, his patch filed in STATUS, and
will provide three +1's (or usual commentary/improvements) in just days :)

Totally in support of STATUS for backports; this code differs enough that
it's no longer a backport.  The toolkit wrappers alone were significantly
re-factored between these branches.

Re: OpenSSL 1.0.0

[Jim Jagielski <ji...@jaguNET.com>]

On Jul 28, 2009, at 4:32 PM, William A. Rowe, Jr. wrote:

> Jim Jagielski wrote:
>>
>> On Jul 27, 2009, at 7:33 PM, William A. Rowe, Jr. wrote:
>>
>>> Guenter Knauf wrote:
>>>>> Guenter Knauf schrieb:
>>>>>> Hi,
>>>>>> Sander Temme schrieb:
>>>>>>> On Jul 21, 2009, at 11:59 AM, Peter Sylvester wrote:
>>>>>>>
>>>>>>>> Are there any plans to make mod_ssl compilable against
>>>>>>>> openssl-1.0.0betaX,
>>>>>>>> as far as I see, just some STACK things and casts need to be
>>>>>>>> cleaned.
>>>>>>> Trunk became aware of OpenSSL trunk a while ago... but I don't  
>>>>>>> recall
>>>>>>> putting that up for backport.  I'll do so when I have come  
>>>>>>> cycles.
>>>>>> I've yesterday compiled both HEAD and 2.2.x branch with OpenSSL  
>>>>>> 1.0.0
>>>>>> beta 3, and that went fine - although I have a very picky  
>>>>>> compiler for
>>>>>> NetWare which normally breaks for every type mismatch ...
>>>>> whoops - I mixed up the include paths; Peter is right - seems  
>>>>> that we
>>>>> need to backport these:
>>>>> http://svn.apache.org/viewvc?view=rev&revision=748396
>>>>> http://svn.apache.org/viewvc?view=rev&revision=749466
>>>> based on the above HEAD patches here's a 2.2.x branch patch:
>>>> http://people.apache.org/~fuankg/diffs/openssl-1.x-2.2.x.diff
>>>> please check and test if I catched all - I've tested on NetWare  
>>>> with
>>>> OpenSSL 0.9.7m, 0.9.8k and 1.0.0 beta3, and that went fine.
>>>> If nobody objects I'll propose this for backport.
>>>
>>> Since 2.2.12 just shipped, I'd say apply it.  It will be easier for
>>> everyone to validate from svn, no?
>>>
>>> So +1 for committing and I'll commit to helping review-after-commit.
>>
>> Huh? For 2.2??
>
> Yes.  This patchwork is straightforward, it simply needs dedicated  
> eyes
> to review and confirm on all platforms.
>
> But my vote alone wouldn't do it, and _that_ was the misunderstanding.
> Sorry to Guenter and others for the confusion.
>
> Seeing as there are two votes against applying before the STATUS  
> juggling
> act, you would need five votes now, including Guenter's and mine, to
> actually move forward from 2.2. branch in this manner.
>

What's wrong with a pointer to the patch in STATUS and a vote there?

Re: OpenSSL 1.0.0

["William A. Rowe, Jr." <wr...@rowe-clan.net>]

Jim Jagielski wrote:
> 
> On Jul 27, 2009, at 7:33 PM, William A. Rowe, Jr. wrote:
> 
>> Guenter Knauf wrote:
>>>> Guenter Knauf schrieb:
>>>>> Hi,
>>>>> Sander Temme schrieb:
>>>>>> On Jul 21, 2009, at 11:59 AM, Peter Sylvester wrote:
>>>>>>
>>>>>>> Are there any plans to make mod_ssl compilable against
>>>>>>> openssl-1.0.0betaX,
>>>>>>> as far as I see, just some STACK things and casts need to be
>>>>>>> cleaned.
>>>>>> Trunk became aware of OpenSSL trunk a while ago... but I don't recall
>>>>>> putting that up for backport.  I'll do so when I have come cycles.
>>>>> I've yesterday compiled both HEAD and 2.2.x branch with OpenSSL 1.0.0
>>>>> beta 3, and that went fine - although I have a very picky compiler for
>>>>> NetWare which normally breaks for every type mismatch ...
>>>> whoops - I mixed up the include paths; Peter is right - seems that we
>>>> need to backport these:
>>>> http://svn.apache.org/viewvc?view=rev&revision=748396
>>>> http://svn.apache.org/viewvc?view=rev&revision=749466
>>> based on the above HEAD patches here's a 2.2.x branch patch:
>>> http://people.apache.org/~fuankg/diffs/openssl-1.x-2.2.x.diff
>>> please check and test if I catched all - I've tested on NetWare with
>>> OpenSSL 0.9.7m, 0.9.8k and 1.0.0 beta3, and that went fine.
>>> If nobody objects I'll propose this for backport.
>>
>> Since 2.2.12 just shipped, I'd say apply it.  It will be easier for
>> everyone to validate from svn, no?
>>
>> So +1 for committing and I'll commit to helping review-after-commit.
> 
> Huh? For 2.2??

Yes.  This patchwork is straightforward, it simply needs dedicated eyes
to review and confirm on all platforms.

But my vote alone wouldn't do it, and _that_ was the misunderstanding.
Sorry to Guenter and others for the confusion.

Seeing as there are two votes against applying before the STATUS juggling
act, you would need five votes now, including Guenter's and mine, to
actually move forward from 2.2. branch in this manner.

Re: OpenSSL 1.0.0

[Jim Jagielski <ji...@jaguNET.com>]

On Jul 27, 2009, at 7:33 PM, William A. Rowe, Jr. wrote:

> Guenter Knauf wrote:
>>> Guenter Knauf schrieb:
>>>> Hi,
>>>> Sander Temme schrieb:
>>>>> On Jul 21, 2009, at 11:59 AM, Peter Sylvester wrote:
>>>>>
>>>>>> Are there any plans to make mod_ssl compilable against
>>>>>> openssl-1.0.0betaX,
>>>>>> as far as I see, just some STACK things and casts need to be  
>>>>>> cleaned.
>>>>> Trunk became aware of OpenSSL trunk a while ago... but I don't  
>>>>> recall
>>>>> putting that up for backport.  I'll do so when I have come cycles.
>>>> I've yesterday compiled both HEAD and 2.2.x branch with OpenSSL  
>>>> 1.0.0
>>>> beta 3, and that went fine - although I have a very picky  
>>>> compiler for
>>>> NetWare which normally breaks for every type mismatch ...
>>> whoops - I mixed up the include paths; Peter is right - seems that  
>>> we
>>> need to backport these:
>>> http://svn.apache.org/viewvc?view=rev&revision=748396
>>> http://svn.apache.org/viewvc?view=rev&revision=749466
>> based on the above HEAD patches here's a 2.2.x branch patch:
>> http://people.apache.org/~fuankg/diffs/openssl-1.x-2.2.x.diff
>> please check and test if I catched all - I've tested on NetWare with
>> OpenSSL 0.9.7m, 0.9.8k and 1.0.0 beta3, and that went fine.
>> If nobody objects I'll propose this for backport.
>
> Since 2.2.12 just shipped, I'd say apply it.  It will be easier for
> everyone to validate from svn, no?
>
> So +1 for committing and I'll commit to helping review-after-commit.

Huh? For 2.2??

Re: OpenSSL 1.0.0

["William A. Rowe, Jr." <wr...@rowe-clan.net>]

Guenter Knauf wrote:
>> Guenter Knauf schrieb:
>>> Hi,
>>> Sander Temme schrieb:
>>>> On Jul 21, 2009, at 11:59 AM, Peter Sylvester wrote:
>>>>
>>>>> Are there any plans to make mod_ssl compilable against
>>>>> openssl-1.0.0betaX,
>>>>> as far as I see, just some STACK things and casts need to be cleaned.
>>>> Trunk became aware of OpenSSL trunk a while ago... but I don't recall
>>>> putting that up for backport.  I'll do so when I have come cycles.
>>> I've yesterday compiled both HEAD and 2.2.x branch with OpenSSL 1.0.0
>>> beta 3, and that went fine - although I have a very picky compiler for
>>> NetWare which normally breaks for every type mismatch ...
>> whoops - I mixed up the include paths; Peter is right - seems that we
>> need to backport these:
>> http://svn.apache.org/viewvc?view=rev&revision=748396
>> http://svn.apache.org/viewvc?view=rev&revision=749466
> based on the above HEAD patches here's a 2.2.x branch patch:
> http://people.apache.org/~fuankg/diffs/openssl-1.x-2.2.x.diff
> please check and test if I catched all - I've tested on NetWare with
> OpenSSL 0.9.7m, 0.9.8k and 1.0.0 beta3, and that went fine.
> If nobody objects I'll propose this for backport.

Since 2.2.12 just shipped, I'd say apply it.  It will be easier for
everyone to validate from svn, no?

So +1 for committing and I'll commit to helping review-after-commit.

Bill