From nobody Sat Jan 28 07:34:14 2023 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4P3mVC2rT2z3bCJg for ; Sat, 28 Jan 2023 07:36:51 +0000 (UTC) (envelope-from yasu@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4P3mVC1vFPz4Q1y; Sat, 28 Jan 2023 07:36:51 +0000 (UTC) (envelope-from yasu@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674891411; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Vc4cSVyksjcBbeUL/i+b0noA6MxjdtCeqp/6gexQhg0=; b=czTgJ41sO2a80n19mVWxvZE9qDrucEyoGMrRwybPM0b3ExL8sdLi0PkaLYo5EsjzehKNcp wN2mqK4msimwz5vohnT2i4gngsHjKXn2IC8Lurz6WsrTioqDNZ88UMsldltD9v2wN9Anz/ IKFHc7m9azplXwx9X7vnmp4E6fOumkay7l/6ttQTKCwpV3tXDCzrzfdCUof8rJ7qvtiReS fbEQ5uJ6N2UpDGGhbBO0xc+e8Gge510/nSZTycni6YuKZVtqRvN+HV0nFBo7Yj3qmq2yNB b3sAuU2dLva34pdXjOnF06nTseStgDgi81FZ9ffY9kjvP+qqRF5vFg8WKEJW2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674891411; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Vc4cSVyksjcBbeUL/i+b0noA6MxjdtCeqp/6gexQhg0=; b=tIwteQh2FLSVwME/NuUr3LPS10e5FwIESZ3FQZRMNg9tXsRJHvE95F+ns5dMcOMvauXqOZ g2boYH/ctjykj2XVoy9SuZZAfeBnkYOEOGqB/7oIKRSV8+MFxIMG43FmaXnx+3kSPg70NN Rh7dF/jhQOG/mGRfhdnBrWqqpkDxuMcm3a3CGEUcKhWkUVdfOdVpTnPbJx++Ds8fmz9z4K Cz5fKPeWOrBta9a4FnnnHeKlphrLu8VdhVIkIxMHKWE5MIvwHikvN2oC2EvQ3BWXJdVVZK xKpFEv1dHQWdcRXG7zWdMCuSX2vOgF0x40ZWTbIRKzL6bVgIyaWa1D46B2XI2Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1674891411; a=rsa-sha256; cv=none; b=rPfGnD/Oo4mwTtbQnjme49jFZJ0UUucQpTsS38rvhuFVevgo/5GQtN4Khcfq7T1UHXsf9g 8RMvuRzOiz4gAwWhJkahzREZYc0TXXxHauoIEapP0OR9wh+2he/jG4uLM+pNvviuRzhiXI aO4e+Q/M2QFg8QexjMa5em1Lr34YSPJURxieP8tFQroaLTemGI91yPjE2AGEpGgwCLXgTd JBsbUq3URIjiJFhOGAsK1IqIqSa6omUAjn5Zee5npE/FgYWmgQDVVN9xUo7InsPQBQCWrn 7zJPy+jQUZakQ6+Kvvk2qhOgo88oYh5I7sm9gt7rqyf8s/Nc3V2krpyOBmAfcw== Received: from localhost (unknown [IPv6:240b:11:220:fe00::174:11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) (Authenticated sender: yasu/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4P3mVB3n7yzQMt; Sat, 28 Jan 2023 07:36:50 +0000 (UTC) (envelope-from yasu@FreeBSD.org) Date: Sat, 28 Jan 2023 16:34:14 +0900 (JST) Message-Id: <20230128.163414.1398367828069957995.yasu@FreeBSD.org> To: freebsd-current@freebsd.org Subject: Version of OpenSSL included in upcoming 14.0-RELEASE From: Yasuhiro Kimura X-Mailer: Mew version 6.8 on Emacs 30.0.50 List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@freebsd.org Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-ThisMailContainsUnwantedMimeParts: N Dear developers of base system, Though release process of 13.2-RELEASE has just started, please let me talk about one more next one. According to the initial schedule of 14.0-RELEASE, release process will start on April 25 and 14.0-RELEASE will be released on July 17. https://www.freebsd.org/releases/14.0R/schedule/ So it means release process will start about 3 months later and 14.0-RELEASE will be released about 5.5 months later. And I would like to ask a question. Is it planned (or considered, scheduled, etc.) to upgrade version of OpenSSL included in 14-CURRENT from 1.1.1 to 3.0? According to the "Release Strategy" page of upstream (https://www.openssl.org/policies/releasestrat.html), OpenSSL 1.1.1 will reach its EoL on September 11, 2023 and OpenSSL 3.0 will be supported until September 7, 2026. Since EoL of OpenSSL 1.1.1 is only after 2 months of the release of 14.0-RELEASE, it doesn't seems realistic to include OpenSSL 1.1.1 in 14.0-RELEASE and upgrading to OpenSSL 3.0 is inevitable. Though I'm not familiar with the incompatibility between OpenSSL 1.1.1 and 3.0, I believe it is too optimistic to regard that build of 14-CURRENT succeeds without any error just by updating /usr/src/crypto/openssl from 1.1.1 to 3.0. So it will take for a while (a few weeks?) to finish it. And it also affects build of ports. To be honest, it is rather my main concern as ports committer. I checked Bugzilla and found following PR. Bug 258413 [exp-run] OpenSSL 3.0 upgrade https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258413 Though it intends to check how many ports fails to be built if security/openssl is updated to 3.0 and 'DEFAULT_VERSIONS+= openssl' is set in /etc/make.conf, it is also applicable to after OpenSSL in 14-CURRENT is updated to 3.0. And according to the result of exp-run, it doesn't seem to be easy job to adapt ports tree to OpenSSL 3.0. So it probably will take longer than updating base system. And considering these points, 3 months are not necessarily so long. So I asked a question as above. Please let me know current status about it. Best Regards. --- Yasuhiro Kimura