Re: Status of OpenSSL 1.1 support - Thoughts

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi,

On Thu, Oct 19, 2017 at 09:43:41AM +1100, Damien Miller wrote:
> You've got this exactly backwards. We don't want a shim that allows
> OpenSSL-1.1 to present a OpenSSL-1.0 API. We want a shim that allows
> us to use the OpenSSL-1.1 API when using OpenSSL-1.0, so we don't have
> to maintain a forest of #ifdefs.

For obvious reasons this shim cannot exist.  If the structure member is
not visible anymore (and might not actually look the way you think it
does), you cannot provide structure definitons that magically give you
access to the members again.

Also, you do not need to maintain a forest of #ifdef - as soon as you
switch the code to only use accessor functions, the only #ifdef you
have is "one for the whole shim" or possibly "one per compat accessor
function" - nicely encapsulated away from the code using the accessor.

gert 

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert@xxxxxxxxxxxxxx
fax: +49-89-35655025                        gert@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux