Status of OpenSSL 1.1 support - Thoughts
Gert Doering
gert at greenie.muc.de
Thu Oct 19 17:50:13 AEDT 2017
Hi,
On Thu, Oct 19, 2017 at 09:43:41AM +1100, Damien Miller wrote:
> You've got this exactly backwards. We don't want a shim that allows
> OpenSSL-1.1 to present a OpenSSL-1.0 API. We want a shim that allows
> us to use the OpenSSL-1.1 API when using OpenSSL-1.0, so we don't have
> to maintain a forest of #ifdefs.
For obvious reasons this shim cannot exist. If the structure member is
not visible anymore (and might not actually look the way you think it
does), you cannot provide structure definitons that magically give you
access to the members again.
Also, you do not need to maintain a forest of #ifdef - as soon as you
switch the code to only use accessor functions, the only #ifdef you
have is "one for the whole shim" or possibly "one per compat accessor
function" - nicely encapsulated away from the code using the accessor.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the openssh-unix-dev
mailing list