Re: Is there a one-page doc to tell which function now changes to which in OpenSSL3?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tomas Mraz wrote in
 <8dc71838a21fb2508928cab720f5e2c10bab1746.camel@xxxxxxxxxxx>:
 |A good starting point is to read the migration guide:
 |
 |https://www.openssl.org/docs/man3.0/man7/migration_guide.html

You .. really have to find that first.  I shamelessly post some
private conversation i had in the past.

  ...
 |Also all of that lacks any good and clear documentation. I literally
 |just had to spent all my time browsing and travelling through its source
 |code, because either there is not enough documentation, or it lacks
 |necessary details, making its presence useless. It became a complete mess.
 ...
 |>I think that is the best one can get.
 |>The more in use the more eyes the better.
 |
 |Actually I disagree very much with that. Exactly OpenSSL is the best
 |example of the fact that "more eyes is better" simply completely does
 |not work. Devastating problems, catastrophic bugs in OpenSSL, ruining
 ...
 |Google just use their own cryptographic implementations. GnuTLS and
 |libgcrypt are far better choices in my opinion. They are not perfect,
 |somewhere they are quite bloated (like most things in GNU), but at least
 |their code does not look like a zoo of mess of completely various people
 |independent patches. GnuTLS/libgcrypt has very good documentation
 |(comparing to basically lack of so of OpenSSL). But I also note that

I personally (i am the |> quote above) find it a pity that the
really nice SSL_CONF_cmd and SSL_CTX_config seem to be second
class citizens, that anyhow do not seem to spread to forks.
Btw, you surely have heard

  Changes by:     tb@xxxxxxxxxxxxxxx      2022/06/28 14:29:27

  Modified files:
          lib/libssl     : ssl.h

  Log message:
  Add #defines and prototypes for security level API

  This marks the start of one of the worst API additions in the history of
  this library. And as everybody knows the bar is high. Very high.

  ok beck jsing sthen

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux