[squid-dev] OpenSSL 1.1 regression
Alex Rousskov
rousskov at measurement-factory.com
Thu May 18 16:48:15 UTC 2017
On 05/18/2017 10:23 AM, Christos Tsantilas wrote:
> On 18/05/2017 06:05 μμ, Alex Rousskov wrote:
>> I suspect it would be cheaper, in the long term, to use feature tests.
> However is not easy to always use this method. The OpenSSL-1.1.0 put
> many API changes trying to hide structure members from user and replace
> with API calls instead. Also has many API changes, I suppose to make API
> more consistent.
>
> This is resulted to many changes and it will not be easy to check
> availability for each of the investigated functions and API changes.
Individual feature tests are not panacea. When dealing with a large
across-the-board change like the one you are describing above, it is
often better to have a single test and a single marker for all affected
functions:
#if OPENSSL_EXPOSES_MEMBERS
...old code here, possibly with other feature #if tests...
#else
...new code here, possibly with other feature #if tests...
#endif
Also, we probably should wrap all OpenSSL calls that are affected by
version variations. It is wrong to sprinkle regular code with numerous
#ifs. Yes, that probably means 20+ wrappers, but it is better than the
alternatives.
Alex.
More information about the squid-dev
mailing list