Opened 9 months ago

Closed 3 weeks ago

#5382 closed defect (fixed)

Botan 2.3.0 compatibility

Reported by: fdupont Owned by: fdupont
Priority: medium Milestone: Kea1.4-final
Component: crypto Version: git
Keywords: Cc:
CVSS Scoring: Parent Tickets:
Sensitive: no Defect Severity: N/A
Sub-Project: DHCP Feature Depending on Ticket:
Estimated Difficulty: 0 Add Hours to Ticket: 0
Total Hours: 0 Internal?: no

Description

My fault: I had the strange idea to upgrade brew in the middle of the night. Botan was upgraded to 2.3.0 and Kea no longer builds without warnings...

Subtickets

Change History (12)

comment:1 Changed 9 months ago by fdupont

BTW we should drop Botan 1.x compatibility as:

  • 1.x versions are only maintained for security bug fixes
  • 1.x does not work well with C++11

comment:2 Changed 9 months ago by fdupont

tentative code ready

comment:3 Changed 8 months ago by marcin

  • Milestone changed from Kea-proposed to Kea1.4

Per Kea call on October 12th, moving this to 1.4.

comment:4 Changed 6 months ago by fdupont

The only question is whether we should drop Botan 1.x compatibilty (Botan 1.x is End-of-Support at 20180101 so before any 1.4 pre-release). BTW the same question applies to OpenSSL 0.9.8 (versions up to 1.0.1 are EOS). Note they are about crypto so there is a strong argument against leaving people using clearly obsolete versions.

comment:5 Changed 5 months ago by fdupont

  • Owner set to fdupont
  • Status changed from new to accepted

comment:6 Changed 5 months ago by fdupont

I have a trac5382 branch which drops the support of < 2.x Botan versions:

+ these old versions are no longer supported (cf https://botan.randombit.net)
+ they are C++98 (vs C++11 for 2.x)
+ if Botan 2.x is not available the OpenSSL crypto backend can be used

  • many systems still provide an old version of Botan

I'll put this under review if we can't get enough time to discuss of it at next conf call.

comment:7 Changed 3 months ago by tomek

  • Component changed from Unclassified to crypto
  • Milestone changed from Kea1.4 to Kea1.4-final

We must NOT drop support for older botan versions if those versions are present in major distros. We made this mistake with boost and now users are complaining it's difficult to compile Kea on CentOS.

As discussed today, moving to 1.4-final

comment:8 Changed 4 weeks ago by fdupont

Revamp the code to provide separate Botan1 and Botan support (with of course Botan meaning Botan 2).

comment:9 Changed 3 weeks ago by fdupont

  • Owner changed from fdupont to UnAssigned
  • Status changed from accepted to reviewing

Rebased on last master into trac5382a, split Botan support into Botan1 and Botan (aka Botan2). Updated doc...
Check on macOS (OpenSSL and Botan2), Ubuntu and CentOS 7 (both Botan 1.10).
Ready for review.

comment:10 Changed 3 weeks ago by tmark

  • Owner changed from UnAssigned to tmark

I'll review it as I did the same inadvertent upgrade on my MAC so I have both Botan versions installed.

comment:11 Changed 3 weeks ago by tmark

  • Owner changed from tmark to fdupont

I reviewed trac5382a. Changes seem fine. It builds and passes unit tests on MacOS (Sierra) under both Botan 1.10.6 and Botan 2.6.0 without doing anything special with configure switches.

You are good to merge.

Last edited 3 weeks ago by tmark (previous) (diff)

comment:12 Changed 3 weeks ago by fdupont

  • Resolution set to fixed
  • Status changed from reviewing to closed

Merged, closing.

Note: See TracTickets for help on using tickets.