Re: Status of OpenSSL 1.1 support - Thoughts

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Wed, 18 Oct 2017, Blumenthal, Uri - 0553 - MITLL wrote:

> OpenSSL developers believed that there was a need for a significant
> change. A part of that change was a conscious choice to break (some
> of) the existing API. They considered that pain unavoidable. So far I
> happen to agree with their rationale and approach. Move from visible
> internal structures to accessor functions is a good thing, regardless
> of what you may think of it. And the new API *is* better, again like
> it or not.
>
> I understand the frustration with lack of a “migration library”,
> but how to you see a “shim” that allows code that relies on being
> able to directly access members of structures, run unmodified (just
> recompiled)?

You've got this exactly backwards. We don't want a shim that allows
OpenSSL-1.1 to present a OpenSSL-1.0 API. We want a shim that allows
us to use the OpenSSL-1.1 API when using OpenSSL-1.0, so we don't have
to maintain a forest of #ifdefs.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux