New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for Botan 2.x #5498

Merged
merged 6 commits into from Nov 2, 2017

Conversation

Projects
None yet
5 participants
@rgacogne
Member

rgacogne commented Jul 5, 2017

Short description

Initial testing (rec on https://rootcanary.org/test.html, pdnsutil test-algorithms) indicates that both 2.0.1 and 2.1.0 work fine, but signature is 10 times slower with 2.1.0, apparently due to blinding (callgrind reports a lot of CPU spent in the RNG).

Checklist

I have:

  • read the CONTRIBUTING.md document
  • compiled and tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)
@Habbie

This comment has been minimized.

Show comment
Hide comment
@Habbie

Habbie Jul 6, 2017

Member

rootcanary only tests verification, not signing; pdnsutil test-algorithms only verifies consistency within the same Botan version. Not saying this is an argument against merging but test vectors would be nice to have in the future.

The only real question I have is whether you tested 1.10 with rootcanary and pdnsutil after these changes as well.

Member

Habbie commented Jul 6, 2017

rootcanary only tests verification, not signing; pdnsutil test-algorithms only verifies consistency within the same Botan version. Not saying this is an argument against merging but test vectors would be nice to have in the future.

The only real question I have is whether you tested 1.10 with rootcanary and pdnsutil after these changes as well.

@rgacogne

This comment has been minimized.

Show comment
Hide comment
@rgacogne

rgacogne Jul 6, 2017

Member

You are right! Don't merge it yet, I'll look into adding some test vectors.

Member

rgacogne commented Jul 6, 2017

You are right! Don't merge it yet, I'll look into adding some test vectors.

@Habbie

This comment has been minimized.

Show comment
Hide comment
@Habbie

Habbie Jul 6, 2017

Member

You can steal one half from rootcanary.org :)

Member

Habbie commented Jul 6, 2017

You can steal one half from rootcanary.org :)

@rgacogne

This comment has been minimized.

Show comment
Hide comment
@rgacogne

rgacogne Jul 6, 2017

Member

I did test 1.10 after these changes, but I would feel better with test vectors anyway :-)

Member

rgacogne commented Jul 6, 2017

I did test 1.10 after these changes, but I would feel better with test vectors anyway :-)

@rgacogne rgacogne changed the title from Add support for Botan 2.x to [WIP] Add support for Botan 2.x Jul 6, 2017

@Habbie Habbie referenced this pull request Jul 6, 2017

Closed

Botan 1.11.* Support #2250

@rgacogne

This comment has been minimized.

Show comment
Hide comment
@rgacogne

rgacogne Aug 9, 2017

Member

BTW, the 2.1.0 performance regression has been confirmed: 1

Member

rgacogne commented Aug 9, 2017

BTW, the 2.1.0 performance regression has been confirmed: 1

@aerique aerique added this to the auth-4.1.0 milestone Sep 22, 2017

@aerique aerique removed the auth41MUSTHAVE label Sep 22, 2017

@aerique aerique modified the milestones: auth-4.1.0, rec-4.1.0 Sep 22, 2017

@rgacogne

This comment has been minimized.

Show comment
Hide comment
@rgacogne

rgacogne Sep 26, 2017

Member

This PR should be rebased after #5733 has been merged. Note that since Gost signatures are not deterministic, the test vectors are of no real help for testing the signing part.

Member

rgacogne commented Sep 26, 2017

This PR should be rebased after #5733 has been merged. Note that since Gost signatures are not deterministic, the test vectors are of no real help for testing the signing part.

@aerique aerique modified the milestones: auth-4.1.0, auth-4.2.0 Sep 28, 2017

rgacogne added some commits Jul 4, 2017

Add support for Botan 2.x
Initial testing indicates that both 2.0.1 and 2.1.0 work fine,
but signature is 10 times slower with 2.1.0, apparently due to
blinding (callgrind reports a lot of CPU spent in the `RNG`).

@rgacogne rgacogne changed the title from [WIP] Add support for Botan 2.x to Add support for Botan 2.x Oct 9, 2017

@rgacogne

This comment has been minimized.

Show comment
Hide comment
@rgacogne

rgacogne Oct 9, 2017

Member

Removing the "WIP" part of the title since the tests have been added in #5733.

Member

rgacogne commented Oct 9, 2017

Removing the "WIP" part of the title since the tests have been added in #5733.

@Habbie Habbie referenced this pull request Oct 9, 2017

Closed

drop Botan 1.10 support #5797

@Habbie

This comment has been minimized.

Show comment
Hide comment
@Habbie

Habbie Oct 9, 2017

Member

Given #5797, do you want to rework this PR to drop 1.10, or shall we do that separately?

Member

Habbie commented Oct 9, 2017

Given #5797, do you want to rework this PR to drop 1.10, or shall we do that separately?

mind04 and others added some commits Oct 25, 2017

Merge pull request #4 from mind04/botan
Drop botan 1.x support
@rgacogne

This comment has been minimized.

Show comment
Hide comment
@rgacogne

rgacogne Oct 27, 2017

Member

This PR now also drops Botan 1.10, thanks to @mind04!

Member

rgacogne commented Oct 27, 2017

This PR now also drops Botan 1.10, thanks to @mind04!

@rgacogne rgacogne modified the milestones: auth-4.2.0, auth-4.1.0 Oct 28, 2017

@rgacogne rgacogne referenced this pull request Nov 1, 2017

Merged

Prevent possible downgrade attacks in the recursor #5889

4 of 6 tasks complete

@ahupowerdns ahupowerdns merged commit 5320be0 into PowerDNS:master Nov 2, 2017

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

@rgacogne rgacogne deleted the rgacogne:botan-2 branch Nov 2, 2017

pieterlexis added a commit to pieterlexis/pdns that referenced this pull request Nov 13, 2017

@rgacogne rgacogne added backport to stable? and removed auth labels Nov 21, 2017

rgacogne added a commit to rgacogne/pdns that referenced this pull request Nov 21, 2017

@rgacogne rgacogne referenced this pull request Nov 21, 2017

Merged

Recursor 4.0.7 backports #5952

3 of 7 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment