Re: Status of OpenSSL 1.1 support - Thoughts

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Thu, 19 Oct 2017, Gert Doering wrote:

> Hi,
> 
> On Thu, Oct 19, 2017 at 09:43:41AM +1100, Damien Miller wrote:
> > You've got this exactly backwards. We don't want a shim that allows
> > OpenSSL-1.1 to present a OpenSSL-1.0 API. We want a shim that allows
> > us to use the OpenSSL-1.1 API when using OpenSSL-1.0, so we don't have
> > to maintain a forest of #ifdefs.
> 
> For obvious reasons this shim cannot exist.  If the structure member is
> not visible anymore (and might not actually look the way you think it
> does), you cannot provide structure definitons that magically give you
> access to the members again.

You might want to read what I wrote again, because you've got it
backwards too:

"We want a shim that allows us to use the ***OpenSSL-1.1 API*** when
using OpenSSL-1.0"

The OpenSSL 1.1 API is the one with the opaque structures, so there's
no intrinsic problem implementing it for the 1.0 library, which doesn't.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux