Subject: Re: [PATCH] Using alternative OpenSSL BIO API

Re: [PATCH] Using alternative OpenSSL BIO API

From: Simon Josefsson <simon_at_josefsson.org>
Date: Wed, 02 Sep 2009 14:41:54 +0200

Alexander Lamaison <swish_at_lammy.co.uk> writes:

> A while ago I committed some changes to the way we interact with
> OpenSSL to avoid crashes on Windows. Passing FILE* arguments between
> DLLs is unsafe so I made libssh2 read the keys and pass them to
> OpenSSL as a string. In my opinion, a better way to do this is to
> pass OpenSSL the filename and allow *it* to read the keyfile. I've
> attached a patch that does this.
>
> It makes use of BIO_new_file function which is safe to use on Windows
> as the FILE* stays on the OpenSSL side of the DLL boundary. One thing
> to note is that this changes the common interface that openssl.c
> shares with libgcrypt.c. However, as this is an internal interface, I
> can't see it causing any problems.
>
> Please take a look at the patch and comment or criticise. If I hear
> nothing for a while, I'll commit.

I like it, and can test if it works for libgcrypt if you push it.

/Simon
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2009-09-02