Re: [reSIProcate] OpenSSL 1.1.0 / non-backwards-compatible API changes
Hello Daniel,
In my opinion is not a big issue if new reSIProcate release (1.10.3? 1.11?)
won't be backward compatible with OpenSSL 1.0.x, because I think that the way
is to use last OpenSSL release (1.1.x) and macros creation could be a huge
amount of work (honestly I don't know). For example, if you want to use WSS
with latest Chrome releases you need to have recent OpenSSL (I'm currently
using 1.0.2i), and in the future such situations could be frequent.
We don't have many options. I was able to build reSIPprocate using LibreSSL 2.5
(a branch of OpenSSL 1.0.1g) quite easily, but I think that the best choice is
still using OpenSSL.
I don't know if I have time in the near future, anyway I could try to have a
look at OpenSSL 1.1. I will keep you informed.
Best regards,
Dario
-----Original Message-----
From: resiprocate-devel [mailto:resiprocate-devel-bounces@xxxxxxxxxxxxxxx] On
Behalf Of Daniel Pocock
Sent: martedì 15 novembre 2016 16.43
To: resiprocate-devel@xxxxxxxxxxxxxxx
Subject: [reSIProcate] OpenSSL 1.1.0 / non-backwards-compatible API changes
OpenSSL 1.1.0 was recently released.
It appears that GNU/Linux distributions (Debian, Ubuntu, Fedora, ...) will only
have 1.1.0 from early 2017. reSIProcate doesn't compile[1] with it.
The API is not backwards compatible, basically, they have made all the structs
opaque and provided accessor methods to manipulate them.
a) that is the reason it doesn't compile currently with many applications
b) when reSIProcate is changed for OpenSSL 1.1.0, it may not compile with 1.0.x
any more
There is a full guide[2] to porting from 1.0 to 1.1.0. It includes some
suggestions about how to create macros for backwards compatibility.
Has anybody else had any thoughts about updating to the new OpenSSL? I may be
able to make the necessary tweaks, but if I do then I probably won't create the
macros for backwards compatibility
Regards,
Daniel
1. https://release.debian.org/transitions/html/auto-openssl.html
2. https://wiki.openssl.org/index.php/1.1_API_Changes
_______________________________________________
resiprocate-devel mailing list
resiprocate-devel@xxxxxxxxxxxxxxx
https://list.resiprocate.org/mailman/listinfo/resiprocate-devel