[squid-dev] OpenSSL 1.1 regression
Christos Tsantilas
christos at chtsanti.net
Thu May 18 16:23:36 UTC 2017
On 18/05/2017 06:05 μμ, Alex Rousskov wrote:
> On 05/18/2017 05:12 AM, Christos Tsantilas wrote:
>
>> Agrr... Using the openSSL version was the faster/easier way. Touching
>> autoconf may result to 2-3 full squid rebuilds to implement/test similar
>> fixes.
>
> The alternative is to convince others that Squid will not support
> OpenSSL API implementations that lie about their OpenSSL API version.
> Judging by the time wasted on related discussions about API basics, I
> suspect it would be cheaper, in the long term, to use feature tests.
Of course I agree with you. In many cases we used openSSL version just
because it was easier and this is wrong.
However is not easy to always use this method. The OpenSSL-1.1.0 put
many API changes trying to hide structure members from user and replace
with API calls instead. Also has many API changes, I suppose to make API
more consistent.
This is resulted to many changes and it will not be easy to check
availability for each of the investigated functions and API changes.
>
> Alex.
>
More information about the squid-dev
mailing list