Deprecate SRP #14132
Deprecate SRP #14132
Conversation
The OTC decided that all low level APIs should be deprecated. This extends to SRP, even though at the current time there is no "EVP" interface to it. This could be added in a future release.
The low level SRP implementation has been deprecated with no replacement. Therefore the libssl level APIs need to be similarly deprecated.
Ensure all the man pages correctly reflect the deprecated status of SRP. Fixes openssl#13917
mattcaswell
added
branch: master
|
Note: Since 1.1.1 some work has occurred on the SRP APIs to make them very slightly less bad than they already were which involved the introduction of some new functions. There's also a handful of functions that gained "_ex" versions in order to take a libctx and propq. These are currently necessary for the tests to pass. Removing them would be a non-trivial piece of work as it would require some restructuring of the tests - and they do actually add value for anyone who still wants to use SRP anyway (bearing in mind that this probably will happen because we're not introducing a replacement). For that reason I've chosen not to remove the newly added functions in this PR, even though they are immediately being deprecated. |
|
Fixup pushed addressing CI failure |
|
Ping? All CIs have passed. |
|
Could you please ask the community if this should be done? Start with the TLS working group at the IETF for example. Or use a separate define so that SRP is still available even if someone wants a 'clean' no-deprecated build. |
That would make no sense as the no-deprecated build is not something that is targeted for production. The no-deprecated build is there to check whether you still do not use something that will be removed (at some point) later. The SRP API as is is not provider based and so it has to be removed at some point. There might be a replacement added but not in 3.0. |
Oh really? That should be written down in I understand that 3.0 is really late, but tossing things out because the project couldn't meet its goals seem wrong. |
| @@ -39,6 +39,8 @@ use OpenSSL::stackhash qw(generate_stack_macros); | |||
| extern "C" { | |||
| # endif | |||
|
|
|||
| # ifndef OPENSSL_NO_DEPRECATED_3_0 | |||
There was a problem hiding this comment.
Or actually when we have the disable cascade to OPENSSL_NO_SRP, perhaps we do not actually need this ifndef?
There was a problem hiding this comment.
I think we need it to support "Configure --api=1.1.1 no-deprecated"
Maybe I used a little bit strong and incorrect words. You certainly can use no-deprecated build in production, except you cannot expect the deprecated APIs to be available. On the other hand there is IMO no obligation of the project to support all the existing features of OpenSSL 1.1.1 in no-deprecated build. Marking an API to be deprecated is not making it removed and on the other hand not marking it deprecated basically means it has to be still supported in future 4.0 version which would be really bad. |
|
Well of course if you say no-deprecated you can't expect deprecated API's to be available :) I think it is a big mistake to deprecate SRP when there is no replacement; it sends the signal that it's going away,not that an EVP replacement is coming. And yes, I understand the support impact. That is unfortunate. Maybe get some of the other people doing non-release stuff to work on it? And to be clear, I am no fan of SRP. But deprecating it because the project isn't going to be able to get the EVP work done for 3.0 is not right. |
|
No, the notion that the SRP apis are deprecated means just that the existing deprecated SRP apis are going away in some future release. It does not mean anything else (like that SRP as a RFC or anything is deprecated). And it would be silly if we tried to accommodate for everyone's skewed meaning of deprecation. |
|
Do you have another example of where something is deprecated that
I claim my understanding is not a skewed understanding of how the project deprecates things. |
|
There are certainly some (albeit minor) low-level stuff you can do with for example the RSA/DSA/EC_KEY APIs that won't be possible with the EVP_PKEY anymore. Yes, nothing is on the level of whole API set, but that does not make my point of not automatically inferring general obsolescence of a functionality from the fact that API for that functionality is deprecated wrong. |
On the contrary, it does show that you are wrong. There is no plan for those low-level things to come back. And yet, here the expectation is that the SRP algorithm will come back. I think your understanding of how openssl does deprecation is skewed (to borrow the word). You can't use a term in one way 99% of the time and expect users to follow the change in meaning for that last 1%. |
We are deprecating the low level APIs (not the algorithm) in accordance with a decision by the OTC. This much is in alignment with all of the other low level APIs we have deprecated recently. What is different about this time is that there isn't an EVP layer replacement. I think that can be seen as a bug or deficiency - we should have one, but no such implementation exists. Implementing it is a significant piece of work (not least because it is not clear how SRP would fit into any of the existing EVP operations). Given all of the above OTC was faced with a dilemma, and there were 3 choices:
The OTC view was that we do not want the low level API to persist any longer that we have to. Frankly, IMO, the SRP API is the worst API ever in the history of all APIs that ever existed. It is not fit for purpose. With that in mind deprecating it seems the right thing to do. However, as you well know, we need to get 3.0 out and you yourself have been pushing us hard to make difficult choices. This is one that we made. We don't think that delaying 3.0 while we go off and write an SRP EVP implementation is a good trade off. That said if someone external to the core dev resources were to contribute a high quality SRP EVP implementation in the 3.0 timescale (i.e. before beta1) then I personally see no reason why we wouldn't take it (although that would be an OTC decision). |
|
I think the OTC should have gone with 2, but I'm just a bystander. |
Is that what you meant to say? We did go with 2, i.e. deprecate the APIs now, and defer the SRP EVP implementation until later. Did you mean 3? |
|
Fixup pushed addressing feedback. Please take another look. |
|
Thanks matt. I meant "do nothing" Perhaps you could mitigate things by putting some of the rationale for why SRP is different from all other deprecations (without saying mean things about it) into the CHANGES file: And saying the SRP is the worst OpenSSL API ever... :) |
Er, I'd say there are strong contenders, and I'm not at all sure I view the SRP API as the worst... |
You've clearly never used it :-) |
|
Isn't that more-or-less what I already said in the CHANGES file although not quite in the same words:
|
|
The difference is that I think the project should commit to doing the work . |
I raise you ASN1_item_verify_ctx() 😉 |
t8m
added
approval: done
openssl-machine
removed
the
approval: done
|
This pull request is ready to merge |
openssl-machine
added
the
approval: ready to merge
|
Pushed. I resolved the trivial CHANGES.md conflict while merging. |
The OTC decided that all low level APIs should be deprecated. This extends to SRP, even though at the current time there is no "EVP" interface to it. This could be added in a future release. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #14132)
The low level SRP implementation has been deprecated with no replacement. Therefore the libssl level APIs need to be similarly deprecated. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #14132)
The OTC recently decided to deprecate the SRP APIs. This PR implements that deprecation.
Unfortunately, at this time, SRP is not available via EVP so there is no replacement available.
Fixes #13917