[RNP] Update to next major RNP release, v0.18.1
Categories
(MailNews Core :: Security: OpenPGP, enhancement)
Tracking
(thunderbird_esr140 wontfix, thunderbird147 wontfix)
People
(Reporter: KaiE, Assigned: KaiE)
References
(Blocks 3 open bugs)
Details
Attachments
(7 files, 1 obsolete file)
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
142.84 KB,
patch
|
Details | Diff | Splinter Review | |
|
48 bytes,
text/x-phabricator-request
|
Details | Review |
Tracking bug for updating Thunderbird to the next major version after 0.17.x - probably that will be v0.18.0 ?
Let's adjust the subject of this bug accordingly, once more information about the version number is known.
|
||
Comment 1•1 year ago
|
||
This is also necessary to build with the latest clang (18+) since it includes the following PR: https://github.com/rnpgp/rnp/pull/2242
|
||
Comment 2•1 year ago
|
||
(In reply to Ihar Hrachyshka from comment #1)
This is also necessary to build with the latest clang (18+) since it includes the following PR: https://github.com/rnpgp/rnp/pull/2242
Could you please specify why it would require the latest clang? It's not what we are aimed for, and actually our CI runs on lower versions.
|
|
||
Comment 3•1 year ago
|
||
The need for newer clang support is because Nixpkgs lately bumped LLVM to 19: https://github.com/NixOS/nixpkgs/pull/357750/files for their unstable branch, which broke thunderbird build for the repo. I understand that upstream may still target an older version, but this bump will be needed for downstream consumers.
|
Assignee | |
Comment 4•8 months ago
|
||
Nickolay, are there plans for the timing of a new major release version of RNP?
|
|
||
Comment 5•8 months ago
|
||
@Kai I was thinking about the late May-June, however if you have a need this could be adjusted, moving unfinished features from https://github.com/rnpgp/rnp/milestone/13 to the next milestone.
Main thing left for implementation is https://github.com/rnpgp/rnp/issues/2157 which should be helpful for Thunderbird as well.
|
|
Assignee | |
Comment 6•8 months ago
|
||
Thanks for the update. It isn't urgent, but an update would be interesting.
|
|
Assignee | |
Comment 7•3 months ago
|
||
RNP v0.18.0 was release in June.
https://github.com/rnpgp/rnp/releases/tag/v0.18.0
Now that we have Botan 3 upgrade available, I'd like to start experimenting with newer RNP locally.
I tried to upgrade locally, but there are several build failures.
|
|
Assignee | |
Comment 8•3 months ago
|
||
Hi Rob, it's great to see you around, thanks for your help with Botan 3 !
If you could help with an uplift for RNP too, that would be very much appreciated!
|
|
Assignee | |
Comment 9•3 months ago
|
||
Our existing RNP vendor script still does a lot of things correctly.
In rnp.py I had to add two entries to the defines dict:
CRYPTO_BACKEND_LOWERCASE="botan",
CRYPTO_BACKEND_VERSION="3.8.1",
New file config.h.in contains statements for FALLTHROUGH_STATEMENT
and that didn't work right.
I had to set that manually to
#define FALLTHROUGH_STATEMENT [[fallthrough]]
to get past some build errors related to that.
Next, I see lots of undefined symbols (probably need to add new source files).
|
||
Comment 10•3 months ago
|
||
If there was a line like:
#define FALLTHROUGH_STATEMENT [[fallthrough]]
that cmake_define_files.py was processing, the output was wrong. These
lines need to be left as they are.
|
||
Updated•3 months ago
|
|
|
||
Comment 11•3 months ago
|
||
The updated cmake_define_files.py processing allows setting json_c_strtoll and
json_c_strtoull correctly.
|
|
||
Comment 12•3 months ago
|
||
Runs RNP API header (rnp.h) through Clang's preprocessor to filter out
the PQC and CRYPTO_REFRESH functions.
HHG: changed python/thirdroc/thirdroc/rnp_symbols.py
|
|
||
Comment 13•3 months ago
|
||
|
|
||
Comment 14•3 months ago
|
||
|
|
||
Comment 15•3 months ago
|
||
(In reply to Kai Engert [:KaiE:] from comment #9)
Our existing RNP vendor script still does a lot of things correctly.
In rnp.py I had to add two entries to the defines dict:
CRYPTO_BACKEND_LOWERCASE="botan",
CRYPTO_BACKEND_VERSION="3.8.1",New file config.h.in contains statements for FALLTHROUGH_STATEMENT
and that didn't work right.I had to set that manually to
#define FALLTHROUGH_STATEMENT [[fallthrough]]
to get past some build errors related to that.Next, I see lots of undefined symbols (probably need to add new source files).
The preprocessor that I hacked up to handle #cmakedefine lines didn't properly handle those FALLTHROUGH_STATEMENT #defines. That's the first patch. I fixed that, which helps with json-c's header file as well.
I didn't enable the new PQC and CRYPTO_REFRESH functionality in RNP 0.18.0. It shouldn't be a problem to add them later.
The RNP_VERSION_STRING_FULL now includes the crypto backend version: 0.18.0.MZLA.145.0a1.botan.3.8.1
|
|
Assignee | |
Comment 16•3 months ago
|
||
Rob, I want to thank you very much, and you were able to do this so quickly!
This is really helping me a lot.
|
|
Assignee | |
Comment 17•3 months ago
|
||
Before we consider landing, I need to check for behavior changes,
see my comment on the whiteboard.
|
|
Assignee | |
Updated•3 months ago
|
|
|
Assignee | |
Comment 18•3 months ago
|
||
It might be useful to experiment with the PQC and crypto-refresh functionality in Thunderbird, for learning purposes, to understand the scope of the implementation.
I'll attach some build changes that allowed me to build RNP v0.18.0 with it. They are an initial hack, and it probably should be done more cleanly in the future.
|
|
Assignee | |
Comment 19•3 months ago
|
||
It is noteworthy that the code uses the word "experimental" for the #defines that enable the PQC and crypto-refresh code.
I assume that means the code is not yet ready for production releases.
Before Thunderbird could consider to use that code, we'd have to wait for an RNP release in which that functionality is enabled by default, and is no longer described as experimental.
|
|
Assignee | |
Comment 20•3 months ago
|
||
|
|
Assignee | |
Comment 21•3 months ago
|
||
(In reply to Kai Engert [:KaiE:] from comment #18)
It might be useful to experiment with the PQC and crypto-refresh functionality in Thunderbird, for learning purposes, to understand the scope of the implementation.
I'd like to clarify this part about PQC/crypto-refresh:
"experiment with local/developer builds, only"
|
||
Comment 22•3 months ago
|
||
(In reply to Kai Engert [:KaiE:] from comment #19)
It is noteworthy that the code uses the word "experimental" for the #defines that enable the PQC and crypto-refresh code.
I assume that means the code is not yet ready for production releases.
Yes, that is exactly why the word "experimental" is used. I further want to add that the PQC and "Crypto Refresh"/RFC9580 code is much more mature in several open pullrequests where the newest PQC draft version is implemented. The code in the main branch is based on an older version of the PQC draft, so you won't have compatibility with other PQC implementations.
|
|
Assignee | |
Comment 23•3 months ago
|
||
This patch illustrates the changes/improvements in RNP's public API in version v0.18.0
|
|
Assignee | |
Comment 24•3 months ago
|
||
Thanks Johannes. Based on your comment 22, it seems it is too early to experiment with the PQC code in v0.18.0
|
|
Assignee | |
Comment 25•3 months ago
|
||
(In reply to Kai Engert [:KaiE:] from comment #17)
Before we consider landing, I need to check for behavior changes,
see my comment on the whiteboard.
The question I would like to answer:
Does v0.18.0 introduce any new behavior (by default) that is specified in LibrePGP, only?
If yes, I would need to find ways to disable it prior to upgrading to v0.18.0
(I'm already aware that RNP supports the LibrePGP OCB mode, that's not new in 18.
Thunderbird already disables the use of that mode.)
If the answer is no, then we can go ahead immediately with upgrading to v0.18.0
(I assume, when building with both RNP_EXPERIMENTAL_CRYPTO_REFRESH and RNP_EXPERIMENTAL_PQC undefined,
no functionality/behavior from RFC 9580 is enabled yet.)
|
|
Assignee | |
Updated•3 months ago
|
|
|
Assignee | |
Comment 26•2 months ago
|
||
I suggest that we upgrade Thunderbird Daily on November 11, at the beginning of the version 147 development cycle, and right after we do, we should ask the community to test and give feedback.
|
|
Assignee | |
Comment 27•2 months ago
|
||
There is a bug in v0.18.0 that we shouldn't ship.
We will wait until after the v0.18.1 release.
|
|
Assignee | |
Updated•2 months ago
|
|
|
Assignee | |
Comment 28•2 months ago
|
||
When the v0.18.1 is ready, I will be posting incremental patches on top of the existing ones, so we don't have to redo those.
|
|
Assignee | |
Comment 29•1 month ago
|
||
(In reply to Kai Engert [:KaiE:] from comment #26)
I suggest that we upgrade Thunderbird Daily on November 11, at the beginning of the version 147 development cycle, and right after we do, we should ask the community to test and give feedback.
The v0.18.1 release is available.
Let's upgrade on December 9 or 10, at the beginning of the version 148 cycle.
|
|
Assignee | |
Comment 30•1 month ago
|
||
|
||
Updated•1 month ago
|
|
|
Assignee | |
Comment 31•1 month ago
|
||
The patch to update to 0.18.1 was created by executing
../../../mach vendor -r v0.18.1 ./moz.yaml
I saw an error message regarding rnp_export.h
I don't know what's wrong. I ignored it, because at this time there are no changed exports.
Then I created a diff between the release archives of 0.18.0 and 0.18.1 and compared that with the results of our upgrade script.
I confirmed both approaches produce the same code changes.
|
|
Assignee | |
Updated•1 month ago
|
|
|
||
Comment 32•1 month ago
|
||
@Kai JFYI: I updated Botan version to 3.10.0 just because there were obsolete 2.x in the file. Any 3.x should be suitable (or 2.x if you need it), and at least 3.9.0 was run through CI on OpenSuse Tumbleweed.
|
|
Assignee | |
Comment 33•1 month ago
|
||
Thanks Nickolay for the explanation.
We are already on version 3.8.1 in the latest TB releases.
We'll do bug 2001993 with a low priority.
|
|
Assignee | |
Comment 34•1 month ago
|
||
FYI, I'm running this page here which is automatically updated and which shows the RNP and Botan versions we have on the TB branches:
https://kuix.de/mozilla/versions/
|
|
||
Updated•1 month ago
|
|
|
Assignee | |
Comment 35•1 month ago
|
||
Let's consider to commit today.
A final try run:
https://treeherder.mozilla.org/jobs?repo=try-comm-central&revision=87f31bdf0bc4ac7fa22acf930699a7c4951931e0
|
||
Comment 36•1 month ago
|
||
Pushed by kaie@kuix.de:
https://hg.mozilla.org/comm-central/rev/31361358d6be
Update cmake_define_files.py to properly handle #define lines. r=dandarnell
https://hg.mozilla.org/comm-central/rev/4cf6a88bd4cd
json-c build config updates for RNP 0.18.0. r=dandarnell
https://hg.mozilla.org/comm-central/rev/c9ffb1a3b7b3
Exclude PQC and CRYPTO_REFRESH functions in librnp's symbols file. r=dandarnell
https://hg.mozilla.org/comm-central/rev/7558b2162b7f
Update to RNP 0.18.0. r=dandarnell,kaie
https://hg.mozilla.org/comm-central/rev/43ec02dcbfb4
Build changes for RNP v0.18.0. r=dandarnell,kaie
https://hg.mozilla.org/comm-central/rev/022d025ff73b
Incremental update to RNP 0.18.1. r=dandarnell
|
|
Assignee | |
Updated•1 month ago
|
|
||
Updated•1 month ago
|
Description
•