Opened 6 months ago

Last modified 6 days ago

#5382 accepted defect

Botan 2.3.0 compatibility

Reported by: fdupont Owned by: fdupont
Priority: medium Milestone: Kea1.4-final
Component: crypto Version: git
Keywords: Cc:
CVSS Scoring: Parent Tickets:
Sensitive: no Defect Severity: N/A
Sub-Project: DHCP Feature Depending on Ticket:
Estimated Difficulty: 0 Add Hours to Ticket: 0
Total Hours: 0 Internal?: no


My fault: I had the strange idea to upgrade brew in the middle of the night. Botan was upgraded to 2.3.0 and Kea no longer builds without warnings...


Change History (7)

comment:1 Changed 6 months ago by fdupont

BTW we should drop Botan 1.x compatibility as:

  • 1.x versions are only maintained for security bug fixes
  • 1.x does not work well with C++11

comment:2 Changed 6 months ago by fdupont

tentative code ready

comment:3 Changed 5 months ago by marcin

  • Milestone changed from Kea-proposed to Kea1.4

Per Kea call on October 12th, moving this to 1.4.

comment:4 Changed 3 months ago by fdupont

The only question is whether we should drop Botan 1.x compatibilty (Botan 1.x is End-of-Support at 20180101 so before any 1.4 pre-release). BTW the same question applies to OpenSSL 0.9.8 (versions up to 1.0.1 are EOS). Note they are about crypto so there is a strong argument against leaving people using clearly obsolete versions.

comment:5 Changed 2 months ago by fdupont

  • Owner set to fdupont
  • Status changed from new to accepted

comment:6 Changed 2 months ago by fdupont

I have a trac5382 branch which drops the support of < 2.x Botan versions:

+ these old versions are no longer supported (cf
+ they are C++98 (vs C++11 for 2.x)
+ if Botan 2.x is not available the OpenSSL crypto backend can be used

  • many systems still provide an old version of Botan

I'll put this under review if we can't get enough time to discuss of it at next conf call.

comment:7 Changed 6 days ago by tomek

  • Component changed from Unclassified to crypto
  • Milestone changed from Kea1.4 to Kea1.4-final

We must NOT drop support for older botan versions if those versions are present in major distros. We made this mistake with boost and now users are complaining it's difficult to compile Kea on CentOS.

As discussed today, moving to 1.4-final

Note: See TracTickets for help on using tickets.